From: Thomas Gleixner <tglx@linutronix.de>
To: Gregory Price <gregory.price@memverge.com>
Cc: Gregory Price <gourry.memverge@gmail.com>,
linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
oleg@redhat.com, avagin@gmail.com, peterz@infradead.org,
luto@kernel.org, krisman@collabora.com, corbet@lwn.net,
shuah@kernel.org, Mark Rutland <mark.rutland@arm.com>,
Will Deacon <will@kernel.org>
Subject: Re: [PATCH v13 1/3] syscall_user_dispatch: helper function to operate on given task
Date: Tue, 21 Mar 2023 20:46:26 +0100 [thread overview]
Message-ID: <87a605anvx.ffs@tglx> (raw)
In-Reply-To: <ZBnhmtvlenY15P32@memverge.com>
On Tue, Mar 21 2023 at 12:55, Gregory Price wrote:
> On Tue, Mar 21, 2023 at 04:41:37PM +0100, Thomas Gleixner wrote:
>> On Wed, Mar 01 2023 at 15:58, Gregory Price wrote:
>> > +static int task_set_syscall_user_dispatch(struct task_struct *task, unsigned long mode,
>> > + unsigned long offset, unsigned long len,
>> > + char __user *selector)
>> > {
>> > switch (mode) {
>> > case PR_SYS_DISPATCH_OFF:
>> ...
>>
>> case PR_SYS_DISPATCH_ON:
>> if (selector && !access_ok(selector, sizeof(*selector)))
>> return -EFAULT;
>>
>> I'm not seing how this can work on ARM64 when user pointer tagging is
>> enabled in the tracee, but not in the tracer. In such a case, if the
>> pointer is tagged, access_ok() will fail because access_ok() wont untag
>> it.
>
> I see that untagged_addr(x) is available to clear tags, I don't see an
> immediate issues with converting to:
>
> !access_ok(untagged_addr(selector), sizeof(*selector))
If this would be correct, then access_ok() on arm64 would
unconditionally untag the checked address, but it does not. Simply
because untagging is only valid if the task enabled pointer tagging. If
it didn't a tagged pointer is obviously invalid.
Why would ptrace make this suddenly valid?
Just because it's in the way of what you want to achieve is not a really
sufficient justification.
Thanks,
tglx
next prev parent reply other threads:[~2023-03-21 19:47 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-01 20:58 [PATCH v13 0/3] Checkpoint Support for Syscall User Dispatch Gregory Price
2023-03-01 20:58 ` [PATCH v13 1/3] syscall_user_dispatch: helper function to operate on given task Gregory Price
2023-03-06 18:04 ` Oleg Nesterov
2023-03-21 15:41 ` Thomas Gleixner
2023-03-21 16:55 ` Gregory Price
2023-03-21 19:46 ` Thomas Gleixner [this message]
2023-03-21 21:12 ` Gregory Price
2023-03-01 20:58 ` [PATCH v13 2/3] ptrace,syscall_user_dispatch: checkpoint/restore support for SUD Gregory Price
2023-03-01 22:08 ` [lkp] [+258 bytes kernel size regression] [i386-tinyconfig] [39a1aa674d] " kernel test robot
2023-03-06 18:04 ` [PATCH v13 2/3] " Oleg Nesterov
2023-03-01 20:58 ` [PATCH v13 3/3] selftest,ptrace: Add selftest for syscall user dispatch config api Gregory Price
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a605anvx.ffs@tglx \
--to=tglx@linutronix.de \
--cc=avagin@gmail.com \
--cc=corbet@lwn.net \
--cc=gourry.memverge@gmail.com \
--cc=gregory.price@memverge.com \
--cc=krisman@collabora.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mark.rutland@arm.com \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=shuah@kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.