lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231002104056.GA13957@noisy.programming.kicks-ass.net>
Date:   Mon, 2 Oct 2023 12:40:56 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Hyeonggon Yoo <42.hyeyoo@...il.com>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        David Kaplan <David.Kaplan@....com>,
        Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...nel.org>,
        x86@...nel.org
Subject: Re: Linux 6.6-rc3 (DEBUG_VIRTUAL is unhappy on x86)

On Sun, Oct 01, 2023 at 11:17:21PM +0900, Hyeonggon Yoo wrote:

> OK, I looked into this a little bit, and it turns out that the problematic
> address here is from cleanup_trusted() in
> security/keys/trusted-keys/trusted_core.c.
> (and it's builtin due to CONFIG_TRUSTED_KEYS=y)

That code is insane.. wth would you want to use an explicit
static_call() in either __init or __exit ?!?

I think the reason we support init was because it was just really hard
to avoid throughout the abstraction layers etc.. But this seems to be
the only __exit user, and it is really quite daft.

> The function is marked as __exit, so it does not fall within the
> 'core kernel text address range,' which is between _stext and _etext
> (or between _sinittext and _einittext). and thus __text_poke() thinks that
> it's vmalloc/module area.
> 
> I think __text_poke() should be taught that functions marked as __exit
> also belong to kernel code just like __init.

Should we not do something like:

#ifdef MODULE
#define __exit __section(".exit.text") __exitused __cold notrace
#else
#define __exit __section(".discard.exit.text")
#endif

It's not like that code should ever be ran or referenced when built-in.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ