lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LSU.2.21.2010291443310.1688@pobox.suse.cz>
Date:   Thu, 29 Oct 2020 14:51:06 +0100 (CET)
From:   Miroslav Benes <mbenes@...e.cz>
To:     Steven Rostedt <rostedt@...dmis.org>
cc:     linux-kernel@...r.kernel.org,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>,
        Jiri Kosina <jikos@...nel.org>, Petr Mladek <pmladek@...e.com>,
        Joe Lawrence <joe.lawrence@...hat.com>,
        live-patching@...r.kernel.org
Subject: Re: [PATCH 6/9] livepatch/ftrace: Add recursion protection to the
 ftrace callback

On Wed, 28 Oct 2020, Steven Rostedt wrote:

> From: "Steven Rostedt (VMware)" <rostedt@...dmis.org>
> 
> If a ftrace callback does not supply its own recursion protection and
> does not set the RECURSION_SAFE flag in its ftrace_ops, then ftrace will
> make a helper trampoline to do so before calling the callback instead of
> just calling the callback directly.
> 
> The default for ftrace_ops is going to assume recursion protection unless
> otherwise specified.

Hm, I've always thought that we did not need any kind of recursion 
protection for our callback. It is marked as notrace and it does not call 
anything traceable. In fact, it does not call anything. I even have a note 
in my todo list to mark the callback as RECURSION_SAFE :)

At the same time, it probably does not hurt and the patch is still better 
than what we have now without RECURSION_SAFE if I understand the patch set 
correctly.
 
> Cc: Josh Poimboeuf <jpoimboe@...hat.com>
> Cc: Jiri Kosina <jikos@...nel.org>
> Cc: Miroslav Benes <mbenes@...e.cz>
> Cc: Petr Mladek <pmladek@...e.com>
> Cc: Joe Lawrence <joe.lawrence@...hat.com>
> Cc: live-patching@...r.kernel.org
> Signed-off-by: Steven Rostedt (VMware) <rostedt@...dmis.org>
> ---
>  kernel/livepatch/patch.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/kernel/livepatch/patch.c b/kernel/livepatch/patch.c
> index b552cf2d85f8..6c0164d24bbd 100644
> --- a/kernel/livepatch/patch.c
> +++ b/kernel/livepatch/patch.c
> @@ -45,9 +45,13 @@ static void notrace klp_ftrace_handler(unsigned long ip,
>  	struct klp_ops *ops;
>  	struct klp_func *func;
>  	int patch_state;
> +	int bit;
>  
>  	ops = container_of(fops, struct klp_ops, fops);
>  
> +	bit = ftrace_test_recursion_trylock();
> +	if (bit < 0)
> +		return;

This means that the original function will be called in case of recursion. 
That's probably fair, but I'm wondering if we should at least WARN about 
it.

Thanks
Miroslav

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ