From: "H. Peter Anvin" <hpa@zytor.com>
To: Nadav Amit <namit@vmware.com>
Cc: Andy Lutomirski <luto@kernel.org>, Ingo Molnar <mingo@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>,
LSM List <linux-security-module@vger.kernel.org>,
Kees Cook <keescook@chromium.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [PATCH 01/17] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()"
Date: Thu, 17 Jan 2019 15:19:46 -0800 [thread overview]
Message-ID: <937f59ca-1d82-f5d9-4734-89680f23a661@zytor.com> (raw)
In-Reply-To: <F84CA28B-8BAA-468E-BA85-442E245871E5@zytor.com>
>
> I think we have three subcases:
>
> 1. Early, UP, or under stop_machine();
> 2. Atomic and aligned;
> 3. Breakpoint.
>
> My proposed algorithm should remove the need for a fixup which should help this interface, too.
>
> The specific alignment needed for #2 is started by the hardware people to be not crossing 16 bytes (NOT a cache line) on any CPU we support SMP on and, of course, being possible to do atomically do on the specific CPU (note that we *can* do a redundantly large store of existing bytes, which adds flexibility.)
>
> To the best of my knowledge any CPU supporting SSE can do an atomic (for our purposes) aligned 16-byte store via MOVAPS; of course any CPU with cx16 can do it without SSE registers. For older CPUs we may be limited to 8-byte stores (cx8) or even 4-byte stores before we need to use the breakpoint algorithm.
>
Sending to a restricted list, because I don't actually know how publicly
known this is, but it is known there are operating systems in the field
already which rely on the 16-byte atomicity guarantee.
-hpa
next prev parent reply other threads:[~2019-01-17 23:20 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-17 0:32 [PATCH 00/17] Merge text_poke fixes and executable lockdowns Rick Edgecombe
2019-01-17 0:32 ` [PATCH 01/17] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()" Rick Edgecombe
2019-01-17 6:47 ` Masami Hiramatsu
2019-01-17 21:15 ` hpa
2019-01-17 22:39 ` Nadav Amit
2019-01-17 22:59 ` hpa
2019-01-17 23:14 ` Nadav Amit
2019-01-17 23:19 ` H. Peter Anvin [this message]
2019-01-18 2:40 ` Nadav Amit
2019-01-25 9:30 ` Borislav Petkov
2019-01-25 18:28 ` Nadav Amit
2019-01-17 0:32 ` [PATCH 02/17] x86/jump_label: Use text_poke_early() during early init Rick Edgecombe
2019-01-17 0:32 ` [PATCH 03/17] x86/mm: temporary mm struct Rick Edgecombe
2019-01-17 0:32 ` [PATCH 04/17] fork: provide a function for copying init_mm Rick Edgecombe
2019-01-17 0:32 ` [PATCH 05/17] x86/alternative: initializing temporary mm for patching Rick Edgecombe
2019-01-17 0:32 ` [PATCH 06/17] x86/alternative: use temporary mm for text poking Rick Edgecombe
2019-01-17 20:27 ` Andy Lutomirski
2019-01-17 20:27 ` Andy Lutomirski
2019-01-17 20:47 ` Andy Lutomirski
2019-01-17 20:47 ` Andy Lutomirski
2019-01-17 21:43 ` Nadav Amit
2019-01-17 22:29 ` Nadav Amit
2019-01-17 22:31 ` hpa
2019-01-17 0:32 ` [PATCH 07/17] x86/kgdb: avoid redundant comparison of patched code Rick Edgecombe
2019-01-17 0:32 ` [PATCH 08/17] x86/ftrace: set trampoline pages as executable Rick Edgecombe
2019-02-06 16:22 ` Steven Rostedt
2019-02-06 17:33 ` Nadav Amit
2019-02-06 17:41 ` Steven Rostedt
2019-01-17 0:32 ` [PATCH 09/17] x86/kprobes: Instruction pages initialization enhancements Rick Edgecombe
2019-01-17 6:51 ` Masami Hiramatsu
2019-01-17 0:32 ` [PATCH 10/17] x86: avoid W^X being broken during modules loading Rick Edgecombe
2019-01-17 0:32 ` [PATCH 11/17] x86/jump-label: remove support for custom poker Rick Edgecombe
2019-01-17 0:32 ` [PATCH 12/17] x86/alternative: Remove the return value of text_poke_*() Rick Edgecombe
2019-01-17 0:32 ` [PATCH 13/17] Add set_alias_ function and x86 implementation Rick Edgecombe
2019-01-17 0:32 ` [PATCH 14/17] mm: Make hibernate handle unmapped pages Rick Edgecombe
2019-01-17 9:39 ` Pavel Machek
2019-01-17 22:16 ` Edgecombe, Rick P
2019-01-17 22:16 ` Edgecombe, Rick P
2019-01-17 23:41 ` Pavel Machek
2019-01-17 23:41 ` Pavel Machek
2019-01-17 23:48 ` Edgecombe, Rick P
2019-01-17 23:48 ` Edgecombe, Rick P
2019-01-18 8:16 ` Pavel Machek
2019-01-18 8:16 ` Pavel Machek
2019-01-17 0:32 ` [PATCH 15/17] vmalloc: New flags for safe vfree on special perms Rick Edgecombe
2019-01-17 0:32 ` [PATCH 16/17] Plug in new special vfree flag Rick Edgecombe
2019-02-06 16:23 ` Steven Rostedt
2019-02-07 17:33 ` Edgecombe, Rick P
2019-02-07 17:33 ` Edgecombe, Rick P
2019-02-07 17:49 ` Steven Rostedt
2019-02-07 17:49 ` Steven Rostedt
2019-02-07 18:20 ` Edgecombe, Rick P
2019-02-07 18:20 ` Edgecombe, Rick P
2019-01-17 0:32 ` [PATCH 17/17] module: Prevent module removal racing with text_poke() Rick Edgecombe
2019-01-17 7:54 ` Masami Hiramatsu
2019-01-17 18:07 ` Nadav Amit
2019-01-17 23:44 ` H. Peter Anvin
2019-01-18 8:23 ` Masami Hiramatsu
2019-01-17 23:58 ` H. Peter Anvin
2019-01-18 1:15 ` Nadav Amit
2019-01-18 13:32 ` Masami Hiramatsu
2019-01-17 13:21 ` [PATCH 00/17] Merge text_poke fixes and executable lockdowns Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=937f59ca-1d82-f5d9-4734-89680f23a661@zytor.com \
--to=hpa@zytor.com \
--cc=bp@alien8.de \
--cc=keescook@chromium.org \
--cc=linux-security-module@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=namit@vmware.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.