| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 10 Jul 2023 10:01:52 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Guo Ren <guoren@...nel.org>
Cc: arnd@...db.de, palmer@...osinc.com, tglx@...utronix.de,
luto@...nel.org, conor.dooley@...rochip.com, heiko@...ech.de,
jszhang@...nel.org, lazyparser@...il.com, falcon@...ylab.org,
chenhuacai@...nel.org, apatel@...tanamicro.com,
atishp@...shpatra.org, mark.rutland@....com, bjorn@...nel.org,
palmer@...belt.com, bjorn@...osinc.com, daniel.thompson@...aro.org,
linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-riscv@...ts.infradead.org, stable@...r.kernel.org,
Guo Ren <guoren@...ux.alibaba.com>
Subject: Re: [PATCH] riscv: entry: Fixup do_trap_break from kernel side
On Sun, Jul 09, 2023 at 10:30:22AM +0800, Guo Ren wrote:
> On Wed, Jul 5, 2023 at 12:40 AM Peter Zijlstra <peterz@...radead.org> wrote:
> >
> > On Sat, Jul 01, 2023 at 10:57:07PM -0400, guoren@...nel.org wrote:
> > > From: Guo Ren <guoren@...ux.alibaba.com>
> > >
> > > The irqentry_nmi_enter/exit would force the current context into in_interrupt.
> > > That would trigger the kernel to dead panic, but the kdb still needs "ebreak" to
> > > debug the kernel.
> > >
> > > Move irqentry_nmi_enter/exit to exception_enter/exit could correct handle_break
> > > of the kernel side.
> >
> > This doesn't explain much if anything :/
> >
> > I'm confused (probably because I don't know RISC-V very well), what's
> > EBREAK and how does it happen?
> EBREAK is just an instruction of riscv which would rise breakpoint exception.
>
>
> >
> > Specifically, if EBREAK can happen inside an local_irq_disable() region,
> > then the below change is actively wrong. Any exception/interrupt that
> > can happen while local_irq_disable() must be treated like an NMI.
> When the ebreak happend out of local_irq_disable region, but
> __nmi_enter forces handle_break() into in_interupt() state. So how
And why is that a problem? I think I'm missing something fundamental
here...
> about:
>
> diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
> index f910dfccbf5d..69f7043a98b9 100644
> --- a/arch/riscv/kernel/traps.c
> +++ b/arch/riscv/kernel/traps.c
> @@ -18,6 +18,7 @@
> #include <linux/irq.h>
> #include <linux/kexec.h>
> #include <linux/entry-common.h>
> +#include <linux/context_tracking.h>
>
> #include <asm/asm-prototypes.h>
> #include <asm/bug.h>
> @@ -285,12 +286,18 @@ asmlinkage __visible __trap_section void
> do_trap_break(struct pt_regs *regs)
> handle_break(regs);
>
> irqentry_exit_to_user_mode(regs);
> - } else {
> + } else if (in_interrupt()){
> irqentry_state_t state = irqentry_nmi_enter(regs);
>
> handle_break(regs);
>
> irqentry_nmi_exit(regs, state);
> + } else {
> + enum ctx_state prev_state = exception_enter();
> +
> + handle_break(regs);
> +
> + exception_exit(prev_state);
> }
> }
That's wrong. If you want to make it conditional, you have to look at
!(regs->status & SR_IE) (that's the interrupt enable flag of the
interrupted context, right?)
When you hit an EBREAK when IRQs were disabled, you must be NMI like.
But making it conditional like this makes it really hard to write a
handler though, it basically must assume it will be NMI contetx (because
it can't know) so there is no point in sometimes not doing NMI context.
Powered by blists - more mailing lists