lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <CNDUR9ATG2H2.2VY6HU95S91C5@orcldev>
Date:   Wed, 05 Oct 2022 10:38:59 +0200
From:   "Julian Pidancet" <julian.pidancet@...cle.com>
To:     "Julian Pidancet" <julian.pidancet@...cle.com>,
        "Thomas Gleixner" <tglx@...utronix.de>,
        "Ingo Molnar" <mingo@...hat.com>, "Borislav Petkov" <bp@...en8.de>,
        "Dave Hansen" <dave.hansen@...ux.intel.com>
Cc:     <linux-kernel@...r.kernel.org>, <x86@...nel.org>
Subject: Re: [PATCH] x86/alternative: Consistently patch SMP locks in
 vmlinux and modules

Hi list,

Kind ping.

On Tue Aug 30, 2022 at 09:42, Julian Pidancet wrote:
> The alternatives_smp_module_add() function restricts patching of SMP
> lock prefixes to the text address range passed as an argument.
>
> For vmlinux, patching all the instructions located between the _text and
> _etext symbols is allowed. That includes the .text section but also
> other sections such as .text.hot and .text.unlikely.
>
> As per the comment inside the 'struct smp_alt_module' definition, the
> original purpose of this restriction is to avoid patching the init code
> which may have been deallocated when the alternatives code run.
>
> For modules, the current code only allows patching instructions located
> inside the .text segment, excluding other sections such as .text.hot or
> .text.unlikely, which may need patching.
>
> This change aims to make patching of the kernel core and modules more
> consistent, by allowing all text sections of modules except .init.text
> to be patched in module_finalize().
>
> For that we use mod->core_layout.base/mod->core_layout.text_size as the
> address range allowed to be patched, which include all the code sections
> except the init code.
>
> Signed-off-by: Julian Pidancet <julian.pidancet@...cle.com>
> ---
> Public tests: https://gist.github.com/jpidancet/1ee457623426f3e3902a28edaf2c80d0 
> Related thread: https://marc.info/?t=130864398400006
>
>  arch/x86/kernel/module.c | 15 +++++++--------
>  1 file changed, 7 insertions(+), 8 deletions(-)
>
> diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c
> index b1abf663417c..da22193eb5e0 100644
> --- a/arch/x86/kernel/module.c
> +++ b/arch/x86/kernel/module.c
> @@ -251,14 +251,12 @@ int module_finalize(const Elf_Ehdr *hdr,
>  		    const Elf_Shdr *sechdrs,
>  		    struct module *me)
>  {
> -	const Elf_Shdr *s, *text = NULL, *alt = NULL, *locks = NULL,
> -		*para = NULL, *orc = NULL, *orc_ip = NULL,
> -		*retpolines = NULL, *returns = NULL, *ibt_endbr = NULL;
> +	const Elf_Shdr *s, *alt = NULL, *locks = NULL, *para = NULL,
> +		*orc = NULL, *orc_ip = NULL, *retpolines = NULL,
> +		*returns = NULL, *ibt_endbr = NULL;
>  	char *secstrings = (void *)hdr + sechdrs[hdr->e_shstrndx].sh_offset;
>  
>  	for (s = sechdrs; s < sechdrs + hdr->e_shnum; s++) {
> -		if (!strcmp(".text", secstrings + s->sh_name))
> -			text = s;
>  		if (!strcmp(".altinstructions", secstrings + s->sh_name))
>  			alt = s;
>  		if (!strcmp(".smp_locks", secstrings + s->sh_name))
> @@ -302,12 +300,13 @@ int module_finalize(const Elf_Ehdr *hdr,
>  		void *iseg = (void *)ibt_endbr->sh_addr;
>  		apply_ibt_endbr(iseg, iseg + ibt_endbr->sh_size);
>  	}
> -	if (locks && text) {
> +	if (locks) {
>  		void *lseg = (void *)locks->sh_addr;
> -		void *tseg = (void *)text->sh_addr;
> +		void *text = me->core_layout.base;
> +		void *text_end = text + me->core_layout.text_size;
>  		alternatives_smp_module_add(me, me->name,
>  					    lseg, lseg + locks->sh_size,
> -					    tseg, tseg + text->sh_size);
> +					    text, text_end);
>  	}
>  
>  	if (orc && orc_ip)
> -- 
> 2.37.1

-- 
Julian


Download attachment "signature.asc" of type "application/pgp-signature" (266 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ