lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Yqh/5nn0AhdwaCm8@iki.fi>
Date:   Tue, 14 Jun 2022 15:32:38 +0300
From:   "jarkko@...nel.org" <jarkko@...nel.org>
To:     "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
Cc:     "hch@....de" <hch@....de>,
        "christophe.leroy@...roup.eu" <christophe.leroy@...roup.eu>,
        "mcgrof@...nel.org" <mcgrof@...nel.org>,
        "svens@...ux.ibm.com" <svens@...ux.ibm.com>,
        "palmer@...belt.com" <palmer@...belt.com>,
        "jpoimboe@...nel.org" <jpoimboe@...nel.org>,
        "paulus@...ba.org" <paulus@...ba.org>,
        "zepan@...eed.com" <zepan@...eed.com>,
        "iii@...ux.ibm.com" <iii@...ux.ibm.com>,
        "deller@....de" <deller@....de>,
        "aou@...s.berkeley.edu" <aou@...s.berkeley.edu>,
        "joey.gouly@....com" <joey.gouly@....com>,
        "anemo@....ocn.ne.jp" <anemo@....ocn.ne.jp>,
        "egorenar@...ux.ibm.com" <egorenar@...ux.ibm.com>,
        "ast@...nel.org" <ast@...nel.org>,
        "ardb@...nel.org" <ardb@...nel.org>,
        "mpe@...erman.id.au" <mpe@...erman.id.au>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>,
        "npiggin@...il.com" <npiggin@...il.com>,
        "thomas.lendacky@....com" <thomas.lendacky@....com>,
        "bp@...en8.de" <bp@...en8.de>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "x86@...nel.org" <x86@...nel.org>,
        "luis.machado@...aro.org" <luis.machado@...aro.org>,
        "ebiederm@...ssion.com" <ebiederm@...ssion.com>,
        "mbenes@...e.cz" <mbenes@...e.cz>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "jniethe5@...il.com" <jniethe5@...il.com>,
        "mark.rutland@....com" <mark.rutland@....com>,
        "linux@...linux.org.uk" <linux@...linux.org.uk>,
        "paul.walmsley@...ive.com" <paul.walmsley@...ive.com>,
        "andreyknvl@...il.com" <andreyknvl@...il.com>,
        "dja@...ens.net" <dja@...ens.net>,
        "liaochang1@...wei.com" <liaochang1@...wei.com>,
        "linux-modules@...r.kernel.org" <linux-modules@...r.kernel.org>,
        "huschle@...ux.ibm.com" <huschle@...ux.ibm.com>,
        "will@...nel.org" <will@...nel.org>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "James.Bottomley@...senpartnership.com" 
        <James.Bottomley@...senpartnership.com>,
        "song@...nel.org" <song@...nel.org>,
        "guoren@...nel.org" <guoren@...nel.org>,
        "nathan@...nel.org" <nathan@...nel.org>,
        "dave.anglin@...l.net" <dave.anglin@...l.net>,
        "rostedt@...dmis.org" <rostedt@...dmis.org>,
        "atomlin@...hat.com" <atomlin@...hat.com>,
        "bristot@...hat.com" <bristot@...hat.com>,
        "naveen.n.rao@...ux.ibm.com" <naveen.n.rao@...ux.ibm.com>,
        "anup@...infault.org" <anup@...infault.org>,
        "javierm@...hat.com" <javierm@...hat.com>,
        "linux@...ck-us.net" <linux@...ck-us.net>,
        "linus.walleij@...aro.org" <linus.walleij@...aro.org>,
        "philipp.tomsich@...ll.eu" <philipp.tomsich@...ll.eu>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "ndesaulniers@...gle.com" <ndesaulniers@...gle.com>,
        "samitolvanen@...gle.com" <samitolvanen@...gle.com>,
        "yangtiezhu@...ngson.cn" <yangtiezhu@...ngson.cn>,
        "aneesh.kumar@...ux.ibm.com" <aneesh.kumar@...ux.ibm.com>,
        "geert@...ux-m68k.org" <geert@...ux-m68k.org>,
        "hpa@...or.com" <hpa@...or.com>,
        "heiko@...ech.de" <heiko@...ech.de>,
        "nathaniel@...fian.com" <nathaniel@...fian.com>,
        "michael.roth@....com" <michael.roth@....com>,
        "rmk+kernel@...linux.org.uk" <rmk+kernel@...linux.org.uk>,
        "Sakkinen, Jarkko" <jarkko@...fian.com>,
        "catalin.marinas@....com" <catalin.marinas@....com>,
        "borntraeger@...ux.ibm.com" <borntraeger@...ux.ibm.com>,
        "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
        "wangkefeng.wang@...wei.com" <wangkefeng.wang@...wei.com>,
        "tmricht@...ux.ibm.com" <tmricht@...ux.ibm.com>,
        "hca@...ux.ibm.com" <hca@...ux.ibm.com>,
        "linux-parisc@...r.kernel.org" <linux-parisc@...r.kernel.org>,
        "gor@...ux.ibm.com" <gor@...ux.ibm.com>,
        "atishp@...shpatra.org" <atishp@...shpatra.org>,
        "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>,
        "dmitry.torokhov@...il.com" <dmitry.torokhov@...il.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
        "sparclinux@...r.kernel.org" <sparclinux@...r.kernel.org>,
        "broonie@...nel.org" <broonie@...nel.org>,
        "tsbogend@...ha.franken.de" <tsbogend@...ha.franken.de>,
        "nico@...xnic.net" <nico@...xnic.net>,
        "masahiroy@...nel.org" <masahiroy@...nel.org>,
        "agordeev@...ux.ibm.com" <agordeev@...ux.ibm.com>,
        "kernel@...il.dk" <kernel@...il.dk>,
        "ashimida@...ux.alibaba.com" <ashimida@...ux.alibaba.com>,
        "elver@...gle.com" <elver@...gle.com>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "mhiramat@...nel.org" <mhiramat@...nel.org>,
        "Keshavamurthy, Anil S" <anil.s.keshavamurthy@...el.com>,
        "linux-riscv@...ts.infradead.org" <linux-riscv@...ts.infradead.org>,
        "chenzhongjin@...wei.com" <chenzhongjin@...wei.com>,
        "andrealmeid@...lia.com" <andrealmeid@...lia.com>,
        "changbin.du@...el.com" <changbin.du@...el.com>,
        "benh@...nel.crashing.org" <benh@...nel.crashing.org>,
        "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>
Subject: Re: [PATCH] kprobes: Enable tracing for mololithic kernel images

On Thu, Jun 09, 2022 at 06:41:36PM +0000, Edgecombe, Rick P wrote:
> On Thu, 2022-06-09 at 06:24 -0700, Luis Chamberlain wrote:
> > On Thu, Jun 09, 2022 at 05:48:52AM +0200, Christoph Hellwig wrote:
> > > On Wed, Jun 08, 2022 at 01:26:19PM -0700, Luis Chamberlain wrote:
> > > > No, that was removed because it has only one user.
> > > 
> > > That is only part of the story.  The other part is that the overall
> > > kernel simply does not have any business allocating exutable
> > > memory.
> > > Executable memory is a very special concept for modules or module-
> > > like
> > > code like kprobes, and should not be exposed as a general concept.
> > 
> > It is not just modules and kprobes, it is also ftrace and bpf too
> > now.
> > So while it should not be used everywhere calling it module_alloc()
> > is just confusing at this point. Likewise, module_alloc_huge() is
> > being proposed too and I'd rather we deal with this properly in
> > aligment
> > of taking care of the rename as well.
> > 
> > If the concern is to restrict access we can use the module namespace
> > stuff
> > so to ensure only intended users get access to it.
> 
> BPF even has multiple uses for text allocation. It has its own
> trampoline feature that puts different type of text in the allocation,
> with its own allocation routine. I looks like there are even more
> little allocators in there.
> 
> So yea, there seems to be a lot of the kernel in the business of
> dynamically generated text, for better or worse. I agree that it needs
> to be done carefully. However, these usages always seem to have the
> same problems (W^X, arch eccentricities, etc). So I don't think we
> should hide away the pieces. Instead we should have something with
> guard rails on it, so they can't get the allocation part wrong.
> 
> But I guess the question here is: what should we do in the meantime? It
> is kind of similar to the questions that came up around the bpf prog
> pack allocator. Should we hold up allocator related work until
> underlying problems are resolved and there is some mature core
> solution?
> 
> Personally I had thought we would need to do some clean switch to a
> much different interface. I still think someday it will be required,
> but it seems to be evolving naturally for the time being.
> 
> Like say for a next step we moved prog pack out of bpf into core code,
> gave it it's own copy of module_alloc(), and then made kprobes use it.
> Then we would have something with improved W^X guard rails, and kprobes
> would not depend on modules anymore. I think maybe it's a step in the
> right direction, even if it's not perfect.

So you're saying that I should (as a first step) basically clone
module_alloc() implementation for kprobes, and future for BPF 
use, in order to get a clean starting point?

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ