| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230210213053.fscxeamu7h56mjaj@treble>
Date: Fri, 10 Feb 2023 13:30:53 -0800
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: Chen Zhongjin <chenzhongjin@...wei.com>
Cc: linux-kernel@...r.kernel.org, peterz@...radead.org,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com
Subject: Re: [PATCH] x86/unwind/orc: Fix unwind ip when kprobes hits push/pop
On Thu, Dec 01, 2022 at 04:53:11PM +0800, Chen Zhongjin wrote:
> When unwind stack at asm_exc_int3, the orc type is UNWIND_HINT_TYPE_REGS
> and the unwinder will use pt_regs->ip to find next orc, which point to
> the probed insn + INT3_INSN_SIZE.
>
> If the probed insn is push/pop, it will point to the next insn which has
> different orc state. Before the probed insn has been really excuted in
> single step, using next insn ip to find orc will get a wrong unwinding
> result.
>
> So, when there is kprobe running and the previous op code is int3,
> state->signal should be false so that ip - 1 will be used to find next
> orc, until the probed push/pop has been single steped and kprobe set
> kprobe_status as KPROBE_HIT_SSDONE.
>
> Fixes: ee9f8fce9964 ("x86/unwind: Add the ORC unwinder")
> Signed-off-by: Chen Zhongjin <chenzhongjin@...wei.com>
Hi Chen,
Thanks for reporting this, and sorry for the delay. I would rather fix
this in a more general way, by specifying 'signal' (or lack thereof) in
the ORC data. I will work up a patch.
--
Josh
Powered by blists - more mailing lists