| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jul 2023 10:23:56 -0700 From: "Andy Lutomirski" <luto@...nel.org> To: "Song Liu" <song@...nel.org>, "Mark Rutland" <mark.rutland@....com> Cc: "Mike Rapoport" <rppt@...nel.org>, "Kees Cook" <keescook@...omium.org>, "Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>, "Andrew Morton" <akpm@...ux-foundation.org>, "Catalin Marinas" <catalin.marinas@....com>, "Christophe Leroy" <christophe.leroy@...roup.eu>, "David S. Miller" <davem@...emloft.net>, "Dinh Nguyen" <dinguyen@...nel.org>, "Heiko Carstens" <hca@...ux.ibm.com>, "Helge Deller" <deller@....de>, "Huacai Chen" <chenhuacai@...nel.org>, "Kent Overstreet" <kent.overstreet@...ux.dev>, "Luis Chamberlain" <mcgrof@...nel.org>, "Michael Ellerman" <mpe@...erman.id.au>, "Nadav Amit" <nadav.amit@...il.com>, "Naveen N. Rao" <naveen.n.rao@...ux.ibm.com>, "Palmer Dabbelt" <palmer@...belt.com>, "Puranjay Mohan" <puranjay12@...il.com>, "Rick P Edgecombe" <rick.p.edgecombe@...el.com>, "Russell King (Oracle)" <linux@...linux.org.uk>, "Steven Rostedt" <rostedt@...dmis.org>, "Thomas Bogendoerfer" <tsbogend@...ha.franken.de>, "Thomas Gleixner" <tglx@...utronix.de>, "Will Deacon" <will@...nel.org>, bpf@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, linux-mips@...r.kernel.org, linux-mm@...ck.org, linux-modules@...r.kernel.org, linux-parisc@...r.kernel.org, linux-riscv@...ts.infradead.org, linux-s390@...r.kernel.org, linux-trace-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, loongarch@...ts.linux.dev, netdev@...r.kernel.org, sparclinux@...r.kernel.org, "the arch/x86 maintainers" <x86@...nel.org> Subject: Re: [PATCH v2 02/12] mm: introduce execmem_text_alloc() and jit_text_alloc() On Mon, Jun 26, 2023, at 10:48 AM, Song Liu wrote: > On Mon, Jun 26, 2023 at 5:31 AM Mark Rutland <mark.rutland@....com> wrote: >> > [...] >> > >> > So the idea was that jit_text_alloc() will have a cache of large pages >> > mapped ROX, will allocate memory from those caches and there will be >> > jit_update() that uses text poking for writing to that memory. >> > >> > Upon allocation of a large page to increase the cache, that large page will >> > be "invalidated" by filling it with breakpoint instructions (e.g int3 on >> > x86) >> >> Does that work on x86? >> >> That is in no way gauranteed for other architectures; on arm64 you need >> explicit cache maintenance (with I-cache maintenance at the VA to be executed >> from) followed by context-synchronization-events (e.g. via ISB instructions, or >> IPIs). > > I guess we need: > 1) Invalidate unused part of the huge ROX pages; > 2) Do not put two jit users (including module text, bpf, etc.) in the > same cache line; > 3) Explicit cache maintenance; > 4) context-synchronization-events. > > Would these (or a subset of them) be sufficient to protect us from torn read? Maybe? #4 is sufficiently vague that I can't really interpret it. I have a half-drafted email asking for official clarification on the rules that might help shed light on this. I find that this type of request works best when it's really well written :) > > Thanks, > Song
Powered by blists - more mailing lists