LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH] x86 Fix test_poke for vmalloced pages
@ 2008-03-10 18:36 Mathieu Desnoyers
2008-03-11 9:09 ` Ingo Molnar
0 siblings, 1 reply; 4+ messages in thread
From: Mathieu Desnoyers @ 2008-03-10 18:36 UTC (permalink / raw)
To: Ingo Molnar, linux-kernel
The shadow vmap for DEBUG_RODATA kernel text modification uses virt_to_page to
get the pages from the pointer address.
However, I think vmalloc_to_page would be required in case the page is used for
modules.
Since only the core kernel text is marked read-only, use kernel_text_address()
to make sure we only shadow map the core kernel text, not modules.
It applies on top of the current x86 git tree.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
CC: Ingo Molnar <mingo@elte.hu>
---
arch/x86/kernel/alternative.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
Index: linux-2.6-x86/arch/x86/kernel/alternative.c
===================================================================
--- linux-2.6-x86.orig/arch/x86/kernel/alternative.c 2008-03-10 10:34:11.000000000 -0400
+++ linux-2.6-x86/arch/x86/kernel/alternative.c 2008-03-10 10:50:38.000000000 -0400
@@ -511,7 +511,7 @@
BUG_ON(len > sizeof(long));
BUG_ON((((long)addr + len - 1) & ~(sizeof(long) - 1))
- ((long)addr & ~(sizeof(long) - 1)));
- {
+ if (kernel_text_address((unsigned long)addr)) {
struct page *pages[2] = { virt_to_page(addr),
virt_to_page(addr + PAGE_SIZE) };
if (!pages[1])
@@ -522,6 +522,13 @@
memcpy(&vaddr[(unsigned long)addr & ~PAGE_MASK], opcode, len);
local_irq_restore(flags);
vunmap(vaddr);
+ } else {
+ /*
+ * modules are in vmalloc'ed memory, always writable.
+ */
+ local_irq_save(flags);
+ memcpy(addr, opcode, len);
+ local_irq_restore(flags);
}
sync_core();
/* Could also do a CLFLUSH here to speed up CPU recovery; but
--
Mathieu Desnoyers
Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal
OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] x86 Fix test_poke for vmalloced pages
2008-03-10 18:36 [PATCH] x86 Fix test_poke for vmalloced pages Mathieu Desnoyers
@ 2008-03-11 9:09 ` Ingo Molnar
2008-03-11 9:25 ` Mathieu Desnoyers
2008-03-12 15:54 ` Mathieu Desnoyers
0 siblings, 2 replies; 4+ messages in thread
From: Ingo Molnar @ 2008-03-11 9:09 UTC (permalink / raw)
To: Mathieu Desnoyers; +Cc: linux-kernel, Thomas Gleixner, Arjan van de Ven
* Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca> wrote:
> The shadow vmap for DEBUG_RODATA kernel text modification uses
> virt_to_page to get the pages from the pointer address.
>
> However, I think vmalloc_to_page would be required in case the page is
> used for modules.
>
> Since only the core kernel text is marked read-only, use
> kernel_text_address() to make sure we only shadow map the core kernel
> text, not modules.
actually, i think we should mark module text readonly too.
Ingo
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] x86 Fix test_poke for vmalloced pages
2008-03-11 9:09 ` Ingo Molnar
@ 2008-03-11 9:25 ` Mathieu Desnoyers
2008-03-12 15:54 ` Mathieu Desnoyers
1 sibling, 0 replies; 4+ messages in thread
From: Mathieu Desnoyers @ 2008-03-11 9:25 UTC (permalink / raw)
To: Ingo Molnar; +Cc: linux-kernel, Thomas Gleixner, Arjan van de Ven
* Ingo Molnar (mingo@elte.hu) wrote:
>
> * Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca> wrote:
>
> > The shadow vmap for DEBUG_RODATA kernel text modification uses
> > virt_to_page to get the pages from the pointer address.
> >
> > However, I think vmalloc_to_page would be required in case the page is
> > used for modules.
> >
> > Since only the core kernel text is marked read-only, use
> > kernel_text_address() to make sure we only shadow map the core kernel
> > text, not modules.
>
> actually, i think we should mark module text readonly too.
>
I agree, then we would have to use vmalloc_to_page. I guess it has not
been done before because there wasn't any mechanism such as text_poke
available.
Mathieu
> Ingo
--
Mathieu Desnoyers
Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal
OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] x86 Fix test_poke for vmalloced pages
2008-03-11 9:09 ` Ingo Molnar
2008-03-11 9:25 ` Mathieu Desnoyers
@ 2008-03-12 15:54 ` Mathieu Desnoyers
1 sibling, 0 replies; 4+ messages in thread
From: Mathieu Desnoyers @ 2008-03-12 15:54 UTC (permalink / raw)
To: Ingo Molnar; +Cc: linux-kernel, Thomas Gleixner, Arjan van de Ven, akpm
* Ingo Molnar (mingo@elte.hu) wrote:
>
> * Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca> wrote:
>
> > The shadow vmap for DEBUG_RODATA kernel text modification uses
> > virt_to_page to get the pages from the pointer address.
> >
> > However, I think vmalloc_to_page would be required in case the page is
> > used for modules.
> >
> > Since only the core kernel text is marked read-only, use
> > kernel_text_address() to make sure we only shadow map the core kernel
> > text, not modules.
>
> actually, i think we should mark module text readonly too.
>
Yes, but in the meantime, the x86 tree would need this patch to make
kprobes work correctly on modules.
I suspect that without this fix, with the enhanced hotplug and kprobes
patch, kprobes will use text_poke to insert breakpoints in modules
(vmalloced pages used), which will map the wrong pages and corrupt
random kernel locations instead of updating the correct page.
Work that would write protect the module pages should clearly be done,
but it can come in a later time. We have to make sure we interact
correctly with the page allocation debugging, as an example.
Here is the patch against x86.git 2.6.25-rc5 :
The shadow vmap for DEBUG_RODATA kernel text modification uses virt_to_page to
get the pages from the pointer address.
However, I think vmalloc_to_page would be required in case the page is used for
modules.
Since only the core kernel text is marked read-only, use kernel_text_address()
to make sure we only shadow map the core kernel text, not modules.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
CC: Ingo Molnar <mingo@elte.hu>
CC: akpm@linux-foundation.org
---
arch/x86/kernel/alternative.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
Index: linux-2.6-x86/arch/x86/kernel/alternative.c
===================================================================
--- linux-2.6-x86.orig/arch/x86/kernel/alternative.c 2008-03-10 10:34:11.000000000 -0400
+++ linux-2.6-x86/arch/x86/kernel/alternative.c 2008-03-10 10:50:38.000000000 -0400
@@ -511,7 +511,7 @@
BUG_ON(len > sizeof(long));
BUG_ON((((long)addr + len - 1) & ~(sizeof(long) - 1))
- ((long)addr & ~(sizeof(long) - 1)));
- {
+ if (kernel_text_address((unsigned long)addr)) {
struct page *pages[2] = { virt_to_page(addr),
virt_to_page(addr + PAGE_SIZE) };
if (!pages[1])
@@ -522,6 +522,13 @@
memcpy(&vaddr[(unsigned long)addr & ~PAGE_MASK], opcode, len);
local_irq_restore(flags);
vunmap(vaddr);
+ } else {
+ /*
+ * modules are in vmalloc'ed memory, always writable.
+ */
+ local_irq_save(flags);
+ memcpy(addr, opcode, len);
+ local_irq_restore(flags);
}
sync_core();
/* Could also do a CLFLUSH here to speed up CPU recovery; but
--
Mathieu Desnoyers
Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal
OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2008-03-12 15:54 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-03-10 18:36 [PATCH] x86 Fix test_poke for vmalloced pages Mathieu Desnoyers
2008-03-11 9:09 ` Ingo Molnar
2008-03-11 9:25 ` Mathieu Desnoyers
2008-03-12 15:54 ` Mathieu Desnoyers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).