lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 22 Jun 2023 10:36:45 +0100
From:   Mark Rutland <mark.rutland@....com>
To:     Puranjay Mohan <puranjay12@...il.com>
Cc:     ast@...nel.org, daniel@...earbox.net, andrii@...nel.org,
        martin.lau@...ux.dev, song@...nel.org, catalin.marinas@....com,
        bpf@...r.kernel.org, kpsingh@...nel.org,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next v3 3/3] bpf, arm64: use bpf_jit_binary_pack_alloc

On Thu, Jun 22, 2023 at 10:47:08AM +0200, Puranjay Mohan wrote:
> On Thu, Jun 22, 2023 at 10:23 AM Mark Rutland <mark.rutland@....com> wrote:
> > On Wed, Jun 21, 2023 at 10:57:20PM +0200, Puranjay Mohan wrote:

> > > When I move the call to bpf_flush_icache() after
> > > bpf_jit_binary_pack_finalize() (this does the copy to ro_header), the
> > > boot issue is fixed. Would this change be enough to make this work or I
> > > would need to do more with the data cache as well to catch other edge
> > > cases?
> >
> > AFAICT, bpf_flush_icache() calls flush_icache_range(). Despite its name,
> > flush_icache_range() has d-cache maintenance, i-cache maintenance, and context
> > synchronization (i.e. it does everything necessary).
> >
> > As long as you call that with the VAs the code will be executed from, that
> > should be sufficient, and you don't need to do any other work.
> 
> Thanks for explaining this.
> After reading your explanation, I feel this should work.
> 
> bpf_jit_binary_pack_finalize() will copy the instructions from
> rw_header to ro_header.
> After the copy, calling bpf_flush_icache(ro_header, ctx.ro_image +
> ctx.idx); will invalidate the caches
> for the VAs in the ro_header, this is where the code will be executed from.
> 
> I will send the v4 patchset with this change.

Sure -- I'll be happy to review that.

Mark.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ