lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fe3179b1-6d94-17dd-a30f-e183e8143775@redhat.com>
Date:   Fri, 15 Feb 2019 11:05:24 +0100
From:   Daniel Bristot de Oliveira <bristot@...hat.com>
To:     Borislav Petkov <bp@...en8.de>
Cc:     linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        "H. Peter Anvin" <hpa@...or.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        "Steven Rostedt (VMware)" <rostedt@...dmis.org>,
        Jiri Kosina <jkosina@...e.cz>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        "Peter Zijlstra (Intel)" <peterz@...radead.org>,
        Chris von Recklinghausen <crecklin@...hat.com>,
        Jason Baron <jbaron@...mai.com>, Scott Wood <swood@...hat.com>,
        Marcelo Tosatti <mtosatti@...hat.com>,
        Clark Williams <williams@...hat.com>, x86@...nel.org
Subject: Re: [PATCH V4 3/9] x86/jump_label: Move checking code away from
 __jump_label_transform()

On 2/5/19 8:33 AM, Borislav Petkov wrote:
> On Mon, Feb 04, 2019 at 08:58:56PM +0100, Daniel Bristot de Oliveira wrote:
>> Move the check of the current code, before updating an entry, to specialized
>> functions. No changes in the method, only code relocation.
>>
>> Signed-off-by: Daniel Bristot de Oliveira <bristot@...hat.com>
>> Cc: Thomas Gleixner <tglx@...utronix.de>
>> Cc: Ingo Molnar <mingo@...hat.com>
>> Cc: Borislav Petkov <bp@...en8.de>
>> Cc: "H. Peter Anvin" <hpa@...or.com>
>> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
>> Cc: Masami Hiramatsu <mhiramat@...nel.org>
>> Cc: "Steven Rostedt (VMware)" <rostedt@...dmis.org>
>> Cc: Jiri Kosina <jkosina@...e.cz>
>> Cc: Josh Poimboeuf <jpoimboe@...hat.com>
>> Cc: "Peter Zijlstra (Intel)" <peterz@...radead.org>
>> Cc: Chris von Recklinghausen <crecklin@...hat.com>
>> Cc: Jason Baron <jbaron@...mai.com>
>> Cc: Scott Wood <swood@...hat.com>
>> Cc: Marcelo Tosatti <mtosatti@...hat.com>
>> Cc: Clark Williams <williams@...hat.com>
>> Cc: x86@...nel.org
>> Cc: linux-kernel@...r.kernel.org
>> ---
>>  arch/x86/kernel/jump_label.c | 60 +++++++++++++++++++++++++-----------
>>  1 file changed, 42 insertions(+), 18 deletions(-)
>>
>> diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.c
>> index f99bd26bd3f1..e443c43478eb 100644
>> --- a/arch/x86/kernel/jump_label.c
>> +++ b/arch/x86/kernel/jump_label.c
>> @@ -35,16 +35,53 @@ static void bug_at(unsigned char *ip, int line)
>>  	BUG();
>>  }
>>  
>> +static inline void __jump_label_trans_check_enable(struct jump_entry *entry,
>> +						   enum jump_label_type type,
>> +						   const unsigned char *ideal_nop,
>> +						   int init)
>> +{
>> +	const unsigned char default_nop[] = { STATIC_KEY_INIT_NOP };
>> +	const void *expect;
>> +	int line;
>> +
>> +	if (init) {
>> +		expect = default_nop; line = __LINE__;
>> +	} else {
>> +		expect = ideal_nop; line = __LINE__;
>> +	}
>> +
>> +	if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
>> +		bug_at((void *)jump_entry_code(entry), line);
>> +}
>> +
>> +static inline void __jump_label_trans_check_disable(struct jump_entry *entry,
>> +						    enum jump_label_type type,
>> +						    union jump_code_union *jmp,
>> +						    int init)
>> +{
>> +	const unsigned char default_nop[] = { STATIC_KEY_INIT_NOP };
>> +	const void *expect;
>> +	int line;
>> +
>> +	if (init) {
>> +		expect = default_nop; line = __LINE__;
>> +	} else {
>> +		expect = jmp->code; line = __LINE__;
>> +	}
>> +
>> +	if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
>> +		bug_at((void *)jump_entry_code(entry), line);
>> +}
> 
> Why the carve out?
> 
> The next patch is adding __jump_label_set_jump_code() which calls them
> so you could just as well keep the functionality all in that function without
> having too many helpers which are called only once...
> 

I removed these helpers and moved the code to __jump_label_set_jump_code().

The function looks like this now:
-------------- %< ----------------------
static void __jump_label_set_jump_code(struct jump_entry *entry,
				       enum jump_label_type type,
				       union jump_code_union *code,
				       int init)
{
	const unsigned char default_nop[] = { STATIC_KEY_INIT_NOP };
	const unsigned char *ideal_nop = ideal_nops[NOP_ATOMIC5];
	const void *expect;
	int line;

	code->jump = 0xe9;
	code->offset = jump_entry_target(entry) -
		     (jump_entry_code(entry) + JUMP_LABEL_NOP_SIZE);

	if (type == JUMP_LABEL_JMP) {
		if (init) {
			expect = default_nop; line = __LINE__;
		} else {
			expect = ideal_nop; line = __LINE__;
		}

		if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
			bug_at((void *)jump_entry_code(entry), line);

	} else {
		if (init) {
			expect = default_nop; line = __LINE__;
		} else {
			expect = code->code; line = __LINE__;
		}

		if (memcmp((void *)jump_entry_code(entry), expect, JUMP_LABEL_NOP_SIZE))
			bug_at((void *)jump_entry_code(entry), line);

		memcpy(code, ideal_nop, JUMP_LABEL_NOP_SIZE);
	}
}
-------------- >% ----------------------


Thanks!

-- Daniel

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ