lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 20 Nov 2020 12:24:24 -0800
From:   Rick Edgecombe <rick.p.edgecombe@...el.com>
To:     akpm@...ux-foundation.org, jeyu@...nel.org, bpf@...r.kernel.org,
        ast@...nel.org, daniel@...earbox.net, luto@...nel.org,
        dave.hansen@...ux.intel.com, peterz@...radead.org, x86@...nel.org,
        rppt@...nel.org, linux-mm@...ck.org, linux-kernel@...r.kernel.org,
        dan.j.williams@...el.com
Cc:     elena.reshetova@...el.com, ira.weiny@...el.com,
        Rick Edgecombe <rick.p.edgecombe@...el.com>
Subject: [PATCH RFC 08/10] jump_label: Handle module writable address

Since modules can have a separate writable address during loading,
do the nop application at the writable address.

As long as info is on hand about if the operations is happening during
a module load, don't do a full text_poke() when writing data to a
writable address.

Signed-off-by: Rick Edgecombe <rick.p.edgecombe@...el.com>
---
 arch/x86/kernel/jump_label.c | 18 ++++++++++++++++--
 kernel/jump_label.c          |  2 +-
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kernel/jump_label.c b/arch/x86/kernel/jump_label.c
index 5ba8477c2cb7..7a50148a63dd 100644
--- a/arch/x86/kernel/jump_label.c
+++ b/arch/x86/kernel/jump_label.c
@@ -63,6 +63,18 @@ static inline void __jump_label_transform(struct jump_entry *entry,
 					  int init)
 {
 	const void *opcode = __jump_label_set_jump_code(entry, type, init);
+	unsigned long addr = jump_entry_code(entry);
+	struct module *mod = __module_address(addr);
+	bool mod_writable = false;
+
+	if (mod) {
+		struct perm_allocation *alloc = module_get_allocation(mod, addr);
+
+		if (perm_is_writable(alloc)) {
+			addr = perm_writable_addr(alloc, addr);
+			mod_writable = true;
+		}
+	}
 
 	/*
 	 * As long as only a single processor is running and the code is still
@@ -74,9 +86,11 @@ static inline void __jump_label_transform(struct jump_entry *entry,
 	 * At the time the change is being done, just ignore whether we
 	 * are doing nop -> jump or jump -> nop transition, and assume
 	 * always nop being the 'currently valid' instruction
+	 *
+	 * If this is a module being loaded, text_poke_early can also be used.
 	 */
-	if (init || system_state == SYSTEM_BOOTING) {
-		text_poke_early((void *)jump_entry_code(entry), opcode,
+	if (init || system_state == SYSTEM_BOOTING || mod_writable) {
+		text_poke_early((void *)addr, opcode,
 				JUMP_LABEL_NOP_SIZE);
 		return;
 	}
diff --git a/kernel/jump_label.c b/kernel/jump_label.c
index 015ef903ce8c..3919e78fce12 100644
--- a/kernel/jump_label.c
+++ b/kernel/jump_label.c
@@ -595,7 +595,7 @@ static void __jump_label_mod_update(struct static_key *key)
  */
 void jump_label_apply_nops(struct module *mod)
 {
-	struct jump_entry *iter_start = mod->jump_entries;
+	struct jump_entry *iter_start = module_adjust_writable_addr(mod->jump_entries);
 	struct jump_entry *iter_stop = iter_start + mod->num_jump_entries;
 	struct jump_entry *iter;
 
-- 
2.20.1

Powered by blists - more mailing lists