Re: [PATCH RFC v1] arm64: Handle traps from accessing CNTVCT/CNTFRQ for CONFIG_COMPAT

From: Marc Zyngier
Date: Tue Jan 16 2018 - 16:19:24 EST


On Tue, 16 Jan 2018 20:32:19 +0000,
Nicolin Chen wrote:
>
> Hello Marc,
>
> On Thu, Jan 11, 2018 at 08:51:37AM +0000, Marc Zyngier wrote:
> > > [ I also added cntfrq here for safety as theoretically it could
> > > trigger the trap as well. However, my another test case (with
> > > mrc insturction) doesn't seem to trigger a trap. So I would
> > > drop it in the next version if someone can confirm it's not
> > > required. Thanks -- Nicolin ]
> >
> > See my previous series on this very subject[1] as well as Will's reply.
>
> Thanks for the background.
>
> > > - for (hook = sys64_hooks; hook->handler; hook++)
> > > + for (; hook && hook->handler; hook++)
> > > if ((hook->esr_mask & esr) == hook->esr_val) {
> > > hook->handler(esr, regs);
> > > return;
> > >
> >
> > Also, this code is fairly broken in its handling of conditional
> > instructions.
>
> I understand that it should take care of the condition field as
> a general instruction handler. Just for curiosity: If we confine
> the topic to read access of CNTVCT/CNTFRQ, what'd be the penalty
> by ignoring the condition field and executing it anyway?

Do you mean, apart from severely corrupting userspace execution?
That's a rhetorical question, right?

M.
--
Jazz is not dead, it just smell funny.