lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <36314eb6-e41d-30b9-9ac4-12b88a108b7b@ghiti.fr>
Date:   Tue, 3 Jan 2023 10:11:56 +0100
From:   Alexandre Ghiti <alex@...ti.fr>
To:     guoren@...nel.org, arnd@...db.de, palmer@...osinc.com,
        tglx@...utronix.de, peterz@...radead.org, luto@...nel.org,
        conor.dooley@...rochip.com, heiko@...ech.de, jszhang@...nel.org,
        lazyparser@...il.com, falcon@...ylab.org, chenhuacai@...nel.org,
        apatel@...tanamicro.com, atishp@...shpatra.org,
        mark.rutland@....com, ben@...adent.org.uk, bjorn@...nel.org
Cc:     linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-riscv@...ts.infradead.org,
        Guo Ren <guoren@...ux.alibaba.com>,
        Björn Töpel <bjorn@...osinc.com>
Subject: Re: [PATCH -next V12 3/7] riscv: entry: Add noinstr to prevent
 instrumentation inserted

Hi Guo,

On 1/3/23 04:35, guoren@...nel.org wrote:
> From: Guo Ren <guoren@...ux.alibaba.com>
>
> Without noinstr the compiler is free to insert instrumentation (think
> all the k*SAN, KCov, GCov, ftrace etc..) which can call code we're not
> yet ready to run this early in the entry path, for instance it could
> rely on RCU which isn't on yet, or expect lockdep state. (by peterz)
>
> Link: https://lore.kernel.org/linux-riscv/YxcQ6NoPf3AH0EXe@hirez.programming.kicks-ass.net/
> Reviewed-by: Björn Töpel <bjorn@...osinc.com>
> Suggested-by: Peter Zijlstra <peterz@...radead.org>
> Tested-by: Jisheng Zhang <jszhang@...nel.org>
> Signed-off-by: Guo Ren <guoren@...ux.alibaba.com>
> Signed-off-by: Guo Ren <guoren@...nel.org>
> ---
>   arch/riscv/kernel/traps.c | 4 ++--
>   arch/riscv/mm/fault.c     | 2 +-
>   2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/arch/riscv/kernel/traps.c b/arch/riscv/kernel/traps.c
> index 549bde5c970a..96ec76c54ff2 100644
> --- a/arch/riscv/kernel/traps.c
> +++ b/arch/riscv/kernel/traps.c
> @@ -95,9 +95,9 @@ static void do_trap_error(struct pt_regs *regs, int signo, int code,
>   }
>   
>   #if defined(CONFIG_XIP_KERNEL) && defined(CONFIG_RISCV_ALTERNATIVE)
> -#define __trap_section		__section(".xip.traps")
> +#define __trap_section __noinstr_section(".xip.traps")
>   #else
> -#define __trap_section
> +#define __trap_section noinstr
>   #endif
>   #define DO_ERROR_INFO(name, signo, code, str)				\
>   asmlinkage __visible __trap_section void name(struct pt_regs *regs)	\
> diff --git a/arch/riscv/mm/fault.c b/arch/riscv/mm/fault.c
> index d86f7cebd4a7..b26f68eac61c 100644
> --- a/arch/riscv/mm/fault.c
> +++ b/arch/riscv/mm/fault.c
> @@ -204,7 +204,7 @@ static inline bool access_error(unsigned long cause, struct vm_area_struct *vma)
>    * This routine handles page faults.  It determines the address and the
>    * problem, and then passes it off to one of the appropriate routines.
>    */
> -asmlinkage void do_page_fault(struct pt_regs *regs)
> +asmlinkage void noinstr do_page_fault(struct pt_regs *regs)


(I dug the archive but can't find the series before v4, so sorry if it 
was already answered)

I think we should not disable the instrumentation of those trap handlers 
as at least profiling them with ftrace would provide valuable 
information (and gcov would be nice too): why do we need to do that? A 
trap very early in the boot process is not recoverable anyway.

And I took a look at other architectures, none of them disables the 
instrumentation on do_page_fault.


>   {
>   	struct task_struct *tsk;
>   	struct vm_area_struct *vma;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ