| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241230185812429-0800.eberman@hu-eberman-lv.qualcomm.com>
Date: Mon, 30 Dec 2024 19:33:45 -0800
From: Elliot Berman <elliot.berman@....qualcomm.com>
To: Sebastian Andrzej Siewior <bigeasy@...utronix.de>
Cc: linux-modules@...r.kernel.org, linux-kernel@...r.kernel.org,
Daniel Gomez <da.gomez@...sung.com>,
Luis Chamberlain <mcgrof@...nel.org>,
"Paul E . McKenney" <paulmck@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Petr Pavlu <petr.pavlu@...e.com>,
Sami Tolvanen <samitolvanen@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>,
Elliot Berman <quic_eberman@...cinc.com>, Kees Cook <kees@...nel.org>,
Nathan Chancellor <nathan@...nel.org>,
Steven Rostedt <rostedt@...dmis.org>, llvm@...ts.linux.dev
Subject: Re: [PATCH v2 28/28] cfi: Use RCU while invoking __module_address().
On Fri, Dec 20, 2024 at 06:41:42PM +0100, Sebastian Andrzej Siewior wrote:
> __module_address() can be invoked within a RCU section, there is no
> requirement to have preemption disabled.
>
> I'm not sure if using rcu_read_lock() will introduce the regression that
> has been fixed in commit 14c4c8e41511a ("cfi: Use
> rcu_read_{un}lock_sched_notrace").
>
You can replace the rcu_read_lock_sched_notrace() with guard(rcu)().
Regular rcu lock doesn't generate function traces, so the recursive loop
isn't possible.
I've tested:
- the current kernel (no recursive loop)
- Revert back to rcu_read_lock_sched() (fails)
- Your series as-is (no recurisve loop)
- Replace with guard(rcu)() (no recursive loop)
Whether you'd like to stick with the current patch or replace with
guard(rcu)():
Tested-by: Elliot Berman <elliot.berman@....qualcomm.com> # sm8650-qrd
-
I don't know why I didn't mention steps to reproduce, even for my own
benefit. Lesson learned :)
Here are the steps to reproduce; you'll need a system with support for
CFI: qemu arm64 probably does the trick and you'll need clang>=16. I'm
happy to help test future revisions of this series since I have the
setup all done.
```
modprobe -a dummy_stm stm_ftrace stm_p_basic
mkdir -p /sys/kernel/config/stp-policy/dummy_stm.0.my-policy/default
echo function > /sys/kernel/tracing/current_tracer
echo 1 > /sys/kernel/tracing/tracing_on
echo dummy_stm.0 > /sys/class/stm_source/ftrace/stm_source_link
```
The trace buffer should not be full of stm calls due to the recursive
loop as mentioned in my original commit.
Regards,
Elliot Berman
> Cc: Elliot Berman <quic_eberman@...cinc.com>
> Cc: Kees Cook <kees@...nel.org>
> Cc: Nathan Chancellor <nathan@...nel.org>
> Cc: Sami Tolvanen <samitolvanen@...gle.com>
> Cc: Steven Rostedt <rostedt@...dmis.org>
> Cc: llvm@...ts.linux.dev
> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@...utronix.de>
> ---
> kernel/cfi.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/kernel/cfi.c b/kernel/cfi.c
> index 08caad7767176..c8f2b5a51b2e6 100644
> --- a/kernel/cfi.c
> +++ b/kernel/cfi.c
> @@ -71,6 +71,10 @@ static bool is_module_cfi_trap(unsigned long addr)
> struct module *mod;
> bool found = false;
>
> + /*
> + * XXX this could be RCU protected but would it introcude the regression
> + * fixed in 14c4c8e41511a ("cfi: Use rcu_read_{un}lock_sched_notrace")
> + */
> rcu_read_lock_sched_notrace();
>
> mod = __module_address(addr);
> --
> 2.45.2
>
Powered by blists - more mailing lists