lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.DEB.1.10.0902192041200.31658@gandalf.stny.rr.com>
Date:	Thu, 19 Feb 2009 20:44:36 -0500 (EST)
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Andrew Morton <akpm@...ux-foundation.org>
cc:	linux-kernel@...r.kernel.org, mingo@...e.hu, tglx@...utronix.de,
	peterz@...radead.org, fweisbec@...il.com,
	torvalds@...ux-foundation.org, arjan@...radead.org,
	rusty@...tcorp.com.au, mathieu.desnoyers@...ymtl.ca, hpa@...or.com,
	srostedt@...hat.com
Subject: Re: [PATCH 4/6] ftrace, x86: make kernel text writable only for
 conversions


On Thu, 19 Feb 2009, Andrew Morton wrote:

> On Thu, 19 Feb 2009 20:13:20 -0500
> Steven Rostedt <rostedt@...dmis.org> wrote:
> 
> > +int ftrace_arch_modify_prepare(void)
> > +{
> > +	/* at boot up, we are still writable */
> > +	if (system_state != SYSTEM_RUNNING)
> > +		return 0;
> > +
> > +	set_kernel_text_rw();
> > +	return 0;
> > +}
> > +
> > +int ftrace_arch_modify_post_process(void)
> > +{
> > +	/* at boot up, we are still writable */
> > +	if (system_state != SYSTEM_RUNNING)
> > +		return 0;
> > +
> > +	set_kernel_text_ro();
> > +	return 0;
> > +}
> 
> It would be prudent to avoid using system_state.  People can change the
> point at which it transitions and can unexpectedly insert (or move)
> code to sites where system_state has new values, etc.  It was a bad
> idea.

Good to know.

> 
> It would be clearer and more robust to create your own little flag for
> this purpose and set to it true and false at the places where that is
> appropriate for this application.  It's just one more byte...

I just did not want to set it to read-only before the main text decided to 
do this. I could probably move those checks into the set_kernel_text_* 
functions in init_32/64.c files. We should not convert until after the 
DEBUG_RODATA did its first conversion. Yeah, that's a better place for it.

I'll write up another patch.

Thanks,

-- Steve

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ