lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 11 Jul 2013 12:51:09 +0200 (CEST)
From:	Jiri Kosina <jkosina@...e.cz>
To:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
Cc:	Steven Rostedt <rostedt@...dmis.org>,
	Jason Baron <jbaron@...hat.com>,
	"H. Peter Anvin" <hpa@...ux.intel.com>,
	Borislav Petkov <bpetkov@...e.de>, linux-kernel@...r.kernel.org
Subject: Re: [RFC] [PATCH 1/2 v2] x86: introduce int3-based instruction
 patching

On Thu, 11 Jul 2013, Masami Hiramatsu wrote:

> > + * text_poke_bp() -- update instructions on live kernel on SMP
> > + * @addr:	address to patch
> > + * @opcode:	opcode of new instruction
> > + * @len:	length to copy
> > + * @handler:	address to jump to when the temporary breakpoint is hit
> > + *
> > +
> > + * Modify multi-byte instruction by using int3 breakpoint on SMP.
> > + * In contrary to text_poke_smp(), we completely avoid stop_machine() here,
> > + * and achieve the synchronization using int3 breakpoint.
> > + *
> > + * The way it is done:
> > + *	- add a int3 trap to the address that will be patched
> > + *	- sync cores
> 
> You don't need this "sync cores". (and your code didn't) :)

Right, my code originally did, but then I found discussion between you and 
hpa from 2009, where this was discussed and adjusted the code accordingly, 
but forgot to update the comment. Will do in v3.

> > + *	- update all but the first byte of the patched range
> > + *	- sync cores
> > + *	- replalace the first byte (int3) by the first byte of
> > + *	  replacing opcode
> > + *	- sync cores
> > + *
> > + * Note: must be called under text_mutex.
> > + */
> > +void *text_poke_bp(void *addr, const void *opcode, size_t len, void *handler)
> > +{
> > +	unsigned char int3 = 0xcc;
> > +
> 
> Here, you have to protect this code from others, since bp_* are
> global.

Caller is responsible for holding the text_mutex, so text_poke_bp() can't 
race with itself. And the proper consistency between text_poke_bp() and 
the notifier is achieved by the memory barriers.

So what exact scenario do you have in mind here, please?

> > +	bp_int3_handler = handler;
> > +	bp_int3_addr = (u8 *)addr + sizeof(int3);
> > +	bp_patching_in_progress = true;
> > +	/*
> > +	 * corresponding read barrier in int3 notifier for
> > +	 * making sure the in_progress flags is correctly ordered wrt.
> > +	 * patching */
> > +	smp_wmb();
> > +
> > +	text_poke(addr, &int3, sizeof(int3));

Thanks for the review,

-- 
Jiri Kosina
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ