| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090223023332.GA5430@Krystal> Date: Sun, 22 Feb 2009 21:33:33 -0500 From: Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca> To: Steven Rostedt <rostedt@...dmis.org> Cc: Andi Kleen <andi@...stfloor.org>, linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...e.hu>, Andrew Morton <akpm@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de>, Peter Zijlstra <peterz@...radead.org>, Frederic Weisbecker <fweisbec@...il.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Arjan van de Ven <arjan@...radead.org>, Rusty Russell <rusty@...tcorp.com.au>, "H. Peter Anvin" <hpa@...or.com>, Steven Rostedt <srostedt@...hat.com> Subject: Re: [PATCH 4/6] ftrace, x86: make kernel text writable only for conversions * Steven Rostedt (rostedt@...dmis.org) wrote: > > > > On Sun, 22 Feb 2009, Andi Kleen wrote: > > > Steven Rostedt <rostedt@...dmis.org> writes: > > > > > From: Steven Rostedt <srostedt@...hat.com> > > > > > > Impact: keep kernel text read only > > > > > > Because dynamic ftrace converts the calls to mcount into and out of > > > nops at run time, we needed to always keep the kernel text writable. > > > > > > But this defeats the point of CONFIG_DEBUG_RODATA. This patch converts > > > the kernel code to writable before ftrace modifies the text, and converts > > > it back to read only afterward. > > > > > > The conversion is done via stop_machine and no IPIs may be executed > > > at that time. The kernel text is set to write just before calling > > > stop_machine and set to read only again right afterward. > > > > The very old text poke code I had for this just used a dynamic > > mapping elsewhere instead to modify the code. That's much less > > intrusive than changing the complete mappings. Any reason you can't use > > that too? > > > > We are changing over 19000 locations in the kernel. This touches almost > all kernel text pages anyway. You want to map a page in and out for over > 19000 locations? > > -- Steve > Hi Steve, Can you provide numbers to indicate why it's required to be so intrusive in the kernel mappings while doing these modifications ? I think opening such time window where standard code mapping is writeable globally in config RO_DATA kernels could open the door to unexpected side-effects, so ideally going through the "backdoor" page mapped by text_poke seems safer. Given similar performance, I would tend to use a text_poke-like approach. Mathieu -- Mathieu Desnoyers OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists