lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Mon, 23 Jan 2017 16:54:00 +1100
From:   Michael Ellerman <mpe@...erman.id.au>
To:     Peter Zijlstra <peterz@...radead.org>,
        Vlastimil Babka <vbabka@...e.cz>
Cc:     Stafford Horne <shorne@...il.com>, linux-kernel@...r.kernel.org,
        Andrew Morton <akpm@...ux-foundation.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Kees Cook <keescook@...omium.org>,
        Jessica Yu <jeyu@...hat.com>, Petr Mladek <pmladek@...e.com>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        Yang Shi <yang.shi@...aro.org>, Tejun Heo <tj@...nel.org>,
        Prarit Bhargava <prarit@...hat.com>,
        Yaowei Bai <baiyaowei@...s.chinamobile.com>,
        Andrey Ryabinin <aryabinin@...tuozzo.com>
Subject: Re: [PATCH -next] init/main: Init jump_labels before they are used to build zonelists

Peter Zijlstra <peterz@...radead.org> writes:

> On Tue, Jan 17, 2017 at 02:07:36PM +0100, Vlastimil Babka wrote:
>
>> Anyway I'm not sure if this patch is safe. Hopefully Peter can judge
>> this better...
>> 
>> > Cc: Vlastimil Babka <vbabka@...e.cz>
>> > Signed-off-by: Stafford Horne <shorne@...il.com>
>> > ---
>> >  init/main.c | 3 +--
>> >  1 file changed, 1 insertion(+), 2 deletions(-)
>> > 
>> > diff --git a/init/main.c b/init/main.c
>> > index 8b1adb6e..d1ca7cb 100644
>> > --- a/init/main.c
>> > +++ b/init/main.c
>> > @@ -513,6 +513,7 @@ asmlinkage __visible void __init start_kernel(void)
>> >  	boot_cpu_state_init();
>> >  	smp_prepare_boot_cpu();	/* arch-specific boot-cpu hooks */
>> >  
>> > +	jump_label_init();
>> >  	build_all_zonelists(NULL, NULL);
>> >  	page_alloc_init();
>> >  
>> > @@ -526,8 +527,6 @@ asmlinkage __visible void __init start_kernel(void)
>> >  		parse_args("Setting init args", after_dashes, NULL, 0, -1, -1,
>> >  			   NULL, set_init_arg);
>> >  
>> > -	jump_label_init();
>> > -
>
> Urgh, that means auditing all archs that implement this. The thing
> you're looking for is if the self-modifying code cruft can be done that
> early.

You could do what we do on powerpc, which is to call jump_label_init()
early in arch code.

The second call from generic code will just return without doing
anything, see the start of jump_label_init():

void __init jump_label_init(void)
{
	struct jump_entry *iter_start = __start___jump_table;
	struct jump_entry *iter_stop = __stop___jump_table;
	struct static_key *key = NULL;
	struct jump_entry *iter;

	/*
	 * Since we are initializing the static_key.enabled field with
	 * with the 'raw' int values (to avoid pulling in atomic.h) in
	 * jump_label.h, let's make sure that is safe. There are only two
	 * cases to check since we initialize to 0 or 1.
	 */
	BUILD_BUG_ON((int)ATOMIC_INIT(0) != 0);
	BUILD_BUG_ON((int)ATOMIC_INIT(1) != 1);

	if (static_key_initialized)
		return;


cheers

Powered by blists - more mailing lists