lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMj1kXEj7-PadFJ57uYUTC_TCicX6E56rSiEF8Rr9_vH_G8PoA@mail.gmail.com>
Date: Tue, 31 Dec 2024 20:29:17 +0100
From: Ard Biesheuvel <ardb@...nel.org>
To: Borislav Petkov <bp@...en8.de>, Nathan Chancellor <nathan@...nel.org>, 
	clang-built-linux <llvm@...ts.linux.dev>
Cc: Ard Biesheuvel <ardb+git@...gle.com>, linux-kernel@...r.kernel.org, x86@...nel.org, 
	Tom Lendacky <thomas.lendacky@....com>, Thomas Gleixner <tglx@...utronix.de>, 
	Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, 
	Andy Lutomirski <luto@...nel.org>, Arnd Bergmann <arnd@...db.de>, Kees Cook <keescook@...omium.org>, 
	Brian Gerst <brgerst@...il.com>, Kevin Loughlin <kevinloughlin@...gle.com>, 
	linux-toolchains@...r.kernel.org
Subject: Re: [PATCH v4 0/7] x86: Rid .head.text of all abs references

(cc Nathan)

On Tue, 31 Dec 2024 at 11:35, Borislav Petkov <bp@...en8.de> wrote:
>
> On Tue, Dec 31, 2024 at 11:12:55AM +0100, Ard Biesheuvel wrote:
> > I'll look into this asap, i.e., in a couple of days.
>
> :-P
>
> Thanks!
>

I had a quick look, and managed to reproduce it with Clang 14 but not
with Clang 18.

It looks like UBSAN is emitting some instrumentation here, in spite of
the __no_sanitize_undefined annotation (via __head) on
pvalidate_4k_page():

arch/x86/coco/sev/core.o:

0000000000000a00 <pvalidate_4k_page>:
 ...
 b72:   40 88 de                mov    %bl,%sil
 b75:   48 c7 c7 00 00 00 00    mov    $0x0,%rdi
        b78: R_X86_64_32S       .data+0xb0
 b7c:   e8 00 00 00 00          callq  b81 <pvalidate_4k_page+0x181>
        b7d: R_X86_64_PLT32     __ubsan_handle_load_invalid_value-0x4

So as far as this series is concerned, things are working correctly,
and an absolute reference to .data is being flagged in code that may
execute before the absolute address in question is even mapped.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ