| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 2 Oct 2023 12:40:56 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Hyeonggon Yoo <42.hyeyoo@...il.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
David Kaplan <David.Kaplan@....com>,
Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...nel.org>,
x86@...nel.org
Subject: Re: Linux 6.6-rc3 (DEBUG_VIRTUAL is unhappy on x86)
On Sun, Oct 01, 2023 at 11:17:21PM +0900, Hyeonggon Yoo wrote:
> OK, I looked into this a little bit, and it turns out that the problematic
> address here is from cleanup_trusted() in
> security/keys/trusted-keys/trusted_core.c.
> (and it's builtin due to CONFIG_TRUSTED_KEYS=y)
That code is insane.. wth would you want to use an explicit
static_call() in either __init or __exit ?!?
I think the reason we support init was because it was just really hard
to avoid throughout the abstraction layers etc.. But this seems to be
the only __exit user, and it is really quite daft.
> The function is marked as __exit, so it does not fall within the
> 'core kernel text address range,' which is between _stext and _etext
> (or between _sinittext and _einittext). and thus __text_poke() thinks that
> it's vmalloc/module area.
>
> I think __text_poke() should be taught that functions marked as __exit
> also belong to kernel code just like __init.
Should we not do something like:
#ifdef MODULE
#define __exit __section(".exit.text") __exitused __cold notrace
#else
#define __exit __section(".discard.exit.text")
#endif
It's not like that code should ever be ran or referenced when built-in.
Powered by blists - more mailing lists