lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251013143444.3999-35-david.kaplan@amd.com>
Date: Mon, 13 Oct 2025 09:34:22 -0500
From: David Kaplan <david.kaplan@....com>
To: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>,
	Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>,
	Pawan Gupta <pawan.kumar.gupta@...ux.intel.com>, Ingo Molnar
	<mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>,
	<x86@...nel.org>, "H . Peter Anvin" <hpa@...or.com>
CC: Alexander Graf <graf@...zon.com>, Boris Ostrovsky
	<boris.ostrovsky@...cle.com>, <linux-kernel@...r.kernel.org>
Subject: [RFC PATCH 34/56] x86/alternative: Save old bytes for alternatives

Save the existing instruction bytes at each alternative site when patching.
This is only done the first time, and these will be used later to help
restore the code back to its original form.

Signed-off-by: David Kaplan <david.kaplan@....com>
---
 arch/x86/include/asm/alternative.h |  5 ++++
 arch/x86/include/asm/module.h      |  3 +++
 arch/x86/kernel/alternative.c      | 37 +++++++++++++++++++++++++++++-
 3 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/alternative.h b/arch/x86/include/asm/alternative.h
index 73fd8ebdf8d9..3ee781d61927 100644
--- a/arch/x86/include/asm/alternative.h
+++ b/arch/x86/include/asm/alternative.h
@@ -97,6 +97,11 @@ extern int alternatives_patched;
 
 struct module;
 
+struct alt_site {
+	u8 *pbytes;
+	u8 len;
+};
+
 extern void alternative_instructions(void);
 extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end,
 		struct module *mod);
diff --git a/arch/x86/include/asm/module.h b/arch/x86/include/asm/module.h
index 3c2de4ce3b10..2bb602f99154 100644
--- a/arch/x86/include/asm/module.h
+++ b/arch/x86/include/asm/module.h
@@ -19,6 +19,9 @@ struct mod_arch_specific {
 	struct orc_entry *orc_unwind;
 #endif
 	struct its_array its_pages;
+#ifdef CONFIG_DYNAMIC_MITIGATIONS
+	struct alt_site *alt_sites;
+#endif
 };
 
 #endif /* _ASM_X86_MODULE_H */
diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
index a821ea37fc29..8037076e9301 100644
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -301,6 +301,8 @@ static inline void its_fini_core(void) {}
 static bool __maybe_unused repatch_in_progress;
 
 #ifdef CONFIG_DYNAMIC_MITIGATIONS
+static struct alt_site *alt_sites;
+
 /* Do not patch __init text addresses when repatching */
 static bool should_patch(void *addr, struct module *mod)
 {
@@ -642,6 +644,27 @@ void __init_or_module noinline apply_alternatives(struct alt_instr *start,
 	u8 insn_buff[MAX_PATCH_LEN];
 	u8 *instr, *replacement;
 	struct alt_instr *a, *b;
+	u32 idx = 0;
+	struct alt_site *save_site = NULL;
+
+#ifdef CONFIG_DYNAMIC_MITIGATIONS
+	u32 size = ((u64)end - (u64)start)/sizeof(struct alt_instr);
+
+	/* Main kernel text alternatives */
+	if (!mod && !alt_sites) {
+		alt_sites =  kcalloc(size, sizeof(struct alt_site), GFP_KERNEL);
+		if (WARN_ON(!alt_sites))
+			return;
+
+		save_site = alt_sites;
+	} else if (mod && !mod->arch.alt_sites) {
+		mod->arch.alt_sites =  kcalloc(size, sizeof(struct alt_site), GFP_KERNEL);
+		if (WARN_ON(!mod->arch.alt_sites))
+			return;
+
+		save_site = mod->arch.alt_sites;
+	}
+#endif
 
 	DPRINTK(ALT, "alt table %px, -> %px", start, end);
 
@@ -664,7 +687,7 @@ void __init_or_module noinline apply_alternatives(struct alt_instr *start,
 	 * So be careful if you want to change the scan order to any other
 	 * order.
 	 */
-	for (a = start; a < end; a++) {
+	for (a = start; a < end; a++, idx++) {
 		int insn_buff_sz = 0;
 
 		/*
@@ -687,6 +710,18 @@ void __init_or_module noinline apply_alternatives(struct alt_instr *start,
 		BUG_ON(a->instrlen > sizeof(insn_buff));
 		BUG_ON(a->cpuid >= (NCAPINTS + NBUGINTS) * 32);
 
+		if (IS_ENABLED(CONFIG_DYNAMIC_MITIGATIONS) && save_site) {
+			/* Only save the original bytes for each location */
+			if (a == start || (instr_va(a) != instr_va(a-1))) {
+				save_site[idx].len = a->instrlen;
+				save_site[idx].pbytes = kmalloc(a->instrlen, GFP_KERNEL);
+				if (WARN_ON(!save_site[idx].pbytes))
+					return;
+
+				memcpy(save_site[idx].pbytes, instr, a->instrlen);
+			}
+		}
+
 		/*
 		 * Patch if either:
 		 * - feature is present
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ