Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp9265294ybi; Wed, 10 Jul 2019 07:24:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqypuwYTz7WtfrZjgft+SwMe/tcaqaTKFUqFVAzep97RoRrb0bMYMiAm3P2K5+fkne747wR/ X-Received: by 2002:a17:902:e6:: with SMTP id a93mr39235929pla.175.1562768657121; Wed, 10 Jul 2019 07:24:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562768657; cv=none; d=google.com; s=arc-20160816; b=vvH9nrkzNKDU0j5lrcxvLctz8evve5kVyUavVuI3J8nyN9kb4lhKAjCamTYcUzyozR 55zbWzIeYqbWPE6BpntQ7NlAcXEp9Q37xpb51L83wUZiFf98BYwAb5D3cR7QPX1Mr4Ur uyE/MJ4Edlwd1NAz2W14lbYOSIxZEVp1aZIs77yZQMHE/x63RUhR4NXLwnO7+hOzo1jD I2WacMAFfgXGTWGm/3dvmqUPTA8zRqgekB9s0oHNC0uVIY526RQWVZi3n8zEhl7MFhMt z8MgDFiOpM4L6xfdc60ntEWYX5Ufuko9+XwexJbeCAWpdG1NaZDi4EmwmVFAWF3t7kGF Cxpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature; bh=lJ0DL8eCNeZ270WrMztVL4mm/KxVktOdCmRvAwRU6/E=; b=cNuETVRm9a9odNXpgIL3De/DSHM/kIn6CTtkXBLRwDhpwHv9ZRHgRkFq3YADYWhhqV HS6ff2plCII8rzGnor13IDBDZb9isMErsIuIHf8VKgaIL6YJq4Ka4VhZA4lrVaSokRF4 d5TajvIEi6jOVxjDlx0Om2ZcY95qGOVjD74qUi1oYiMVVRq6ZCcHDmAvkH75UVwAIvxt yzttafdLTh3888KKiteOjXeGxPJSajD/gQ2SMb2nOi/lfL8jws2W466V+W5sauyF/DrV iJ3qha1IsjpBYIpDpZqfChS9jAE3/It8VbKzg6ErnDzLn9R5zyfXQS+oqF/yVJsSUtwo CQ4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Cw086sGL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k14si2296354pjq.53.2019.07.10.07.24.00; Wed, 10 Jul 2019 07:24:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Cw086sGL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727587AbfGJOXB (ORCPT + 99 others); Wed, 10 Jul 2019 10:23:01 -0400 Received: from mail.kernel.org ([198.145.29.99]:44792 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726458AbfGJOXA (ORCPT ); Wed, 10 Jul 2019 10:23:00 -0400 Received: from pobox.suse.cz (prg-ext-pat.suse.com [213.151.95.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7F8EF20651; Wed, 10 Jul 2019 14:22:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1562768580; bh=zm9gaKNfM1jd2enG3JtUv2YXrFn3mAp2+8Rx9nYS4iw=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=Cw086sGLJLrxkNuX+uKPF1rI1tx+svUUnHmCE09VyMcCyQ1LE1RaIq6QIab2ENzII UEaW/UVEWgpCxwPNfQrfVXnFu9rvhAkR6SL+Ikb+8nbNSIikF7HLwQF2S8CVkbLdro tuYKX2HKMTbsJK+rmHz/XeFZL4BbrFPq9pWczRS8= Date: Wed, 10 Jul 2019 16:22:51 +0200 (CEST) From: Jiri Kosina To: Peter Zijlstra cc: Xi Ruoyao , Thomas Gleixner , Kees Cook , Linus Torvalds , Ingo Molnar , Linux List Kernel Mailing , Borislav Petkov , Len Brown , Andrew Morton , "Rafael J. Wysocki" , Tony Luck , Bob Moore , Erik Schmauss , Josh Poimboeuf , Daniel Bristot de Oliveira , Nadav Amit Subject: Re: [GIT PULL] x86/topology changes for v5.3 In-Reply-To: <20190710134433.GN3402@hirez.programming.kicks-ass.net> Message-ID: References: <201907091727.91CC6C72D8@keescook> <1ad2de95e694a29909801d022fe2d556df9a4bd5.camel@mengyan1223.wang> <768463eb26a2feb0fcc374fd7f9cc28b96976917.camel@mengyan1223.wang> <20190710134433.GN3402@hirez.programming.kicks-ass.net> User-Agent: Alpine 2.21 (LSU 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 10 Jul 2019, Peter Zijlstra wrote: > If we mark the key as RO after init, and then try and modify the key to > link module usage sites, things might go bang as described. > > Thanks! > > > diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c > index 27d7864e7252..5bf7a8354da2 100644 > --- a/arch/x86/kernel/cpu/common.c > +++ b/arch/x86/kernel/cpu/common.c > @@ -366,7 +366,7 @@ static __always_inline void setup_umip(struct cpuinfo_x86 *c) > cr4_clear_bits(X86_CR4_UMIP); > } > > -DEFINE_STATIC_KEY_FALSE_RO(cr_pinning); > +DEFINE_STATIC_KEY_FALSE(cr_pinning); Good catch, I guess that is going to fix it. At the same time though, it sort of destroys the original intent of Kees' patch, right? The exploits will just have to call static_key_disable() prior to calling native_write_cr4() again, and the protection is gone. -- Jiri Kosina SUSE Labs