From patchwork Thu Mar 30 07:44:02 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hoeun Ryu X-Patchwork-Id: 9653129 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4606D602BD for ; Thu, 30 Mar 2017 07:44:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 36E20277D9 for ; Thu, 30 Mar 2017 07:44:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2BB5B28579; Thu, 30 Mar 2017 07:44:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id A496F277D9 for ; Thu, 30 Mar 2017 07:44:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:To:References:Message-Id:Date: In-Reply-To:From:Subject:Mime-Version:Reply-To:Content-ID:Content-Description :Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=cX7KHw2Y2BY2iQ653eiWkFS8SzjdX+bTOJ0H6JKAGdU=; b=inf7gcc9BORGN1 ZB2qAtB4WFZXGLzgRuMTXH+7yJ2rIw9fjRxwncQnW6umLJkzC03En2+Tu/6MXbLFR4OMh2LFPrGop 6G2M36cdZofSyIWmFavlf0x66j/vU3fPFIY550hfPUvV75AeIJ5Wdn25EVVBUtiWNtyxGbzKq6gL2 AjqtZlJ0ZC+UJfKwIWdhZ5rGNLhPXSjymLSWpXnza1ZQK4mjCrK3zpBezkNWPI5/kVT1ltYztOU6/ mBkVKVwa2UsqlZYeba78e04WGBugx2+EJREgpH7F50Sg+z0dnNVcVlnmbSLbaenwBmC/4iddbbhHy T6bVslc7tjW50ypw4BVw==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1ctUky-0003xV-RZ; Thu, 30 Mar 2017 07:44:32 +0000 Received: from mail-pg0-x244.google.com ([2607:f8b0:400e:c05::244]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1ctUkv-0003ry-Hi for linux-arm-kernel@lists.infradead.org; Thu, 30 Mar 2017 07:44:31 +0000 Received: by mail-pg0-x244.google.com with SMTP id g2so8018819pge.2 for ; Thu, 30 Mar 2017 00:44:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=J9Tf6Q/2evjFdEOgvakKL8bx92Ka72yvPM/GrVJBBbk=; b=Oe6OU7h3iX1/rjKGLNxockcbUa2A0CEsDUf5gJjxxVUJyh7RGYgBe29oxWNsvGsh22 dxHjgDvK1CYmi4QKow0/GM5LDo1a3VpW+i6rt262udM0IokB1qP+QPYmAAiVDQJTFX0g KraOiZXYT/+VeI1x/UHDEm6+YJ6R2X23Hk8P7Z57cYEx0iGwVA2GkQskLF6F4COwWKiu +VPaumSv8+RiwUfjswZ6vlGYvZd86i8KGo6Q5sc9EVxauKqXkAoijF/Y4ce0+JjoInOt 6kVwshKeEj26bV8nR7b0D9LqrvoRQQ+joV/YtOSDZAE1q0NGQ0/ESgsNCUC38li6lDNW 0ZQw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=J9Tf6Q/2evjFdEOgvakKL8bx92Ka72yvPM/GrVJBBbk=; b=DoDpeVfVlYoPiC2qfobHEmbrxhHaoREesFtlcxeF32jYOEMpXpzhFvewBGTixhgVR7 p8vN9n+8sw5sOcEt7bS2lmX9lTHFB1+pINsjm05JXlTfEQglfnOP/WM4AIALuA1fOpEZ wkJhz/3nBz75+A+3szxUDe7l1Da/8/3FnkN9n8hA+S9nfk81jv3OA/57qcNbmfLf66jF c+mKAT6x3Y1GLc0vHWUoS5clSgQeVMEvfj6qhFFEzsP2kHCdQLAFylgv9BbWe3xuFqjL yMwXyziiKERj7fK0xbUFWEC7EXeQ6QrESWwRK9H87skLMrtWTbgI+A3PS6gfgZy5dUbj TG+Q== X-Gm-Message-State: AFeK/H3DMmkeULMs0cWa/3vv8tHsXsVMNlW1LQCeXya5PUDD9rPxxrXhrRt/BJHy1HLn0A== X-Received: by 10.98.103.75 with SMTP id b72mr4555104pfc.105.1490859847706; Thu, 30 Mar 2017 00:44:07 -0700 (PDT) Received: from [192.168.0.2] ([61.72.81.53]) by smtp.gmail.com with ESMTPSA id t5sm2428447pgb.58.2017.03.30.00.44.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 30 Mar 2017 00:44:07 -0700 (PDT) Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) Subject: Re: [RFC v2][PATCH 01/11] Introduce rare_write() infrastructure From: Ho-Eun Ryu In-Reply-To: Date: Thu, 30 Mar 2017 16:44:02 +0900 Message-Id: <466B31B4-0535-44EE-B0F0-F758A79A7B4F@gmail.com> References: <1490811363-93944-1-git-send-email-keescook@chromium.org> <1490811363-93944-2-git-send-email-keescook@chromium.org> To: Kees Cook X-Mailer: Apple Mail (2.3259) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170330_004429_624945_E868D988 X-CRM114-Status: GOOD ( 14.38 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , "kernel-hardening@lists.openwall.com" , "x86@kernel.org" , Russell King , LKML , Emese Revfy , Andy Lutomirski , PaX Team , "linux-arm-kernel@lists.infradead.org" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP > On 30 Mar 2017, at 3:23 AM, Kees Cook wrote: > > On Wed, Mar 29, 2017 at 11:15 AM, Kees Cook wrote: >> +/* >> + * Build "write rarely" infrastructure for flipping memory r/w >> + * on a per-CPU basis. >> + */ >> +#ifndef CONFIG_HAVE_ARCH_RARE_WRITE >> +# define __wr_rare >> +# define __wr_rare_type >> +# define __rare_write(__var, __val) (__var = (__val)) >> +# define rare_write_begin() do { } while (0) >> +# define rare_write_end() do { } while (0) >> +#else >> +# define __wr_rare __ro_after_init >> +# define __wr_rare_type const >> +# ifdef CONFIG_HAVE_ARCH_RARE_WRITE_MEMCPY >> +# define __rare_write_n(dst, src, len) ({ \ >> + BUILD_BUG(!builtin_const(len)); \ >> + __arch_rare_write_memcpy((dst), (src), (len)); \ >> + }) >> +# define __rare_write(var, val) __rare_write_n(&(var), &(val), sizeof(var)) >> +# else >> +# define __rare_write(var, val) ((*(typeof((typeof(var))0) *)&(var)) = (val)) >> +# endif >> +# define rare_write_begin() __arch_rare_write_begin() >> +# define rare_write_end() __arch_rare_write_end() >> +#endif >> +#define rare_write(__var, __val) ({ \ >> + rare_write_begin(); \ >> + __rare_write(__var, __val); \ >> + rare_write_end(); \ >> + __var; \ >> +}) >> + > > Of course, only after sending this do I realize that the MEMCPY case > will need to be further adjusted, since it currently can't take > literals. I guess something like this needs to be done: > > #define __rare_write(var, val) ({ \ > typeof(var) __src = (val); \ > __rare_write_n(&(var), &(__src), sizeof(var)); \ > }) > Right, and it has a problem with BUILD_BUG, which causes compilation error when CONFIG_HABE_ARCH_RARE_WRITE_MEMCPY is true BUILD_BUG is defined in but includes Please see the following. ) # endif > -Kees > > -- > Kees Cook > Pixel Security diff --git a/include/linux/compiler.h b/include/linux/compiler.h index 3334fa9..3fa50e1 100644 --- a/include/linux/compiler.h +++ b/include/linux/compiler.h @@ -350,11 +350,11 @@ static __always_inline void __write_once_size(volatile vo\ id *p, void *res, int s # define __wr_rare __ro_after_init # define __wr_rare_type const # ifdef CONFIG_HAVE_ARCH_RARE_WRITE_MEMCPY -# define __rare_write_n(dst, src, len) ({ \ - BUILD_BUG(!builtin_const(len)); \ - __arch_rare_write_memcpy((dst), (src), (len)); \ +# define __rare_write_n(var, val, len) ({ \ + typeof(val) __val = val; \ + __arch_rare_write_memcpy(&(var), &(__val), (len)); \ }) -# define __rare_write(var, val) __rare_write_n(&(var), &(val), sizeof(var)) +# define __rare_write(var, val) __rare_write_n((var), (val), sizeof(var)) # else # define __rare_write(var, val) ((*(typeof((typeof(var))0) *)&(var)) = (val)\