| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202409111518.FFAD85919@keescook>
Date: Wed, 11 Sep 2024 15:18:44 -0700
From: Kees Cook <kees@...nel.org>
To: Suren Baghdasaryan <surenb@...gle.com>
Cc: Vlastimil Babka <vbabka@...e.cz>,
Kent Overstreet <kent.overstreet@...ux.dev>,
Christoph Lameter <cl@...ux.com>, Pekka Enberg <penberg@...nel.org>,
David Rientjes <rientjes@...gle.com>,
Joonsoo Kim <iamjoonsoo.kim@....com>,
Andrew Morton <akpm@...ux-foundation.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Hyeonggon Yoo <42.hyeyoo@...il.com>, linux-mm@...ck.org,
"GONG, Ruiqi" <gongruiqi@...weicloud.com>,
Jann Horn <jannh@...gle.com>, Matteo Rizzo <matteorizzo@...gle.com>,
jvoisin <julien.voisin@...tri.org>,
Xiu Jianfeng <xiujianfeng@...wei.com>, linux-kernel@...r.kernel.org,
linux-hardening@...r.kernel.org
Subject: Re: [PATCH 3/5] codetag: Introduce codetag_early_walk()
On Thu, Aug 29, 2024 at 08:39:29AM -0700, Suren Baghdasaryan wrote:
> On Fri, Aug 9, 2024 at 12:33 AM Kees Cook <kees@...nel.org> wrote:
> >
> > In order to process builtin alloc_tags much earlier during boot (before
> > register_codetag() is processed), provide codetag_early_walk() that
> > perform a lockless walk with a specified callback function. This will be
> > used to allocate required caches that cannot be allocated on demand.
> >
> > Signed-off-by: Kees Cook <kees@...nel.org>
> > ---
> > Cc: Suren Baghdasaryan <surenb@...gle.com>
> > Cc: Kent Overstreet <kent.overstreet@...ux.dev>
> > Cc: Vlastimil Babka <vbabka@...e.cz>
> > Cc: Christoph Lameter <cl@...ux.com>
> > Cc: Pekka Enberg <penberg@...nel.org>
> > Cc: David Rientjes <rientjes@...gle.com>
> > Cc: Joonsoo Kim <iamjoonsoo.kim@....com>
> > Cc: Andrew Morton <akpm@...ux-foundation.org>
> > Cc: Roman Gushchin <roman.gushchin@...ux.dev>
> > Cc: Hyeonggon Yoo <42.hyeyoo@...il.com>
> > Cc: linux-mm@...ck.org
> > ---
> > include/linux/codetag.h | 2 ++
> > lib/codetag.c | 16 ++++++++++++++++
> > 2 files changed, 18 insertions(+)
> >
> > diff --git a/include/linux/codetag.h b/include/linux/codetag.h
> > index c2a579ccd455..9eb1fcd90570 100644
> > --- a/include/linux/codetag.h
> > +++ b/include/linux/codetag.h
> > @@ -64,6 +64,8 @@ void codetag_lock_module_list(struct codetag_type *cttype, bool lock);
> > bool codetag_trylock_module_list(struct codetag_type *cttype);
> > struct codetag_iterator codetag_get_ct_iter(struct codetag_type *cttype);
> > struct codetag *codetag_next_ct(struct codetag_iterator *iter);
> > +void codetag_early_walk(const struct codetag_type_desc *desc,
> > + void (*callback)(struct codetag *ct));
> >
> > void codetag_to_text(struct seq_buf *out, struct codetag *ct);
> >
> > diff --git a/lib/codetag.c b/lib/codetag.c
> > index ef7634c7ee18..9d563c8c088a 100644
> > --- a/lib/codetag.c
> > +++ b/lib/codetag.c
> > @@ -154,6 +154,22 @@ static struct codetag_range get_section_range(struct module *mod,
> > };
> > }
> >
> > +void codetag_early_walk(const struct codetag_type_desc *desc,
> > + void (*callback)(struct codetag *ct))
> > +{
> > + struct codetag_range range;
> > + struct codetag *ct;
> > +
> > + range = get_section_range(NULL, desc->section);
> > + if (!range.start || !range.stop ||
> > + range.start == range.stop ||
> > + range.start > range.stop)
> > + return;
>
> I think this check can be simplified to:
>
> if (!range.start || range.start >= range.stop)
> return;
>
> nit: Technically (!range.start) should also never trigger. In a valid
> image these symbols are either missing (range.start == range.stop ==
> NULL) or both are defined and (range.start < range.stop).
Yeah, all true. I was mainly copying all the checks that existed in the
"slow path" version.
I will adjust this for the next version.
--
Kees Cook
Powered by blists - more mailing lists