lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 2 Dec 2019 09:30:06 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Eric Dumazet <eric.dumazet@...il.com>
Cc:     Daniel Borkmann <daniel@...earbox.net>,
        alexei.starovoitov@...il.com, netdev@...r.kernel.org,
        bpf@...r.kernel.org, "H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH bpf] bpf: avoid setting bpf insns pages read-only when
 prog is jited

On Sun, Dec 01, 2019 at 06:49:32PM -0800, Eric Dumazet wrote:

> Thanks for the link !
> 
> Having RO protection as a debug feature would be useful.
> 
> I believe we have CONFIG_STRICT_MODULE_RWX (and CONFIG_STRICT_KERNEL_RWX) for that already.
> 
> Or are we saying we also want to get rid of them ?

No, in fact I'm working on making that stronger. We currently still have
a few cases that violate the W^X rule.

The thing is, when the BPF stuff is JIT'ed, the actual BPF instruction
page is not actually executed at all, so making it RO serves no purpose,
other than to fragment the direct map.

All actual code lives in the 2G range that x86_64 can directly branch
to, but this BPF instruction stuff lives in the general data heap and
can thus cause much more fragmentation of the direct map.

Powered by blists - more mailing lists