lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2dfdc293-beef-4a67-8173-00697d1fcc8c@linux.ibm.com>
Date: Thu, 5 Jun 2025 12:21:53 +0200
From: Christian Borntraeger <borntraeger@...ux.ibm.com>
To: Heiko Carstens <hca@...ux.ibm.com>
Cc: Alexander Gordeev <agordeev@...ux.ibm.com>,
        Claudio Imbrenda <imbrenda@...ux.ibm.com>,
        Janosch Frank <frankja@...ux.ibm.com>,
        David Hildenbrand <david@...hat.com>,
        Sven Schnelle <svens@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>,
        kvm@...r.kernel.org, linux-s390@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] s390/mm: Fix in_atomic() handling in
 do_secure_storage_access()



Am 05.06.25 um 12:07 schrieb Heiko Carstens:
> On Thu, Jun 05, 2025 at 11:06:29AM +0200, Christian Borntraeger wrote:
>> Am 05.06.25 um 11:04 schrieb Alexander Gordeev:
>>> On Wed, Jun 04, 2025 at 07:40:43PM +0200, Claudio Imbrenda wrote:
>>>>>>> This could trigger WARN_ON_ONCE() in handle_fault_error_nolock():
>>>>>>>
>>>>>>> 		if (WARN_ON_ONCE(!si_code))
>>>>>>> 			si_code = SEGV_MAPERR;
>>>>>>>
>>>>>>> Would this warning be justified in this case (aka user_mode(regs) ==
>>>>>>> true)?
>>>>>>
>>>>>> I think so, because if we are in usermode, we should never trigger
>>>>>> faulthandler_disabled()
>>>>>
>>>>> I think I do not get you. We are in a system call and also in_atomic(),
>>>>> so faulthandler_disabled() is true and handle_fault_error_nolock(regs, 0)
>>>>> is called (above).
>>>>
>>>> what is the psw in regs?
>>>> is it not the one that was being used when the exception was triggered?
>>>
>>> Hmm, right. I assume is_kernel_fault() returns false not because
>>> user_mode(regs) is true, but because we access the secondary AS.
>>>
>>> Still, to me it feels wrong to trigger that warning due to a user
>>> process activity. But anyway:
>>>
>>> Acked-by: Alexander Gordeev <agordeev@...ux.ibm.com>
>>
>> Can we trigger a WARN from userspace?
> 
> No. If the warning triggers, then this indicates a bug in the kernel (exit to
> user with faulthandler_disabled() == true). I managed to screw up the kernel
> exactly with such a bug. See commit 588a9836a4ef ("s390/stacktrace: Use break
> instead of return statement"), which lead to random unexplainable user space
> crashes.

Ok, then this makes a lot of sense to WARN.

Acked-by: Christian Borntraeger <borntraeger@...ux.ibm.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ