lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Mar 2020 14:42:15 +0000 (UTC) From: Christophe Leroy <christophe.leroy@....fr> To: cmr@...ormatik.wtf Cc: linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org Subject: [RFC PATCH] powerpc/lib: Fixing use a temporary mm for code patching This patch fixes the RFC series identified below. It fixes three points: - Failure with CONFIG_PPC_KUAP - Failure to write do to lack of DIRTY bit set on the 8xx - Inadequaly complex WARN post verification However, it has an impact on the CPU load. Here is the time needed on an 8xx to run the ftrace selftests without and with this series: - Without CONFIG_STRICT_KERNEL_RWX ==> 38 seconds - With CONFIG_STRICT_KERNEL_RWX ==> 40 seconds - With CONFIG_STRICT_KERNEL_RWX + this series ==> 43 seconds Link: https://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=166003 Signed-off-by: Christophe Leroy <christophe.leroy@....fr> --- arch/powerpc/lib/code-patching.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c index f156132e8975..4ccff427592e 100644 --- a/arch/powerpc/lib/code-patching.c +++ b/arch/powerpc/lib/code-patching.c @@ -97,6 +97,7 @@ static int map_patch(const void *addr, struct patch_mapping *patch_mapping) } pte = mk_pte(page, pgprot); + pte = pte_mkdirty(pte); set_pte_at(patching_mm, patching_addr, ptep, pte); init_temp_mm(&patch_mapping->temp_mm, patching_mm); @@ -168,7 +169,9 @@ static int do_patch_instruction(unsigned int *addr, unsigned int instr) (offset_in_page((unsigned long)addr) / sizeof(unsigned int)); + allow_write_to_user(patch_addr, sizeof(instr)); __patch_instruction(addr, instr, patch_addr); + prevent_write_to_user(patch_addr, sizeof(instr)); err = unmap_patch(&patch_mapping); if (err) @@ -179,7 +182,7 @@ static int do_patch_instruction(unsigned int *addr, unsigned int instr) * think we just wrote. * XXX: BUG_ON() instead? */ - WARN_ON(memcmp(addr, &instr, sizeof(instr))); + WARN_ON(*addr != instr); out: local_irq_restore(flags); -- 2.25.0
Powered by blists - more mailing lists