| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87wmtostli.ffs@tglx>
Date: Fri, 08 Dec 2023 14:37:45 +0100
From: Thomas Gleixner <tglx@...utronix.de>
To: Borislav Petkov <bp@...en8.de>
Cc: LKML <linux-kernel@...r.kernel.org>, paul.gortmaker@...driver.com,
x86@...nel.org, regressions@...mhuis.info,
richard.purdie@...uxfoundation.org, regressions@...ts.linux.dev
Subject: Re: [patch 2/2] x86/alternatives: Disable interrupts and sync when
optimizing NOPs in place
On Fri, Dec 08 2023 at 14:22, Borislav Petkov wrote:
> On Thu, Dec 07, 2023 at 08:49:26PM +0100, Thomas Gleixner wrote:
>> +static void __init_or_module noinline optimize_nops_inplace(u8 *instr, size_t len)
>> +{
>> + unsigned long flags;
>> +
>> + local_irq_save(flags);
>> + optimize_nops(instr, len);
>> + sync_core();
>> + local_irq_restore(flags);
>> +}
>> +
>> /*
>> * In this context, "source" is where the instructions are placed in the
>> * section .altinstr_replacement, for example during kernel build by the
>> @@ -438,7 +448,7 @@ void __init_or_module noinline apply_alt
>> * patch if feature is *NOT* present.
>> */
>> if (!boot_cpu_has(a->cpuid) == !(a->flags & ALT_FLAG_NOT)) {
>> - optimize_nops(instr, a->instrlen);
>> + optimize_nops_inplace(instr, a->instrlen);
>> continue;
>> }
>
> Arguably, the proper thing to do here would be to convert the NOP
> optimizing to the same 2-stage process as normal patching: write insns
> into a buffer and text_poke* it.
>
> VS what we currently do: operating straight on kernel memory.
Well, apply_alternatives() results in text_poke_early() which is nothing
else than a memcpy() with interrupts disabled :)
Powered by blists - more mailing lists