| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Dec 2019 13:27:29 -0700
From: Shuah Khan <skhan@...uxfoundation.org>
To: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Thomas Gleixner <tglx@...utronix.de>
Cc: linux-kernel@...r.kernel.org,
Peter Zijlstra <peterz@...radead.org>,
"Paul E . McKenney" <paulmck@...ux.ibm.com>,
Boqun Feng <boqun.feng@...il.com>,
"H . Peter Anvin" <hpa@...or.com>, Paul Turner <pjt@...gle.com>,
linux-api@...r.kernel.org, stable@...r.kernel.org,
Florian Weimer <fw@...eb.enyo.de>,
Dmitry Vyukov <dvyukov@...gle.com>,
"skh >> Shuah Khan" <skhan@...uxfoundation.org>
Subject: Re: [PATCH for 5.5 2/2] rseq/selftests: Clarify rseq_prepare_unload()
helper requirements
Hi Mathieu,
On 12/20/19 1:12 PM, Mathieu Desnoyers wrote:
> The rseq.h UAPI now documents that the rseq_cs field must be cleared
> before reclaiming memory that contains the targeted struct rseq_cs, but
> also that the rseq_cs field must be cleared before reclaiming memory of
> the code pointed to by the rseq_cs start_ip and post_commit_offset
> fields.
>
> While we can expect that use of dlclose(3) will typically unmap
> both struct rseq_cs and its associated code at once, nothing would
> theoretically prevent a JIT from reclaiming the code without
> reclaiming the struct rseq_cs, which would erroneously allow the
> kernel to consider new code which is not a rseq critical section
> as a rseq critical section following a code reclaim.
>
> Suggested-by: Florian Weimer <fw@...eb.enyo.de>
> Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
> Cc: Shuah Khan <skhan@...uxfoundation.org>
> Cc: Florian Weimer <fw@...eb.enyo.de>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Peter Zijlstra (Intel) <peterz@...radead.org>
> Cc: "Paul E. McKenney" <paulmck@...ux.ibm.com>
> Cc: Boqun Feng <boqun.feng@...il.com>
> Cc: "H . Peter Anvin" <hpa@...or.com>
> Cc: Paul Turner <pjt@...gle.com>
> Cc: Dmitry Vyukov <dvyukov@...gle.com>
> ---
> tools/testing/selftests/rseq/rseq.h | 12 +++++++-----
> 1 file changed, 7 insertions(+), 5 deletions(-)
>
> diff --git a/tools/testing/selftests/rseq/rseq.h b/tools/testing/selftests/rseq/rseq.h
> index d40d60e7499e..15cbd51d0818 100644
> --- a/tools/testing/selftests/rseq/rseq.h
> +++ b/tools/testing/selftests/rseq/rseq.h
> @@ -149,11 +149,13 @@ static inline void rseq_clear_rseq_cs(void)
> /*
> * rseq_prepare_unload() should be invoked by each thread executing a rseq
> * critical section at least once between their last critical section and
> - * library unload of the library defining the rseq critical section
> - * (struct rseq_cs). This also applies to use of rseq in code generated by
> - * JIT: rseq_prepare_unload() should be invoked at least once by each
> - * thread executing a rseq critical section before reclaim of the memory
> - * holding the struct rseq_cs.
> + * library unload of the library defining the rseq critical section (struct
> + * rseq_cs) or the code refered to by the struct rseq_cs start_ip and
Nit: referred instead of refered
> + * post_commit_offset fields. This also applies to use of rseq in code
> + * generated by JIT: rseq_prepare_unload() should be invoked at least once by
> + * each thread executing a rseq critical section before reclaim of the memory
> + * holding the struct rseq_cs or reclaim of the code pointed to by struct
> + * rseq_cs start_ip and post_commit_offset fields.
> */
> static inline void rseq_prepare_unload(void)
> {
>
thanks,
-- Shuah
Powered by blists - more mailing lists