lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5966a572-f69b-404d-b632-9b29f52656b0@linux.alibaba.com>
Date: Sat, 8 Mar 2025 19:25:55 +0800
From: Shuai Xue <xueshuai@...ux.alibaba.com>
To: Borislav Petkov <bp@...en8.de>
Cc: tony.luck@...el.com, peterz@...radead.org, catalin.marinas@....com,
 yazen.ghannam@....com, akpm@...ux-foundation.org, linmiaohe@...wei.com,
 nao.horiguchi@...il.com, tglx@...utronix.de, mingo@...hat.com,
 dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
 jpoimboe@...nel.org, linux-edac@...r.kernel.org,
 linux-kernel@...r.kernel.org, linux-mm@...ck.org,
 baolin.wang@...ux.alibaba.com, tianruidong@...ux.alibaba.com
Subject: Re: [PATCH v4 1/3] x86/mce: Use is_copy_from_user() to determine
 copy-from-user context



在 2025/3/8 04:40, Borislav Petkov 写道:
> On Fri, Mar 07, 2025 at 01:44:02PM +0800, Shuai Xue wrote:
>> Commit 4c132d1d844a ("x86/futex: Remove .fixup usage") introduced a new
>> extable fixup type, EX_TYPE_EFAULT_REG, and commit 4c132d1d844a
>> ("x86/futex: Remove .fixup usage") updated the extable fixup type for
>> copy-from-user operations, changing it from EX_TYPE_UACCESS to
>> EX_TYPE_EFAULT_REG. The error context for copy-from-user operations no
>> longer functions as an in-kernel recovery context. Consequently, the error
>> context for copy-from-user operations no longer functions as an in-kernel
>> recovery context, resulting in kernel panics with the message: "Machine
>> check: Data load in unrecoverable area of kernel."
>>
>> The critical aspect is identifying whether the error context involves a
>> read from user memory. We do not care about the ex-type if we know its a
> 
> Please use passive voice in your commit message: no "we" or "I", etc,
> and describe your changes in imperative mood.
> 
> Also, pls read section "2) Describe your changes" in
> Documentation/process/submitting-patches.rst for more details.
> 
> Also, see section "Changelog" in
> Documentation/process/maintainer-tip.rst
> 
> Bottom line is: personal pronouns are ambiguous in text, especially with
> so many parties/companies/etc developing the kernel so let's avoid them
> please.
> 
> "ex-type"?
> 
> Please write in plain English - not in a programming language.
> 
>> MOV reading from userspace. is_copy_from_user() return true when both of
>> the following conditions are met:
>>
>>      - the current instruction is copy
> 
> There is no "copy instruction". You mean the "current operation".
> 
>>      - source address is user memory
> 
> So you can simply say "when reading user memory". Simple.
>>
>> So, use is_copy_from_user() to determin if a context is copy user directly.
> 
> Unknown word [determin] in commit message.
> Suggestions: ['determine',
> 
> Please introduce a spellchecker into your patch creation workflow.
> 
> Also, run your commit messages through AI to correct the grammar and
> formulations in them.

Certainly, thank you for bringing that to my attention.
I will refine the commit log accordingly.

> 
> The more important part which I asked for already is, is is_copy_from_user()
> exhaustive in determining the that the operation really is a copy from user?
> 
> The EX_TYPE_UACCESS things *explicitly* marked such places in the code. Does
> is_copy_from_user() guarantee the same, without false positives?
> 

Following your discussion with Tony, it seems that we have reached a conclusion.

Thanks.
Best Regards,
Shuai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ