Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAKv+Gu9c=EaHg-hiu48ABQf01yVAK-APjP4skG7KVZD_3K4LZg@mail.gmail.com>
Date: Mon, 4 Sep 2017 20:09:27 +0100
From: Ard Biesheuvel <ard.biesheuvel@...aro.org>
To: Nicolas Pitre <nicolas.pitre@...aro.org>
Cc: "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, 
	Kernel Hardening <kernel-hardening@...ts.openwall.com>, Arnd Bergmann <arnd@...db.de>, 
	Russell King <linux@...linux.org.uk>, Kees Cook <keescook@...omium.org>, 
	Thomas Garnier <thgarnie@...gle.com>, Marc Zyngier <marc.zyngier@....com>, 
	Mark Rutland <mark.rutland@....com>, Tony Lindgren <tony@...mide.com>, 
	Matt Fleming <matt@...eblueprint.co.uk>, Dave Martin <dave.martin@....com>
Subject: Re: [PATCH v2 17/29] ARM: kernel: use relative phys-to-virt patch tables

On 4 September 2017 at 19:03, Nicolas Pitre <nicolas.pitre@...aro.org> wrote:
> On Sun, 3 Sep 2017, Ard Biesheuvel wrote:
>
>> Replace the contents of the __pv_table entries with relative references
>> so that we don't have to relocate them at runtime when running the KASLR
>> kernel. This ensures these quantities are invariant under runtime
>> relocation, which makes any cache maintenance after runtime relocation
>> unnecessary.
>>
>> Cc: Russell King <linux@...linux.org.uk>
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@...aro.org>
>> ---
>>  arch/arm/include/asm/memory.h |  6 +++---
>>  arch/arm/kernel/head.S        | 21 ++++++++++----------
>>  2 files changed, 13 insertions(+), 14 deletions(-)
>>
>> diff --git a/arch/arm/include/asm/memory.h b/arch/arm/include/asm/memory.h
>> index 1f54e4e98c1e..47a984e3a244 100644
>> --- a/arch/arm/include/asm/memory.h
>> +++ b/arch/arm/include/asm/memory.h
>> @@ -195,7 +195,7 @@ extern const void *__pv_table_begin, *__pv_table_end;
>>       __asm__("@ __pv_stub\n"                         \
>>       "1:     " instr "       %0, %1, %2\n"           \
>>       "       .pushsection .pv_table,\"a\"\n"         \
>> -     "       .long   1b\n"                           \
>> +     "       .long   1b - .\n"                       \
>>       "       .popsection\n"                          \
>
> [...]
>
>> --- a/arch/arm/kernel/head.S
>> +++ b/arch/arm/kernel/head.S
>> @@ -612,22 +611,22 @@ __fixup_a_pv_table:
>>       orr     r6, r6, r7, lsl #12
>>       orr     r6, #0x4000
>>       b       2f
>> -1:   add     r7, r3
>> -     ldrh    ip, [r7, #2]
>> +1:   add     r7, r4
>> +     ldrh    ip, [r7, #-2]
>
> Please use "ldrh ip, [r7, #(-4 + 2)]" so the -4 offset is clearly
> spelled out. The #-2 gave me a pause of confusion.
>
>>  ARM_BE8(rev16        ip, ip)
>>       tst     ip, #0x4000
>>       and     ip, #0x8f00
>>       orrne   ip, r6  @ mask in offset bits 31-24
>>       orreq   ip, r0  @ mask in offset bits 7-0
>>  ARM_BE8(rev16        ip, ip)
>> -     strh    ip, [r7, #2]
>> +     strh    ip, [r7, #-2]
>
> Ditto here.
>
>>       bne     2f
>> -     ldrh    ip, [r7]
>> +     ldrh    ip, [r7, #-4]
>
> And to be clear, here I'd use "#(-4 + 0)" to be explicit.
>
>>  ARM_BE8(rev16        ip, ip)
>>       bic     ip, #0x20
>>       orr     ip, ip, r0, lsr #16
>>  ARM_BE8(rev16        ip, ip)
>> -     strh    ip, [r7]
>> +     strh    ip, [r7, #-4]
>
> And so here.
>

OK

>
> With that:
>
> Reviewed-by: Nicolas Pitre <nico@...aro.org>

Thanks.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.