From: Ingo Molnar <mingo@kernel.org>
To: Alexey Dobriyan <adobriyan@gmail.com>
Cc: tglx@linutronix.de, Peter Anvin <h.peter.anvin@intel.com>,
kernel test robot <xiaolong.ye@intel.com>,
Andrew Lutomirski <luto@kernel.org>,
Borislav Petkov <bp@alien8.de>, Brian Gerst <brgerst@gmail.com>,
Denys Vlasenko <dvlasenk@redhat.com>,
Josh Poimboeuf <jpoimboe@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Peter Anvin <hpa@zytor.com>, tipbuild@zytor.com, LKP <lkp@01.org>,
torvalds@linux-foundation.org, x86@kernel.org
Subject: Re: [PATCH v2] x86/asm: Pad assembly functions with INT3 instructions
Date: Fri, 18 May 2018 09:36:44 +0200 [thread overview]
Message-ID: <20180518073644.GA8593@gmail.com> (raw)
In-Reply-To: <20180515225845.GB21902@avx2>
* Alexey Dobriyan <adobriyan@gmail.com> wrote:
> Use INT3 instead of NOP. All that padding between functions is
> an illegal area, no legitimate code should jump into it.
>
> I've checked x86_64 allyesconfig disassembly, all changes looks sane:
> INT3 is only used after RET or unconditional JMP.
>
> On i386:
> * promote ret_from_exception into ENTRY as it has corresponding END,
> * demote "resume_userspace" -- unused,
> * delete ALIGN directive in page_fault. It is leftover from x86 assembly
> cleanups.
>
> commit d211af055d0c12dc3416c2886e6fbdc6eb74a381
> i386: get rid of the use of KPROBE_ENTRY / KPROBE_END
>
> has ALIGN directive before branch target which makes sense.
> All the code after ALIGN disappeared later.
>
> Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
> ---
>
> arch/x86/entry/entry_32.S | 6 +-----
> arch/x86/include/asm/linkage.h | 2 +-
> 2 files changed, 2 insertions(+), 6 deletions(-)
>
> --- a/arch/x86/entry/entry_32.S
> +++ b/arch/x86/entry/entry_32.S
> @@ -320,8 +320,7 @@ END(ret_from_fork)
> */
>
> # userspace resumption stub bypassing syscall exit tracing
> - ALIGN
> -ret_from_exception:
> +ENTRY(ret_from_exception)
> preempt_stop(CLBR_ANY)
> ret_from_intr:
> #ifdef CONFIG_VM86
> @@ -337,8 +336,6 @@ ret_from_intr:
> #endif
> cmpl $USER_RPL, %eax
> jb resume_kernel # not returning to v8086 or userspace
> -
> -ENTRY(resume_userspace)
> DISABLE_INTERRUPTS(CLBR_ANY)
> TRACE_IRQS_OFF
> movl %esp, %eax
> @@ -910,7 +907,6 @@ BUILD_INTERRUPT3(hv_stimer0_callback_vector, HYPERV_STIMER0_VECTOR,
> ENTRY(page_fault)
> ASM_CLAC
> pushl $do_page_fault
> - ALIGN
> jmp common_exception
> END(page_fault)
>
> --- a/arch/x86/include/asm/linkage.h
> +++ b/arch/x86/include/asm/linkage.h
> @@ -18,7 +18,7 @@
> name:
>
> #if defined(CONFIG_X86_64) || defined(CONFIG_X86_ALIGNMENT_16)
> -#define __ALIGN .p2align 4, 0x90
> +#define __ALIGN .p2align 4, 0xCC
> #define __ALIGN_STR __stringify(__ALIGN)
> #endif
So the question is, without objtool support, how will we find INT3-padding related
crash bugs on 32-bit kernels?
Thanks,
Ingo
WARNING: multiple messages have this Message-ID (diff)
From: Ingo Molnar <mingo@kernel.org>
To: lkp@lists.01.org
Subject: Re: [PATCH v2] x86/asm: Pad assembly functions with INT3 instructions
Date: Fri, 18 May 2018 09:36:44 +0200 [thread overview]
Message-ID: <20180518073644.GA8593@gmail.com> (raw)
In-Reply-To: <20180515225845.GB21902@avx2>
[-- Attachment #1: Type: text/plain, Size: 2227 bytes --]
* Alexey Dobriyan <adobriyan@gmail.com> wrote:
> Use INT3 instead of NOP. All that padding between functions is
> an illegal area, no legitimate code should jump into it.
>
> I've checked x86_64 allyesconfig disassembly, all changes looks sane:
> INT3 is only used after RET or unconditional JMP.
>
> On i386:
> * promote ret_from_exception into ENTRY as it has corresponding END,
> * demote "resume_userspace" -- unused,
> * delete ALIGN directive in page_fault. It is leftover from x86 assembly
> cleanups.
>
> commit d211af055d0c12dc3416c2886e6fbdc6eb74a381
> i386: get rid of the use of KPROBE_ENTRY / KPROBE_END
>
> has ALIGN directive before branch target which makes sense.
> All the code after ALIGN disappeared later.
>
> Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
> ---
>
> arch/x86/entry/entry_32.S | 6 +-----
> arch/x86/include/asm/linkage.h | 2 +-
> 2 files changed, 2 insertions(+), 6 deletions(-)
>
> --- a/arch/x86/entry/entry_32.S
> +++ b/arch/x86/entry/entry_32.S
> @@ -320,8 +320,7 @@ END(ret_from_fork)
> */
>
> # userspace resumption stub bypassing syscall exit tracing
> - ALIGN
> -ret_from_exception:
> +ENTRY(ret_from_exception)
> preempt_stop(CLBR_ANY)
> ret_from_intr:
> #ifdef CONFIG_VM86
> @@ -337,8 +336,6 @@ ret_from_intr:
> #endif
> cmpl $USER_RPL, %eax
> jb resume_kernel # not returning to v8086 or userspace
> -
> -ENTRY(resume_userspace)
> DISABLE_INTERRUPTS(CLBR_ANY)
> TRACE_IRQS_OFF
> movl %esp, %eax
> @@ -910,7 +907,6 @@ BUILD_INTERRUPT3(hv_stimer0_callback_vector, HYPERV_STIMER0_VECTOR,
> ENTRY(page_fault)
> ASM_CLAC
> pushl $do_page_fault
> - ALIGN
> jmp common_exception
> END(page_fault)
>
> --- a/arch/x86/include/asm/linkage.h
> +++ b/arch/x86/include/asm/linkage.h
> @@ -18,7 +18,7 @@
> name:
>
> #if defined(CONFIG_X86_64) || defined(CONFIG_X86_ALIGNMENT_16)
> -#define __ALIGN .p2align 4, 0x90
> +#define __ALIGN .p2align 4, 0xCC
> #define __ALIGN_STR __stringify(__ALIGN)
> #endif
So the question is, without objtool support, how will we find INT3-padding related
crash bugs on 32-bit kernels?
Thanks,
Ingo
next prev parent reply other threads:[~2018-05-18 7:36 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-15 8:00 [lkp-robot] [x86/asm] 51bad67ffb: int3:#[##] kernel test robot
2018-05-15 8:00 ` kernel test robot
2018-05-15 21:07 ` Alexey Dobriyan
2018-05-15 21:07 ` Alexey Dobriyan
2018-05-15 21:25 ` Anvin, H Peter
2018-05-15 21:43 ` Alexey Dobriyan
2018-05-15 21:43 ` Alexey Dobriyan
2018-05-15 22:22 ` Josh Poimboeuf
2018-05-15 22:22 ` Josh Poimboeuf
2018-05-15 22:26 ` Thomas Gleixner
2018-05-15 22:26 ` Thomas Gleixner
2018-05-15 22:28 ` Linus Torvalds
2018-05-15 22:28 ` Linus Torvalds
2018-05-15 22:43 ` Josh Poimboeuf
2018-05-15 22:43 ` Josh Poimboeuf
2018-05-15 22:52 ` Linus Torvalds
2018-05-15 22:52 ` Linus Torvalds
2018-05-15 23:05 ` Linus Torvalds
2018-05-15 23:05 ` Linus Torvalds
2018-05-16 3:30 ` Josh Poimboeuf
2018-05-16 3:30 ` Josh Poimboeuf
2018-05-17 13:49 ` [PATCH] objtool: Detect assembly code falling through to INT3 padding Josh Poimboeuf
2018-05-17 13:49 ` Josh Poimboeuf
2018-05-17 14:01 ` Peter Zijlstra
2018-05-17 14:01 ` Peter Zijlstra
2018-05-18 7:24 ` Ingo Molnar
2018-05-18 7:24 ` Ingo Molnar
2018-05-18 7:18 ` Ingo Molnar
2018-05-18 7:18 ` Ingo Molnar
2018-05-18 7:27 ` H. Peter Anvin
2018-05-18 16:06 ` Borislav Petkov
2018-05-18 16:06 ` Borislav Petkov
2018-05-18 7:27 ` Ingo Molnar
2018-05-18 7:27 ` Ingo Molnar
2018-05-18 17:51 ` Alexey Dobriyan
2018-05-18 17:51 ` Alexey Dobriyan
2018-05-19 8:18 ` hpa
2018-05-19 7:00 ` "interesting" entry in hibernation code was Re: [lkp-robot] [x86/asm] 51bad67ffb: int3:#[##] Pavel Machek
2018-05-19 7:00 ` Pavel Machek
2018-05-19 8:35 ` Rafael J. Wysocki
2018-05-19 8:35 ` Rafael J. Wysocki
2018-05-18 7:15 ` Ingo Molnar
2018-05-18 7:15 ` Ingo Molnar
2018-05-15 22:25 ` Thomas Gleixner
2018-05-15 22:25 ` Thomas Gleixner
2018-05-15 22:29 ` Andy Lutomirski
2018-05-15 22:29 ` Andy Lutomirski
2018-05-15 22:27 ` Linus Torvalds
2018-05-15 22:27 ` Linus Torvalds
2018-05-15 22:50 ` Alexey Dobriyan
2018-05-15 22:50 ` Alexey Dobriyan
2018-05-15 22:58 ` [PATCH v2] x86/asm: Pad assembly functions with INT3 instructions Alexey Dobriyan
2018-05-15 22:58 ` Alexey Dobriyan
2018-05-15 23:28 ` Linus Torvalds
2018-05-15 23:28 ` Linus Torvalds
2018-05-18 7:36 ` Ingo Molnar [this message]
2018-05-18 7:36 ` Ingo Molnar
2018-05-18 13:02 ` Josh Poimboeuf
2018-05-18 13:02 ` Josh Poimboeuf
2018-05-18 17:34 ` Alexey Dobriyan
2018-05-18 17:34 ` Alexey Dobriyan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180518073644.GA8593@gmail.com \
--to=mingo@kernel.org \
--cc=adobriyan@gmail.com \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=dvlasenk@redhat.com \
--cc=h.peter.anvin@intel.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lkp@01.org \
--cc=luto@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=tipbuild@zytor.com \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
--cc=xiaolong.ye@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.