From: "Christopher M. Riedl" <cmr@linux.ibm.com> To: "Christophe Leroy" <christophe.leroy@csgroup.eu>, <linuxppc-dev@lists.ozlabs.org> Cc: <keescook@chromium.org>, <peterz@infradead.org>, <x86@kernel.org>, <npiggin@gmail.com>, <linux-hardening@vger.kernel.org>, <tglx@linutronix.de>, <dja@axtens.net> Subject: Re: [PATCH v5 8/8] lkdtm/powerpc: Fix code patching hijack test Date: Wed, 11 Aug 2021 12:57:40 -0500 [thread overview] Message-ID: <CDGVM7T0W0T1.3E0IJ78ONUZ0R@oc8246131445.ibm.com> (raw) In-Reply-To: <7a6c97ed-815b-49fc-5568-ab4420f53122@csgroup.eu> On Thu Aug 5, 2021 at 4:18 AM CDT, Christophe Leroy wrote: > > > Le 13/07/2021 à 07:31, Christopher M. Riedl a écrit : > > Code patching on powerpc with a STRICT_KERNEL_RWX uses a userspace > > address in a temporary mm on Radix now. Use __put_user() to avoid write > > failures due to KUAP when attempting a "hijack" on the patching address. > > __put_user() also works with the non-userspace, vmalloc-based patching > > address on non-Radix MMUs. > > It is not really clean to use __put_user() on non user address, > allthought it works by change. > > I think it would be better to do something like > > if (is_kernel_addr(addr)) > copy_to_kernel_nofault(...); > else > copy_to_user_nofault(...); > Yes that looks much better. I'll pick this up and try it for the next spin. Thanks! > > > > > > Signed-off-by: Christopher M. Riedl <cmr@linux.ibm.com> > > --- > > drivers/misc/lkdtm/perms.c | 9 --------- > > 1 file changed, 9 deletions(-) > > > > diff --git a/drivers/misc/lkdtm/perms.c b/drivers/misc/lkdtm/perms.c > > index 41e87e5f9cc86..da6a34a0a49fb 100644 > > --- a/drivers/misc/lkdtm/perms.c > > +++ b/drivers/misc/lkdtm/perms.c > > @@ -262,16 +262,7 @@ static inline u32 lkdtm_read_patch_site(void) > > /* Returns True if the write succeeds */ > > static inline bool lkdtm_try_write(u32 data, u32 *addr) > > { > > -#ifdef CONFIG_PPC > > - __put_kernel_nofault(addr, &data, u32, err); > > - return true; > > - > > -err: > > - return false; > > -#endif > > -#ifdef CONFIG_X86_64 > > return !__put_user(data, addr); > > -#endif > > } > > > > static int lkdtm_patching_cpu(void *data) > >
WARNING: multiple messages have this Message-ID (diff)
From: "Christopher M. Riedl" <cmr@linux.ibm.com> To: "Christophe Leroy" <christophe.leroy@csgroup.eu>, <linuxppc-dev@lists.ozlabs.org> Cc: keescook@chromium.org, peterz@infradead.org, x86@kernel.org, npiggin@gmail.com, linux-hardening@vger.kernel.org, tglx@linutronix.de, dja@axtens.net Subject: Re: [PATCH v5 8/8] lkdtm/powerpc: Fix code patching hijack test Date: Wed, 11 Aug 2021 12:57:40 -0500 [thread overview] Message-ID: <CDGVM7T0W0T1.3E0IJ78ONUZ0R@oc8246131445.ibm.com> (raw) In-Reply-To: <7a6c97ed-815b-49fc-5568-ab4420f53122@csgroup.eu> On Thu Aug 5, 2021 at 4:18 AM CDT, Christophe Leroy wrote: > > > Le 13/07/2021 à 07:31, Christopher M. Riedl a écrit : > > Code patching on powerpc with a STRICT_KERNEL_RWX uses a userspace > > address in a temporary mm on Radix now. Use __put_user() to avoid write > > failures due to KUAP when attempting a "hijack" on the patching address. > > __put_user() also works with the non-userspace, vmalloc-based patching > > address on non-Radix MMUs. > > It is not really clean to use __put_user() on non user address, > allthought it works by change. > > I think it would be better to do something like > > if (is_kernel_addr(addr)) > copy_to_kernel_nofault(...); > else > copy_to_user_nofault(...); > Yes that looks much better. I'll pick this up and try it for the next spin. Thanks! > > > > > > Signed-off-by: Christopher M. Riedl <cmr@linux.ibm.com> > > --- > > drivers/misc/lkdtm/perms.c | 9 --------- > > 1 file changed, 9 deletions(-) > > > > diff --git a/drivers/misc/lkdtm/perms.c b/drivers/misc/lkdtm/perms.c > > index 41e87e5f9cc86..da6a34a0a49fb 100644 > > --- a/drivers/misc/lkdtm/perms.c > > +++ b/drivers/misc/lkdtm/perms.c > > @@ -262,16 +262,7 @@ static inline u32 lkdtm_read_patch_site(void) > > /* Returns True if the write succeeds */ > > static inline bool lkdtm_try_write(u32 data, u32 *addr) > > { > > -#ifdef CONFIG_PPC > > - __put_kernel_nofault(addr, &data, u32, err); > > - return true; > > - > > -err: > > - return false; > > -#endif > > -#ifdef CONFIG_X86_64 > > return !__put_user(data, addr); > > -#endif > > } > > > > static int lkdtm_patching_cpu(void *data) > >
next prev parent reply other threads:[~2021-08-11 17:58 UTC|newest] Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-07-13 5:31 [PATCH v5 0/8] Use per-CPU temporary mappings for patching on Radix MMU Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 1/8] powerpc: Add LKDTM accessor for patching addr Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 2/8] lkdtm/powerpc: Add test to hijack a patch mapping Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-08-05 9:13 ` Christophe Leroy 2021-08-11 17:57 ` Christopher M. Riedl 2021-08-11 17:57 ` Christopher M. Riedl 2021-08-11 18:07 ` Kees Cook 2021-08-11 18:07 ` Kees Cook 2021-07-13 5:31 ` [PATCH v5 3/8] x86_64: Add LKDTM accessor for patching addr Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 4/8] lkdtm/x86_64: Add test to hijack a patch mapping Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-08-05 9:09 ` Christophe Leroy 2021-08-11 17:53 ` Christopher M. Riedl 2021-08-11 17:53 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 5/8] powerpc/64s: Introduce temporary mm for Radix MMU Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-08-05 9:27 ` Christophe Leroy 2021-08-11 18:02 ` Christopher M. Riedl 2021-08-11 18:02 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 6/8] powerpc: Rework and improve STRICT_KERNEL_RWX patching Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-08-05 9:34 ` Christophe Leroy 2021-08-11 18:10 ` Christopher M. Riedl 2021-08-11 18:10 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 7/8] powerpc/64s: Initialize and use a temporary mm for patching on Radix Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-08-05 9:48 ` Christophe Leroy 2021-08-11 18:28 ` Christopher M. Riedl 2021-08-11 18:28 ` Christopher M. Riedl 2021-07-13 5:31 ` [PATCH v5 8/8] lkdtm/powerpc: Fix code patching hijack test Christopher M. Riedl 2021-07-13 5:31 ` Christopher M. Riedl 2021-08-05 9:18 ` Christophe Leroy 2021-08-11 17:57 ` Christopher M. Riedl [this message] 2021-08-11 17:57 ` Christopher M. Riedl 2021-08-05 9:03 ` [PATCH v5 0/8] Use per-CPU temporary mappings for patching on Radix MMU Christophe Leroy 2021-08-11 17:49 ` Christopher M. Riedl 2021-08-11 17:49 ` Christopher M. Riedl
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=CDGVM7T0W0T1.3E0IJ78ONUZ0R@oc8246131445.ibm.com \ --to=cmr@linux.ibm.com \ --cc=christophe.leroy@csgroup.eu \ --cc=dja@axtens.net \ --cc=keescook@chromium.org \ --cc=linux-hardening@vger.kernel.org \ --cc=linuxppc-dev@lists.ozlabs.org \ --cc=npiggin@gmail.com \ --cc=peterz@infradead.org \ --cc=tglx@linutronix.de \ --cc=x86@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.