lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 26 Mar 2020 14:42:15 +0000 (UTC)
From:   Christophe Leroy <christophe.leroy@....fr>
To:     cmr@...ormatik.wtf
Cc:     linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org
Subject: [RFC PATCH] powerpc/lib: Fixing use a temporary mm for code patching

This patch fixes the RFC series identified below.
It fixes three points:
- Failure with CONFIG_PPC_KUAP
- Failure to write do to lack of DIRTY bit set on the 8xx
- Inadequaly complex WARN post verification

However, it has an impact on the CPU load. Here is the time
needed on an 8xx to run the ftrace selftests without and
with this series:
- Without CONFIG_STRICT_KERNEL_RWX		==> 38 seconds
- With CONFIG_STRICT_KERNEL_RWX			==> 40 seconds
- With CONFIG_STRICT_KERNEL_RWX + this series	==> 43 seconds

Link: https://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=166003
Signed-off-by: Christophe Leroy <christophe.leroy@....fr>
---
 arch/powerpc/lib/code-patching.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c
index f156132e8975..4ccff427592e 100644
--- a/arch/powerpc/lib/code-patching.c
+++ b/arch/powerpc/lib/code-patching.c
@@ -97,6 +97,7 @@ static int map_patch(const void *addr, struct patch_mapping *patch_mapping)
 	}
 
 	pte = mk_pte(page, pgprot);
+	pte = pte_mkdirty(pte);
 	set_pte_at(patching_mm, patching_addr, ptep, pte);
 
 	init_temp_mm(&patch_mapping->temp_mm, patching_mm);
@@ -168,7 +169,9 @@ static int do_patch_instruction(unsigned int *addr, unsigned int instr)
 			(offset_in_page((unsigned long)addr) /
 				sizeof(unsigned int));
 
+	allow_write_to_user(patch_addr, sizeof(instr));
 	__patch_instruction(addr, instr, patch_addr);
+	prevent_write_to_user(patch_addr, sizeof(instr));
 
 	err = unmap_patch(&patch_mapping);
 	if (err)
@@ -179,7 +182,7 @@ static int do_patch_instruction(unsigned int *addr, unsigned int instr)
 	 * think we just wrote.
 	 * XXX: BUG_ON() instead?
 	 */
-	WARN_ON(memcmp(addr, &instr, sizeof(instr)));
+	WARN_ON(*addr != instr);
 
 out:
 	local_irq_restore(flags);
-- 
2.25.0

Powered by blists - more mailing lists