From: nadav.amit@gmail.com
To: Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
Ingo Molnar <mingo@redhat.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org, hpa@zytor.com,
Thomas Gleixner <tglx@linutronix.de>,
Nadav Amit <nadav.amit@gmail.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
linux_dti@icloud.com, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org, akpm@linux-foundation.org,
kernel-hardening@lists.openwall.com, linux-mm@kvack.org,
will.deacon@arm.com, ard.biesheuvel@linaro.org,
kristen@linux.intel.com, deneen.t.dock@intel.com,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Nadav Amit <namit@vmware.com>,
Masami Hiramatsu <mhiramat@kernel.org>
Subject: [PATCH v6 22/24] x86/alternative: Comment about module removal races
Date: Fri, 26 Apr 2019 16:23:01 -0700 [thread overview]
Message-ID: <20190426232303.28381-23-nadav.amit@gmail.com> (raw)
In-Reply-To: <20190426232303.28381-1-nadav.amit@gmail.com>
From: Nadav Amit <namit@vmware.com>
Add a comment to clarify that users of text_poke() must ensure that
no races with module removal take place.
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Nadav Amit <namit@vmware.com>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
---
arch/x86/kernel/alternative.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c
index 18f959975ea0..7b9b49dfc05a 100644
--- a/arch/x86/kernel/alternative.c
+++ b/arch/x86/kernel/alternative.c
@@ -810,6 +810,11 @@ static void *__text_poke(void *addr, const void *opcode, size_t len)
* It means the size must be writable atomically and the address must be aligned
* in a way that permits an atomic write. It also makes sure we fit on a single
* page.
+ *
+ * Note that the caller must ensure that if the modified code is part of a
+ * module, the module would not be removed during poking. This can be achieved
+ * by registering a module notifier, and ordering module removal and patching
+ * trough a mutex.
*/
void *text_poke(void *addr, const void *opcode, size_t len)
{
--
2.17.1
next prev parent reply other threads:[~2019-04-27 6:43 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-26 23:22 [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns nadav.amit
2019-04-26 23:22 ` [PATCH v6 01/24] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()" nadav.amit
2019-04-26 23:22 ` [PATCH v6 02/24] x86/jump_label: Use text_poke_early() during early init nadav.amit
2019-04-26 23:22 ` [PATCH v6 03/24] x86/mm: Introduce temporary mm structs nadav.amit
2019-04-26 23:22 ` [PATCH v6 04/24] x86/mm: Save debug registers when loading a temporary mm nadav.amit
2019-04-26 23:22 ` [PATCH v6 05/24] uprobes: Initialize uprobes earlier nadav.amit
2019-04-30 11:17 ` [tip:x86/mm] " tip-bot for Nadav Amit
2019-04-26 23:22 ` [PATCH v6 06/24] fork: Provide a function for copying init_mm nadav.amit
2019-04-26 23:22 ` [PATCH v6 07/24] x86/alternative: Initialize temporary mm for patching nadav.amit
2019-04-30 11:19 ` [tip:x86/mm] x86/alternatives: " tip-bot for Nadav Amit
2019-04-26 23:22 ` [PATCH v6 08/24] x86/alternative: Use temporary mm for text poking nadav.amit
2019-04-26 23:22 ` [PATCH v6 09/24] x86/kgdb: Avoid redundant comparison of patched code nadav.amit
2019-04-26 23:22 ` [PATCH v6 10/24] x86/ftrace: Set trampoline pages as executable nadav.amit
2019-04-26 23:22 ` [PATCH v6 11/24] x86/kprobes: Set instruction page " nadav.amit
2019-04-26 23:22 ` [PATCH v6 12/24] x86/module: Avoid breaking W^X while loading modules nadav.amit
2019-04-26 23:22 ` [PATCH v6 13/24] x86/jump-label: Remove support for custom poker nadav.amit
2019-04-26 23:22 ` [PATCH v6 14/24] x86/alternative: Remove the return value of text_poke_*() nadav.amit
2019-04-26 23:22 ` [PATCH v6 15/24] x86/mm/cpa: Add set_direct_map_ functions nadav.amit
2019-04-26 23:22 ` [PATCH v6 16/24] mm: Make hibernate handle unmapped pages nadav.amit
2019-04-26 23:22 ` [PATCH v6 17/24] vmalloc: Add flag for free of special permsissions nadav.amit
2019-04-26 23:22 ` [PATCH v6 18/24] modules: Use vmalloc special flag nadav.amit
2019-04-26 23:22 ` [PATCH v6 19/24] bpf: " nadav.amit
2019-04-26 23:22 ` [PATCH v6 20/24] x86/ftrace: " nadav.amit
2019-04-26 23:23 ` [PATCH v6 21/24] x86/kprobes: " nadav.amit
2019-04-26 23:23 ` nadav.amit [this message]
2019-04-26 23:23 ` [PATCH v6 23/24] mm/tlb: Provide default nmi_uaccess_okay() nadav.amit
2019-04-26 23:23 ` [PATCH v6 24/24] bpf: Fail bpf_probe_write_user() while mm is switched nadav.amit
2019-04-27 10:22 ` [PATCH v6 00/24] x86: text_poke() fixes and executable lockdowns Ingo Molnar
2019-04-27 10:32 ` Peter Zijlstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190426232303.28381-23-nadav.amit@gmail.com \
--to=nadav.amit@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=deneen.t.dock@intel.com \
--cc=hpa@zytor.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=kristen@linux.intel.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux_dti@icloud.com \
--cc=luto@kernel.org \
--cc=mhiramat@kernel.org \
--cc=mingo@redhat.com \
--cc=namit@vmware.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.