| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Feb 2019 11:05:24 +0100
From: Daniel Bristot de Oliveira <bristot@...hat.com>
To: Borislav Petkov <bp@...en8.de>
Cc: linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
"Steven Rostedt (VMware)" <rostedt@...dmis.org>,
Jiri Kosina <jkosina@...e.cz>,
Josh Poimboeuf <jpoimboe@...hat.com>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Chris von Recklinghausen <crecklin@...hat.com>,
Jason Baron <jbaron@...mai.com>, Scott Wood <swood@...hat.com>,
Marcelo Tosatti <mtosatti@...hat.com>,
Clark Williams <williams@...hat.com>, x86@...nel.org
Subject: Re: [PATCH V4 3/9] x86/jump_label: Move checking code away from
__jump_label_transform()
On 2/5/19 8:33 AM, Borislav Petkov wrote:
> On Mon, Feb 04, 2019 at 08:58:56PM +0100, Daniel Bristot de Oliveira wrote:
>> Move the check of the current code, before updating an entry, to specialized
>> functions. No changes in the method, only code relocation.
>>
>> Signed-off-by: Daniel Bristot de Oliveira <bristot@...hat.com>
>> Cc: Thomas Gleixner <tglx@...utronix.de>
>> Cc: Ingo Molnar <mingo@...hat.com>
>> Cc: Borislav Petkov <bp@...en8.de>
>> Cc: "H. Peter Anvin" <hpa@...or.com>
>> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
>> Cc: Masami Hiramatsu <mhiramat@...nel.org>
>> Cc: "Steven Rostedt (VMware)" <rostedt@...dmis.org>
>> Cc: Jiri Kosina <jkosina@...e.cz>
>> Cc: Josh Poimboeuf <jpoimboe@...hat.com>
>> Cc: "Peter Zijlstra (Intel)" <peterz@...radead.org>
>> Cc: Chris von Recklinghausen <crecklin@...hat.com>
>> Cc: Jason Baron <jbaron@...mai.com>
>> Cc: Scott Wood <swood@...hat.com>
>> Cc: Marcelo Tosatti <mtosatti@...hat.com>
>> Cc: Clark Williams <williams@...hat.com>
>> Cc: x86@...nel.org
>> Cc: linux-kernel@...r.kernel.org
>> ---
>> arch/x86/kernel/jump_label.c | 60 +++++++++++++++++++++++++-----------
>> 1 file changed, 42 insertions(+), 18 deletions(-)
>>
>> diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.c
>> index f99bd26bd3f1..e443c43478eb 100644
>> --- a/arch/x86/kernel/jump_label.c
>> +++ b/arch/x86/kernel/jump_label.c
>> @@ -35,16 +35,53 @@ static void bug_at(unsigned char *ip, int line)
>> BUG();
>> }
>>
>> +static inline void __jump_label_trans_check_enable(struct jump_entry *entry,
>> + enum jump_label_type type,
>> + const unsigned char *ideal_nop,
>> + int init)
>> +{
>> + const unsigned char default_nop[] = { STATIC_KEY_INIT_NOP };
>> + const void *expect;
>> + int line;
>> +
>> + if (init) {
>> + expect = default_nop; line = __LINE__;
>> + } else {
>> + expect = ideal_nop; line = __LINE__;
>> + }
>> +
>> + if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
>> + bug_at((void *)jump_entry_code(entry), line);
>> +}
>> +
>> +static inline void __jump_label_trans_check_disable(struct jump_entry *entry,
>> + enum jump_label_type type,
>> + union jump_code_union *jmp,
>> + int init)
>> +{
>> + const unsigned char default_nop[] = { STATIC_KEY_INIT_NOP };
>> + const void *expect;
>> + int line;
>> +
>> + if (init) {
>> + expect = default_nop; line = __LINE__;
>> + } else {
>> + expect = jmp->code; line = __LINE__;
>> + }
>> +
>> + if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
>> + bug_at((void *)jump_entry_code(entry), line);
>> +}
>
> Why the carve out?
>
> The next patch is adding __jump_label_set_jump_code() which calls them
> so you could just as well keep the functionality all in that function without
> having too many helpers which are called only once...
>
I removed these helpers and moved the code to __jump_label_set_jump_code().
The function looks like this now:
-------------- %< ----------------------
static void __jump_label_set_jump_code(struct jump_entry *entry,
enum jump_label_type type,
union jump_code_union *code,
int init)
{
const unsigned char default_nop[] = { STATIC_KEY_INIT_NOP };
const unsigned char *ideal_nop = ideal_nops[NOP_ATOMIC5];
const void *expect;
int line;
code->jump = 0xe9;
code->offset = jump_entry_target(entry) -
(jump_entry_code(entry) + JUMP_LABEL_NOP_SIZE);
if (type == JUMP_LABEL_JMP) {
if (init) {
expect = default_nop; line = __LINE__;
} else {
expect = ideal_nop; line = __LINE__;
}
if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
bug_at((void *)jump_entry_code(entry), line);
} else {
if (init) {
expect = default_nop; line = __LINE__;
} else {
expect = code->code; line = __LINE__;
}
if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
bug_at((void *)jump_entry_code(entry), line);
memcpy(code, ideal_nop, JUMP_LABEL_NOP_SIZE);
}
}
-------------- >% ----------------------
Thanks!
-- Daniel
Powered by blists - more mailing lists