lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Feb 2023 14:06:47 +0800
From:   Guo Ren <guoren@...nel.org>
To:     Björn Töpel <bjorn@...nel.org>
Cc:     palmer@...belt.com, paul.walmsley@...ive.com, mhiramat@...nel.org,
        conor.dooley@...rochip.com, penberg@...nel.org,
        mark.rutland@....com, liaochang <liaochang1@...wei.com>,
        linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
        Guo Ren <guoren@...ux.alibaba.com>
Subject: Re: [PATCH] riscv: kprobe: Fixup kernel panic when probing an illegal position

On Wed, Feb 1, 2023 at 5:30 PM Björn Töpel <bjorn@...nel.org> wrote:
>
> Guo Ren <guoren@...nel.org> writes:
>
> >> > +     if (!arch_check_kprobe(p))
> >> > +             return -EILSEQ;
> >> > +
> >> >       /* copy instruction */
> >> >       p->opcode = *p->addr;
> >>
> >> Not related to your patch, but this can also trigger a misaligned load.
> > After rereading the spec, misaligned load/store is not mandatory
> > supported. (Although my machines and qemu are correct)
>
> Yes. It would be great if it could be turned on by QEMU (you can with
> Spike).
>
> > So I need fixup:
> >
> > diff --git a/arch/riscv/kernel/probes/kprobes.c
> > b/arch/riscv/kernel/probes/kprobes.c
> > index 27f8960c321c..0c016d496746 100644
> > --- a/arch/riscv/kernel/probes/kprobes.c
> > +++ b/arch/riscv/kernel/probes/kprobes.c
> > @@ -58,12 +58,14 @@ static bool __kprobes arch_check_kprobe(struct kprobe *p)
> >  {
> >         unsigned long tmp  = (unsigned long)p->addr - p->offset;
> >         unsigned long addr = (unsigned long)p->addr;
> > +       kprobe_opcode_t opcode;
> >
> >         while (tmp <= addr) {
> >                 if (tmp == addr)
> >                         return true;
> >
> > -               tmp += GET_INSN_LENGTH(*(kprobe_opcode_t *)tmp);
> > +               memcpy(&opcode, (void *)tmp, sizeof(kprobe_opcode_t));
> > +               tmp += GET_INSN_LENGTH(opcode);
>
> I'd prefer sizeof(opcode).
prefer sizeof(opcode) = 4

GET_INSN_LENGTH(opcode) returns 2 or 4;


>
> >         }
> >
> >         return false;
> > @@ -80,7 +82,7 @@ int __kprobes arch_prepare_kprobe(struct kprobe *p)
> >                 return -EILSEQ;
> >
> >         /* copy instruction */
> > -       p->opcode = *p->addr;
> > +       memcpy(&p->opcode, p->addr, sizeof(kprobe_opcode_t));
>
> Same comment as above, and this would ideally be a separate patch.
Yes

>
>
> Björn



-- 
Best Regards
 Guo Ren

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ