linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Steven Rostedt <rostedt@goodmis.org>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Jason Baron <jbaron@redhat.com>,
	Jeremy Fitzhardinge <jeremy@goop.org>,
	Richard Henderson <rth@redhat.com>,
	"David S. Miller" <davem@davemloft.net>,
	David Daney <david.daney@cavium.com>,
	Michael Ellerman <michael@ellerman.id.au>,
	Jan Glauber <jang@linux.vnet.ibm.com>,
	the arch/x86 maintainers <x86@kernel.org>,
	Xen Devel <xen-devel@lists.xensource.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>,
	peterz@infradead.org
Subject: Re: [PATCH][RFC] jump_labels/x86: Use either 5 byte or 2 byte jumps
Date: Fri, 07 Oct 2011 18:00:51 -0400	[thread overview]
Message-ID: <1318024853.4729.88.camel@gandalf.stny.rr.com> (raw)
In-Reply-To: <4E8F73A3.5080904@zytor.com>

On Fri, 2011-10-07 at 14:48 -0700, H. Peter Anvin wrote:
> On 10/07/2011 12:21 PM, Steven Rostedt wrote:
> >>
> >> same here, at least WARN, more likely BUG()
> >
> > I just don't like using BUG(). BUG() means that if we continue we will
> > corrupt the filesystem or make you go blind. WARN and returning here
> > should not cause any harm and will even let those with X terminals see
> > oops in /var/log/messages.
> >
> 
> Uh, NO.
> 
> If this is wrong something in the kernel code stream is corrupted (heck, 
> you might just have caught a rootkit!)
> 
> Die.  NOW.

Ouch, quite shaken by k.org? I guess I should have substituted go blind
with being hacked.


The thing is, it may be as simple as an out of tree module screwing up
the jump table. Or worse, gcc not doing things that we did not expect.
If this is the case, jump labels can be disabled from modifying code.

But if we just want to do the BUG() case, this will be a big hammer to
the code and we just prevent any further progress until the issue is
addressed. Which may be tell people to disable jump labels in their
code, or use a different compiler.

Currently ftrace takes the approach to WARN() and disable itself when it
finds an anomaly from what it expects to modify. The times this has
triggered has been either a problem with writing to the code, due to
securities preventing code modification, or the scan of the relocation
tables mistook a data point as code. The later I could foresee happening
with jump labels.

-- Steve



  reply	other threads:[~2011-10-07 22:00 UTC|newest]

Thread overview: 53+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-01 21:55 [PATCH RFC V2 0/5] jump-label: allow early jump_label_enable() Jeremy Fitzhardinge
2011-10-01 21:55 ` [PATCH RFC V2 1/5] jump_label: use proper atomic_t initializer Jeremy Fitzhardinge
2011-10-01 21:55 ` [PATCH RFC V2 2/5] stop_machine: make stop_machine safe and efficient to call early Jeremy Fitzhardinge
2011-10-02  0:36   ` Tejun Heo
2011-10-03 19:24   ` [Xen-devel] " Konrad Rzeszutek Wilk
2011-10-01 21:55 ` [PATCH RFC V2 3/5] jump_label: if a key has already been initialized, don't nop it out Jeremy Fitzhardinge
2011-10-03 15:02   ` Jason Baron
2011-10-03 15:47     ` Steven Rostedt
2011-10-03 16:27     ` Jeremy Fitzhardinge
2011-10-04 14:10       ` Jason Baron
2011-10-04 15:18         ` Jeremy Fitzhardinge
2011-10-04 16:30         ` H. Peter Anvin
2011-10-04 17:53           ` Jason Baron
2011-10-04 18:05             ` Steven Rostedt
2011-10-06  0:16           ` Jeremy Fitzhardinge
2011-10-06  0:17             ` H. Peter Anvin
2011-10-06  0:47               ` Jeremy Fitzhardinge
2011-10-06 17:53               ` Jeremy Fitzhardinge
2011-10-06 18:10                 ` Jason Baron
2011-10-06 18:13                   ` H. Peter Anvin
2011-10-06 21:39                     ` Jeremy Fitzhardinge
2011-10-06 22:08                       ` Steven Rostedt
2011-10-06 18:15                   ` Jeremy Fitzhardinge
2011-10-06 18:33                     ` Jason Baron
2011-10-06 18:35                       ` H. Peter Anvin
2011-10-06 18:43                         ` Jason Baron
2011-10-06 18:26                   ` Steven Rostedt
2011-10-06 18:29                     ` H. Peter Anvin
2011-10-06 18:38                       ` Jason Baron
2011-10-06 19:34                         ` Steven Rostedt
2011-10-06 20:33                           ` Jason Baron
2011-10-06 20:45                             ` Steven Rostedt
2011-10-06 18:50                     ` Richard Henderson
2011-10-06 19:28                       ` Steven Rostedt
2011-10-06 21:42                         ` Jeremy Fitzhardinge
2011-10-06 22:06                           ` Steven Rostedt
2011-10-06 22:10                             ` Jeremy Fitzhardinge
2011-10-06 22:20                               ` Steven Rostedt
2011-10-07 17:09                               ` [PATCH][RFC] jump_labels/x86: Use either 5 byte or 2 byte jumps Steven Rostedt
2011-10-07 18:52                                 ` Jason Baron
2011-10-07 19:21                                   ` Steven Rostedt
2011-10-07 21:48                                     ` H. Peter Anvin
2011-10-07 22:00                                       ` Steven Rostedt [this message]
2011-10-07 22:03                                         ` H. Peter Anvin
2011-10-07 19:33                                   ` Steven Rostedt
2011-10-07 19:40                                 ` Jeremy Fitzhardinge
2011-10-07 19:58                                   ` Steven Rostedt
2011-10-07 20:04                                   ` Peter Zijlstra
2011-10-10 15:36   ` [PATCH RFC V2 3/5] jump_label: if a key has already been initialized, don't nop it out Jason Baron
2011-10-10 19:58     ` Jeremy Fitzhardinge
2011-10-10 20:10       ` Jason Baron
2011-10-01 21:55 ` [PATCH RFC V2 4/5] x86/jump_label: drop arch_jump_label_text_poke_early() Jeremy Fitzhardinge
2011-10-01 21:55 ` [PATCH RFC V2 5/5] sparc/jump_label: " Jeremy Fitzhardinge

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1318024853.4729.88.camel@gandalf.stny.rr.com \
    --to=rostedt@goodmis.org \
    --cc=davem@davemloft.net \
    --cc=david.daney@cavium.com \
    --cc=hpa@zytor.com \
    --cc=jang@linux.vnet.ibm.com \
    --cc=jbaron@redhat.com \
    --cc=jeremy.fitzhardinge@citrix.com \
    --cc=jeremy@goop.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=michael@ellerman.id.au \
    --cc=peterz@infradead.org \
    --cc=rth@redhat.com \
    --cc=x86@kernel.org \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).