lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <bd9bac99-208c-426d-b828-e23188d93226@linux.ibm.com>
Date: Fri, 17 Oct 2025 17:47:26 +0200
From: Jens Remus <jremus@...ux.ibm.com>
To: Peter Zijlstra <peterz@...radead.org>, jpoimboe@...nel.org,
        rostedt@...nel.org, Josh Poimboeuf <jpoimboe@...nel.org>,
        Indu Bhagat <indu.bhagat@...cle.com>
Cc: linux-kernel@...r.kernel.org, Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>
Subject: Re: [PATCH 11/12] unwind: Implement compat fp unwind

Hello Peter, Steve, Josh, and Indu,

while rebasing the unwind user sframe series on top of this series and
https://lore.kernel.org/linux-trace-kernel/20251007214008.080852573@kernel.org/
I ran into the following issue:

On 9/24/2025 9:59 AM, Peter Zijlstra wrote:

> --- a/include/linux/unwind_user_types.h
> +++ b/include/linux/unwind_user_types.h
> @@ -36,6 +36,7 @@ struct unwind_user_state {
>  	unsigned long				ip;
>  	unsigned long				sp;
>  	unsigned long				fp;
> +	unsigned int				ws;

Factoring out the word size (ws) from the CFA, FP, and RA offsets is
clever.  Wondering though whether that would be an issue for unwind user
sframe.  Do all architectures guarantee that those offsets are aligned
to the native word size?

>  	enum unwind_user_type			current_type;
>  	unsigned int				available_types;
>  	bool					done;

> --- a/kernel/unwind/user.c
> +++ b/kernel/unwind/user.c

> @@ -29,21 +44,21 @@ static int unwind_user_next_fp(struct un
>  	}
>  
>  	/* Get the Canonical Frame Address (CFA) */
> -	cfa += frame->cfa_off;
> +	cfa += state->ws * frame->cfa_off;

In SFrame the CFA, FP, and RA offsets are unscaled.  Would it be ok, if
unwind user sframe would factor state->ws from those offset values?  What
if they were not aligned?  unwind user sframe would then have to fail.

@Indu: Thought from a SFrame perspective?

>  
>  	/* stack going in wrong direction? */
>  	if (cfa <= state->sp)
>  		return -EINVAL;
>  
>  	/* Make sure that the address is word aligned */
> -	if (cfa & (sizeof(long) - 1))
> +	if (cfa & (state->ws - 1))
>  		return -EINVAL;

Alternatively using a state->ws of 1 in uwind user sframe would defeat
this alignment check.

>  
>  	/* Find the Return Address (RA) */
> -	if (get_user(ra, (unsigned long *)(cfa + frame->ra_off)))
> +	if (get_user_word(&ra, cfa, frame->ra_off, state->ws))
>  		return -EINVAL;
>  
> -	if (frame->fp_off && get_user(fp, (unsigned long __user *)(cfa + frame->fp_off)))
> +	if (frame->fp_off && get_user_word(&fp, cfa, frame->fp_off, state->ws))
>  		return -EINVAL;
>  
>  	state->ip = ra;
> @@ -100,6 +115,7 @@ static int unwind_user_start(struct unwi
>  	state->ip = instruction_pointer(regs);
>  	state->sp = user_stack_pointer(regs);
>  	state->fp = frame_pointer(regs);
> +	state->ws = compat_user_mode(regs) ? sizeof(int) : sizeof(long);
>  
>  	return 0;
>  }
Thanks and regards,
Jens
-- 
Jens Remus
Linux on Z Development (D3303)
+49-7031-16-1128 Office
jremus@...ibm.com

IBM

IBM Deutschland Research & Development GmbH; Vorsitzender des Aufsichtsrats: Wolfgang Wendt; Geschäftsführung: David Faller; Sitz der Gesellschaft: Böblingen; Registergericht: Amtsgericht Stuttgart, HRB 243294
IBM Data Privacy Statement: https://www.ibm.com/privacy/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ