Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp1913063ybc; Wed, 20 Nov 2019 06:09:56 -0800 (PST) X-Google-Smtp-Source: APXvYqxtm9WlJ2mOSpNl72RK62XLDT3up2UNQnZOriJ7Js6BnBreU4jCqbXRAC3jBV4CrhOKePzc X-Received: by 2002:a2e:300d:: with SMTP id w13mr3007644ljw.117.1574258995903; Wed, 20 Nov 2019 06:09:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574258995; cv=none; d=google.com; s=arc-20160816; b=JzuawHBRfWPS7tl1V5hup1ZaPLJQmFP5oyeRru2TTT/UJ0kk5Q1EI6J9qE64UIGlD0 TG5wAh2k8ncxLHGuhmyPRlrho3zCHmydSU0JJoBOKed/M2mkavrB7iTuwaqntXSO0DM1 wen+fhgViI4xxQJKbaolwONp5KhG4y5vlUndCzCQ5DDe483cttxaf+GPNpbaSQO8WENI Mh6xb3W7YMupvZ5oh0HtHADQDXCoHC5ZJjq4qVfle14JQFU7BT4r6q1lMDoR7lExqZgD OIANXyJKAjwDOUkpvPgOh80ZIIsfvn/cCDX2zs8TQgZQa67DLWfFpHO/IGUWC/xdyV9d 72ZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=BkPo4N+OXbR4oSS40xbBFhi4WIr8r7ec8ls0F/ll7a4=; b=sSec/q9Az98OkAp7j+HEF6lZ45zFEe7wQlnDGycW8cvJxGcmbUlqpNWGu1rlBAcPS5 FDfWlEgiG7yuRyYFEzB+KJaywsgYzC1vhpAt6fxhGvacXIAIkEQ//DogeffneHy7mQ1/ t7SMdbNkpGjEvjIsOAAKm8VtvDAlPpQh3P1LJXwAhRmtCHhDJCAkX6iAgB2lMsc7VfE/ T+AOOBhqgi/mfn+MVCgecZIPS3qA7MTPvhGmbSzEEEmpGVTB1VVSYhlo9kA9ojFeOC9S hH+ITh3a5+YoD2ziiecpndyIxLjWwoioYEI/ou0UiFXNzatjPXvpQPaAupGCTBYPRo3Q 0w9A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 95si17978649edq.244.2019.11.20.06.09.29; Wed, 20 Nov 2019 06:09:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731335AbfKTN4Q (ORCPT + 99 others); Wed, 20 Nov 2019 08:56:16 -0500 Received: from mga11.intel.com ([192.55.52.93]:54157 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731263AbfKTN4P (ORCPT ); Wed, 20 Nov 2019 08:56:15 -0500 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Nov 2019 05:56:07 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,222,1571727600"; d="scan'208";a="237738162" Received: from tassilo.jf.intel.com (HELO tassilo.localdomain) ([10.7.201.21]) by fmsmga002.fm.intel.com with ESMTP; 20 Nov 2019 05:56:07 -0800 Received: by tassilo.localdomain (Postfix, from userid 1000) id 1D7A330084E; Wed, 20 Nov 2019 05:56:07 -0800 (PST) Date: Wed, 20 Nov 2019 05:56:07 -0800 From: Andi Kleen To: Jann Horn Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , the arch/x86 maintainers , Andrey Ryabinin , Alexander Potapenko , Dmitry Vyukov , kasan-dev , kernel list , Andrey Konovalov , Andy Lutomirski , Sean Christopherson Subject: Re: [PATCH v2 2/3] x86/traps: Print non-canonical address on #GP Message-ID: <20191120135607.GA84886@tassilo.jf.intel.com> References: <20191115191728.87338-1-jannh@google.com> <20191115191728.87338-2-jannh@google.com> <87lfsbfa2q.fsf@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.12.1 (2019-06-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > Is there a specific concern you have about the instruction decoder? As > far as I can tell, all the paths of insn_get_addr_ref() only work if > the instruction has a mod R/M byte according to the instruction > tables, and then figures out the address based on that. While that > means that there's a wide variety of cases in which we won't be able > to figure out the address, I'm not aware of anything specific that is > likely to lead to false positives. First there will be a lot of cases you'll just print 0, even though 0 is canonical if there is no operand. Then it might be that the address is canonical, but triggers #GP anyways (e.g. unaligned SSE) Or it might be the wrong address if there is an operand, there are many complex instructions that reference something in memory, and usually do canonical checking there. And some other odd cases. For example when the instruction length exceeds 15 bytes. I know there is fuzzing for the instruction decoder, but it might be worth double checking it handles all of that correctly. I'm not sure how good the fuzzer's coverage is. At a minimum you should probably check if the address is actually non canonical. Maybe that's simple enough and weeds out most cases. -Andi