All of lore.kernel.org
 help / color / mirror / Atom feed
From: Peter Zijlstra <peterz@infradead.org>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: David Hildenbrand <david@redhat.com>,
	Peter Collingbourne <pcc@google.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	Juri Lelli <juri.lelli@redhat.com>,
	Vincent Guittot <vincent.guittot@linaro.org>,
	Dietmar Eggemann <dietmar.eggemann@arm.com>,
	Ben Segall <bsegall@google.com>, Mel Gorman <mgorman@suse.de>,
	Daniel Bristot de Oliveira <bristot@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Andy Lutomirski <luto@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Masahiro Yamada <masahiroy@kernel.org>,
	Sami Tolvanen <samitolvanen@google.com>,
	YiFei Zhu <yifeifz2@illinois.edu>,
	Colin Ian King <colin.king@canonical.com>,
	Mark Rutland <mark.rutland@arm.com>,
	Frederic Weisbecker <frederic@kernel.org>,
	Viresh Kumar <viresh.kumar@linaro.org>,
	Andrey Konovalov <andreyknvl@gmail.com>,
	Gabriel Krisman Bertazi <krisman@collabora.com>,
	Balbir Singh <sblbir@amazon.com>,
	Chris Hyser <chris.hyser@oracle.com>,
	Daniel Vetter <daniel.vetter@ffwll.ch>,
	Chris Wilson <chris@chris-wilson.co.uk>,
	Arnd Bergmann <arnd@arndb.de>, Dmitry Vyukov <dvyukov@google.com>,
	Christian Brauner <christian.brauner@ubuntu.com>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Alexey Gladkov <legion@kernel.org>,
	Ran Xiaokai <ran.xiaokai@zte.com.cn>,
	Xiaofeng Cao <caoxiaofeng@yulong.com>,
	Cyrill Gorcunov <gorcunov@gmail.com>,
	Thomas Cedeno <thomascedeno@google.com>,
	Marco Elver <elver@google.com>,
	Alexander Potapenko <glider@google.com>,
	linux-kernel@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org,
	Evgenii Stepanov <eugenis@google.com>
Subject: Re: [PATCH] kernel: introduce prctl(PR_LOG_UACCESS)
Date: Wed, 22 Sep 2021 21:53:07 +0200	[thread overview]
Message-ID: <YUuJo7IfS4x0iLfX@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20210922152250.4e7c869a@gandalf.local.home>

On Wed, Sep 22, 2021 at 03:22:50PM -0400, Steven Rostedt wrote:
> On Wed, 22 Sep 2021 19:46:47 +0200
> David Hildenbrand <david@redhat.com> wrote:
> 
> > > All signals except SIGKILL and SIGSTOP are masked for the interval
> > > between the prctl() and the next syscall in order to prevent handlers
> > > for intervening asynchronous signals from issuing syscalls that may
> > > cause uaccesses from the wrong syscall to be logged.  
> > 
> > Stupid question: can this be exploited from user space to effectively 
> > disable SIGKILL for a long time ... and do we care?
> 
> I first misread it too, but then caught my mistake reading it a second
> time. It says "except SIGKILL". So no, it does not disable SIGKILL.

Disabling SIGINT might already be a giant nuisance. Letting through
SIGSTOP but not SIGCONT seems awkward. Blocking SIGTRAP seems like a bad
idea too. Blocking SIGBUS as delivered by #MC will be hillarious.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel

WARNING: multiple messages have this Message-ID (diff)
From: Peter Zijlstra <peterz@infradead.org>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: David Hildenbrand <david@redhat.com>,
	Peter Collingbourne <pcc@google.com>,
	Catalin Marinas <catalin.marinas@arm.com>,
	Will Deacon <will@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	Juri Lelli <juri.lelli@redhat.com>,
	Vincent Guittot <vincent.guittot@linaro.org>,
	Dietmar Eggemann <dietmar.eggemann@arm.com>,
	Ben Segall <bsegall@google.com>, Mel Gorman <mgorman@suse.de>,
	Daniel Bristot de Oliveira <bristot@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Andy Lutomirski <luto@kernel.org>,
	Kees Cook <keescook@chromium.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Masahiro Yamada <masahiroy@kernel.org>,
	Sami Tolvanen <samitolvanen@google.com>,
	YiFei Zhu <yifeifz2@illinois.edu>,
	Colin Ian King <colin.king@canonical.com>,
	Mark Rutland <mark.rutland@arm.com>,
	Frederic Weisbecker <frederic@kernel.org>,
	Viresh Kumar <viresh.kumar@linaro.org>,
	Andrey Konovalov <andreyknvl@gmail.com>,
	Gabriel Krisman Bertazi <krisman@collabora.com>,
	Balbir Singh <sblbir@amazon.com>,
	Chris Hyser <chris.hyser@oracle.com>,
	Daniel Vetter <daniel.vetter@ffwll.ch>,
	Chris Wilson <chris@chris-wilson.co.uk>,
	Arnd Bergmann <arnd@arndb.de>, Dmitry Vyukov <dvyukov@google.com>,
	Christian Brauner <christian.brauner@ubuntu.com>,
	"Eric W. Biederman" <ebiederm@xmission.com>,
	Alexey Gladkov <legion@kernel.org>,
	Ran Xiaokai <ran.xiaokai@zte.com.cn>,
	Xiaofeng Cao <caoxiaofeng@yulong.com>,
	Cyrill Gorcunov <gorcunov@gmail.com>,
	Thomas Cedeno <thomascedeno@google.com>,
	Marco Elver <elver@google.com>,
	Alexander Potapenko <glider@google.com>,
	linux-kernel@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org,
	Evgenii Stepanov <eugenis@google.com>
Subject: Re: [PATCH] kernel: introduce prctl(PR_LOG_UACCESS)
Date: Wed, 22 Sep 2021 21:53:07 +0200	[thread overview]
Message-ID: <YUuJo7IfS4x0iLfX@hirez.programming.kicks-ass.net> (raw)
In-Reply-To: <20210922152250.4e7c869a@gandalf.local.home>

On Wed, Sep 22, 2021 at 03:22:50PM -0400, Steven Rostedt wrote:
> On Wed, 22 Sep 2021 19:46:47 +0200
> David Hildenbrand <david@redhat.com> wrote:
> 
> > > All signals except SIGKILL and SIGSTOP are masked for the interval
> > > between the prctl() and the next syscall in order to prevent handlers
> > > for intervening asynchronous signals from issuing syscalls that may
> > > cause uaccesses from the wrong syscall to be logged.  
> > 
> > Stupid question: can this be exploited from user space to effectively 
> > disable SIGKILL for a long time ... and do we care?
> 
> I first misread it too, but then caught my mistake reading it a second
> time. It says "except SIGKILL". So no, it does not disable SIGKILL.

Disabling SIGINT might already be a giant nuisance. Letting through
SIGSTOP but not SIGCONT seems awkward. Blocking SIGTRAP seems like a bad
idea too. Blocking SIGBUS as delivered by #MC will be hillarious.

  reply	other threads:[~2021-09-22 19:56 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-22  6:18 [PATCH] kernel: introduce prctl(PR_LOG_UACCESS) Peter Collingbourne
2021-09-22  6:18 ` Peter Collingbourne
2021-09-22  6:30 ` Cyrill Gorcunov
2021-09-22  6:30   ` Cyrill Gorcunov
2021-11-23  5:17   ` Peter Collingbourne
2021-11-23  5:17     ` Peter Collingbourne
2021-09-22 10:44 ` Marco Elver
2021-09-22 10:44   ` Marco Elver
2021-11-23  5:17   ` Peter Collingbourne
2021-11-23  5:17     ` Peter Collingbourne
2021-09-22 13:45 ` Dmitry Vyukov
2021-09-22 13:45   ` Dmitry Vyukov
2021-09-22 22:30   ` Peter Collingbourne
2021-09-22 22:30     ` Peter Collingbourne
2021-09-22 14:23 ` Eric W. Biederman
2021-09-22 14:23   ` Eric W. Biederman
2021-09-22 15:30   ` Kees Cook
2021-09-22 15:30     ` Kees Cook
2021-09-22 15:59     ` Jann Horn
2021-09-22 15:59       ` Jann Horn
2021-09-24 21:50       ` Peter Collingbourne
2021-09-24 21:50         ` Peter Collingbourne
2021-09-26  2:20         ` Kees Cook
2021-09-26  2:20           ` Kees Cook
2021-11-23  5:17           ` Peter Collingbourne
2021-11-23  5:17             ` Peter Collingbourne
2021-09-22 17:46 ` David Hildenbrand
2021-09-22 17:46   ` David Hildenbrand
2021-09-22 19:22   ` Steven Rostedt
2021-09-22 19:22     ` Steven Rostedt
2021-09-22 19:53     ` Peter Zijlstra [this message]
2021-09-22 19:53       ` Peter Zijlstra
2021-09-22 22:05       ` Peter Collingbourne
2021-09-22 22:05         ` Peter Collingbourne
2021-09-23  8:08     ` David Hildenbrand
2021-09-23  8:08       ` David Hildenbrand

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YUuJo7IfS4x0iLfX@hirez.programming.kicks-ass.net \
    --to=peterz@infradead.org \
    --cc=akpm@linux-foundation.org \
    --cc=andreyknvl@gmail.com \
    --cc=arnd@arndb.de \
    --cc=bristot@redhat.com \
    --cc=bsegall@google.com \
    --cc=caoxiaofeng@yulong.com \
    --cc=catalin.marinas@arm.com \
    --cc=chris.hyser@oracle.com \
    --cc=chris@chris-wilson.co.uk \
    --cc=christian.brauner@ubuntu.com \
    --cc=colin.king@canonical.com \
    --cc=daniel.vetter@ffwll.ch \
    --cc=david@redhat.com \
    --cc=dietmar.eggemann@arm.com \
    --cc=dvyukov@google.com \
    --cc=ebiederm@xmission.com \
    --cc=elver@google.com \
    --cc=eugenis@google.com \
    --cc=frederic@kernel.org \
    --cc=glider@google.com \
    --cc=gorcunov@gmail.com \
    --cc=juri.lelli@redhat.com \
    --cc=keescook@chromium.org \
    --cc=krisman@collabora.com \
    --cc=legion@kernel.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mark.rutland@arm.com \
    --cc=masahiroy@kernel.org \
    --cc=mgorman@suse.de \
    --cc=mingo@redhat.com \
    --cc=pcc@google.com \
    --cc=ran.xiaokai@zte.com.cn \
    --cc=rostedt@goodmis.org \
    --cc=samitolvanen@google.com \
    --cc=sblbir@amazon.com \
    --cc=tglx@linutronix.de \
    --cc=thomascedeno@google.com \
    --cc=vincent.guittot@linaro.org \
    --cc=viresh.kumar@linaro.org \
    --cc=will@kernel.org \
    --cc=yifeifz2@illinois.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.