lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 16 Dec 2020 12:55:25 +0100
From:   Jessica Yu <jeyu@...nel.org>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     Dexuan Cui <decui@...rosoft.com>, Ingo Molnar <mingo@...nel.org>,
        Daniel Bristot de Oliveira <bristot@...hat.com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Josh Poimboeuf <jpoimboe@...hat.com>
Subject: Re: static_branch_enable() does not work from a __init function?

+++ Peter Zijlstra [16/12/20 10:26 +0100]:
[snip]
>> PS, I originally found: in arch/x86/kvm/vmx/vmx.c: vmx_init(), it looks
>> like the line "static_branch_enable(&enable_evmcs);" does not take effect
>> in a v5.4-based kernel, but does take effect in the v5.10 kernel in the
>> same x86-64 virtual machine on Hyper-V, so I made the above test module
>> to test static_branch_enable(), and found that static_branch_enable() in
>> the test module does not work with both v5.10 and my v5.4 kernel, if the
>> __init marker is used.

Because the jump label code currently does not allow you to update if
the entry resides in an init section. By marking the module init
section __init you place it in the .init.text section.
jump_label_add_module() detects this (by calling within_module_init())
and marks the entry by calling jump_entry_set_init(). Then you have
the following sequence of calls (roughly):

static_branch_enable
  static_key_enable
    static_key_enable_cpuslocked
      jump_label_update
        jump_label_can_update
          jump_entry_is_init returns true, so bail out

Judging from the comment in jump_label_can_update(), this seems to be
intentional behavior:

static bool jump_label_can_update(struct jump_entry *entry, bool init)
{
        /*
         * Cannot update code that was in an init text area.
         */
        if (!init && jump_entry_is_init(entry))
                return false;

By removing the __init marker you're bypassing the
within_module_init() check and that's why it works.

Powered by blists - more mailing lists