Re: kern/53261: kernel crash during test run

[Kamil Rytarowski <n54%gmx.com@localhost>]

The following reply was made to PR kern/53261; it has been noted by GNATS.

From: Kamil Rytarowski <n54%gmx.com@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: kern/53261: kernel crash during test run
Date: Wed, 23 May 2018 15:07:33 +0200

 This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
 --QsMnTI8uC6U1WzF5IXl7WJ6aa26iymjy4
 Content-Type: multipart/mixed; boundary="tOpxe8pTwb4arpMZBS7hw5eWPfokKk9vb";
  protected-headers="v1"
 From: Kamil Rytarowski <n54%gmx.com@localhost>
 To: gnats-bugs%NetBSD.org@localhost
 Message-ID: <4eb55e0f-416e-a42b-5dfb-0978720d6252%gmx.com@localhost>
 Subject: Re: kern/53261: kernel crash during test run
 References: <pr-kern-53261%gnats.netbsd.org@localhost>
  <20180523121501.5D1887A21F%mollari.NetBSD.org@localhost>
 In-Reply-To: <20180523121501.5D1887A21F%mollari.NetBSD.org@localhost>
 
 --tOpxe8pTwb4arpMZBS7hw5eWPfokKk9vb
 Content-Type: text/plain; charset=utf-8
 Content-Language: en-US
 Content-Transfer-Encoding: quoted-printable
 
 On 23.05.2018 14:15, Martin Husemann wrote:
 > The following reply was made to PR kern/53261; it has been noted by GNA=
 TS.
 >=20
 > From: Martin Husemann <martin%duskware.de@localhost>
 > To: gnats-bugs%NetBSD.org@localhost
 > Cc:=20
 > Subject: Re: kern/53261: kernel crash during test run
 > Date: Wed, 23 May 2018 14:10:23 +0200
 >=20
 >  On Wed, May 23, 2018 at 12:05:00PM +0000, Kamil Rytarowski wrote:
 >  >  In the mmap() case we can get legal input and output arguments with=
 in
 >  >  the 32-bit range.
 > =20
 >  No, we can't and the kernel will crash.
 > =20
 
 This code works reliably on i386 in 32-bit mode. This includes more
 advanced sanitizer ASan that allocates a lot of memory.
 
 >  A userland program *never* should be able to crash the kernel.
 > =20
 
 Agreed.
 
 >  An alternative is to make the syscall handling code in arm a lot more
 >  complex and check for specific misalignments, but then we would punish=
 
 >  everyone for a stupid
 
 This is the proper solution. Other ports are already mangling the input
 vector for syscall/__syscall. Not sure if any does it for the same
 reason, but it's the proper solution.
 
 > test interface that should just go away.
 > =20
 
 I don't agree that this interface should go away. It's convenient.
 
 If we would like to obsolete it in sanitizers, the alternative is to
 reimplement syscall entry functions for every CPU and syscall separately
 (unless we want to go for hacks with symbol mangling that is not that
 reliable). Reimplementing sanitizers isn't viable, at least now.
 
 >  Martin
 > =20
 >=20
 
 
 --tOpxe8pTwb4arpMZBS7hw5eWPfokKk9vb--
 
 --QsMnTI8uC6U1WzF5IXl7WJ6aa26iymjy4
 Content-Type: application/pgp-signature; name="signature.asc"
 Content-Description: OpenPGP digital signature
 Content-Disposition: attachment; filename="signature.asc"
 
 -----BEGIN PGP SIGNATURE-----
 
 iQJABAEBCAAqFiEELaxVpweEzw+lMDwuS7MI6bAudmwFAlsFZ5UMHG41NEBnbXgu
 Y29tAAoJEEuzCOmwLnZsUwcQAJHUt6Ra/9fk6ihFNc6CzNzuTWvHl/CdLNBFL3n4
 XE1DCS35fT2DmCVtjDvoI3c6UZS4kaASZZ089wdK2rRPB7O7G73XfjL4ghXoFhgF
 cJQxZoqfehhzbnoRynGt1dCj+Un1IqwqEZPai0a1LsQd4xKWVePkTUMH5bR1edbZ
 aeni2OUDg9SS4M7XBcYANDEowdsBt/Pb+4v/n+spEPvyKlj8xHvgtoEKiwlp4H+Q
 h9LFwvj3UI5drfJoGvO53/f37REv5ilGvcUt2cQwn2sDPl/AeVt5v8WYQpEWJCRT
 suKPjyYjyymbRrTVZLM4rlt9bJ4koVtmGk1heSaAHVHwGRxTK9X1gUSNXPDgMzdR
 iw6kS/woLYVG57lTLPdkL3wVejw+wiuDImFDsMExrVaUSS/T6fVisMKHaa0zeCOu
 9zq0Uz+L0qk03uz5hOQ9rwyEJc+S9COV0nhlobFtOiPSBDQPn22wbF8ajue56Iy1
 bcBJS85mmyqTng0qnggcCdnQwEyZulGySw1o1h4CcrXa0pagLqyhkBMprakcy1R0
 DKH8VB3fhNCk8gbikEZCiU8B5mFrjKzL6n08NXUvpNPFN8FlsZJiQpSFm4KR/kvi
 NjzRvr001uWJxRP+ZDlWzyN23N4OgNoTqPwwuxKbcqDXggMOjUgRu3u24Sda6Icl
 ++nm
 =a6q2
 -----END PGP SIGNATURE-----
 
 --QsMnTI8uC6U1WzF5IXl7WJ6aa26iymjy4--