lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <97a86550-844d-41c8-bc5e-b3b7b20ef6c9@zytor.com>
Date: Thu, 22 May 2025 17:57:31 -0700
From: Xin Li <xin@...or.com>
To: Andrew Cooper <andrew.cooper3@...rix.com>,
        Dave Hansen <dave.hansen@...el.com>, linux-kernel@...r.kernel.org
Cc: tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
        dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
        peterz@...radead.org, stable@...r.kernel.org
Subject: Re: [PATCH v2 1/1] x86/fred/signal: Prevent single-step upon ERETU
 completion

On 5/22/2025 10:53 AM, Andrew Cooper wrote:
> This was a behaviour intentionally changed in FRED so traps wouldn't get
> lost if an exception where to occur.
> 
> What precise case is triggering this?

Following is the test code:

// SPDX-License-Identifier: GPL-2.0-or-later
/*
  *  Copyright (C) 2025 Intel Corporation
  */
#define _GNU_SOURCE

#include <err.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ucontext.h>

static void sethandler(int sig, void (*handler)(int, siginfo_t *, void 
*), int flags)
{
	struct sigaction sa;

	memset(&sa, 0, sizeof(sa));
	sa.sa_sigaction = handler;
	sa.sa_flags = SA_SIGINFO | flags;
	sigemptyset(&sa.sa_mask);

	if (sigaction(sig, &sa, 0))
		err(1, "sigaction");

	return;
}

static void sigtrap(int sig, siginfo_t *info, void *ctx_void)
{
	ucontext_t *ctx = (ucontext_t *)ctx_void;
	static unsigned long last_trap_ip;
	static unsigned int loop_count_on_same_ip;

	if (last_trap_ip == ctx->uc_mcontext.gregs[REG_RIP]) {
		printf("trapped on %016lx\n", last_trap_ip);

		if (++loop_count_on_same_ip > 10) {
			printf("trap loop detected, test failed\n");
			exit(2);
		}

		return;
	}

	loop_count_on_same_ip = 0;
	last_trap_ip = ctx->uc_mcontext.gregs[REG_RIP];
	printf("trapped on %016lx\n", last_trap_ip);
}

int main(int argc, char *argv[])
{
	sethandler(SIGTRAP, sigtrap, 0);

	asm volatile("push $0x302\n\t"
		     "popf\n\t"
		     "nop\n\t"
		     "nop\n\t"
		     "push $0x202\n\t"
		     "popf\n\t");

	printf("test passed\n");
}


W/o the fix when FRED enabled, I get:
xin@...d-ubt:~$ ./lass_test
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trapped on 00000000004012fe
trap loop detected, test failed


W/ the fix when FRED enabled:
[xin@dev ~]$ ./lass_test
trapped on 00000000004012fe
trapped on 00000000004012ff
trapped on 0000000000401304
trapped on 0000000000401305
test passed

Obviously the test passes on IDT.

As Dave asked, I will integrate this test into selftests.

Thanks!
     Xin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ