| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 Apr 2022 15:41:09 +0800
From: Tong Tiangen <tongtiangen@...wei.com>
To: Robin Murphy <robin.murphy@....com>,
Mark Rutland <mark.rutland@....com>,
James Morse <james.morse@....com>,
Andrew Morton <akpm@...ux-foundation.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>, <x86@...nel.org>,
"H . Peter Anvin" <hpa@...or.com>
CC: <linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>, <linux-mm@...ck.org>,
Kefeng Wang <wangkefeng.wang@...wei.com>,
Xie XiuQi <xiexiuqi@...wei.com>
Subject: Re: [RFC PATCH -next V3 4/6] arm64: add copy_{to, from}_user to
machine check safe
在 2022/4/13 1:17, Robin Murphy 写道:
> On 12/04/2022 6:08 pm, Robin Murphy wrote:
> [...]
>>> @@ -62,7 +63,11 @@ SYM_FUNC_START(__arch_copy_from_user)
>>> ret
>>> // Exception fixups
>>> -9997: cmp dst, dstin
>>> +9997: mrs esr, esr_el1 // Check exception first
>>> + and esr, esr, #ESR_ELx_FSC
>>> + cmp esr, #ESR_ELx_FSC_EXTABT
>>
>> Should we be checking EC to make sure it's a data abort - and thus FSC
>> is valid - in the first place? I'm a little fuzzy on all the possible
>> paths into fixup_exception(), and it's not entirely obvious whether
>> this is actually safe or not.
>
> In fact, thinking some more about that, I don't think there should be
> any need for this sort of logic in these handlers at all. The
> fixup_exception() machinery should already know enough about the
> exception that's happened and the extable entry to figure this out and
> not bother calling the handler at all.
>
> Thanks,
> Robin.
> .
Hi Robin:
As you said, it seems that it's not good to judge esr here, how about
using the following method, i need your suggestion :)
+#define FIXUP_TYPE_NORMAL 0
+#define FIXUP_TYPE_MC 1
arch/arm64/mm/extable.c
static bool ex_handler_fixup(const struct exception_table_entry *ex,
- struct pt_regs *regs)
+ struct pt_regs *regs, int fixuptype)
{
+ regs->regs[16] = fixuptype;
[...]
}
bool fixup_exception(struct pt_regs *regs)
{
[...]
switch(ex->type) {
case EX_TYPE_UACCESS_MC:
- return ex_handler_fixup(ex, regs)
+ return ex_handler_fixup(ex, regs, FIXUP_TYPE_NORMAL)
break;
}
[...]
}
bool fixup_exception_mc(struct pt_regs *regs)
{
[...]
switch(ex->type) {
case EX_TYPE_UACCESS_MC:
- return ex_handler_fixup(ex, regs)
+ return ex_handler_fixup(ex, regs, FIXUP_TYPE_MC)
break;
}
[...]
}
arch/arm64/lib/copy_from_user.S
arch/arm64/lib/copy_to_user.S
+fixup_type .req x16
// Exception fixups
//x16: fixup type written by ex_handler_fixup
-9997: cmp dst, dstin
+9997: cmp fixup_type, #FIXUP_TYPE_MC
+ b.eq 9998f
+ cmp dst, dstin
b.ne 9998f
Thanks,
Tong.
Powered by blists - more mailing lists