lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 24 Mar 2014 20:30:28 +0900 From: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> To: Kees Cook <keescook@...omium.org> Cc: "H. Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, x86@...nel.org, linux-kernel@...r.kernel.org, Andy Honig <ahonig@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, Jianguo Wu <wujianguo@...wei.com>, David Rientjes <rientjes@...gle.com>, Fengguang Wu <fengguang.wu@...el.com> Subject: Re: [PATCH] x86, kaslr: fix module lock ordering problem (2014/03/11 5:42), Kees Cook wrote: > There was a potential lock ordering problem with the module kASLR patch > ("x86, kaslr: randomize module base load address"). This patch removes > the usage of the module_mutex and creates a new mutex to protect the > module base address offset value. > > Chain exists of: > text_mutex --> kprobe_insn_slots.mutex --> module_mutex > > [ 0.515561] Possible unsafe locking scenario: > [ 0.515561] > [ 0.515561] CPU0 CPU1 > [ 0.515561] ---- ---- > [ 0.515561] lock(module_mutex); > [ 0.515561] lock(kprobe_insn_slots.mutex); > [ 0.515561] lock(module_mutex); > [ 0.515561] lock(text_mutex); > [ 0.515561] > [ 0.515561] *** DEADLOCK *** > > Reported-by: Fengguang Wu <fengguang.wu@...el.com> > Signed-off-by: Andy Honig <ahonig@...gle.com> > Signed-off-by: Kees Cook <keescook@...omium.org> Reviewed-by: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com> Thanks for fix that ! :) > --- > arch/x86/kernel/module.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c > index 49483137371f..e69f9882bf95 100644 > --- a/arch/x86/kernel/module.c > +++ b/arch/x86/kernel/module.c > @@ -48,6 +48,9 @@ do { \ > static unsigned long module_load_offset; > static int randomize_modules = 1; > > +/* Mutex protects the module_load_offset. */ > +static DEFINE_MUTEX(module_kaslr_mutex); > + > static int __init parse_nokaslr(char *p) > { > randomize_modules = 0; > @@ -58,7 +61,7 @@ early_param("nokaslr", parse_nokaslr); > static unsigned long int get_module_load_offset(void) > { > if (randomize_modules) { > - mutex_lock(&module_mutex); > + mutex_lock(&module_kaslr_mutex); > /* > * Calculate the module_load_offset the first time this > * code is called. Once calculated it stays the same until > @@ -67,7 +70,7 @@ static unsigned long int get_module_load_offset(void) > if (module_load_offset == 0) > module_load_offset = > (get_random_int() % 1024 + 1) * PAGE_SIZE; > - mutex_unlock(&module_mutex); > + mutex_unlock(&module_kaslr_mutex); > } > return module_load_offset; > } > -- Masami HIRAMATSU IT Management Research Dept. Linux Technology Center Hitachi, Ltd., Yokohama Research Laboratory E-mail: masami.hiramatsu.pt@...achi.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists