Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp3996875ybg; Fri, 25 Oct 2019 11:52:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqzDljLYOqDBI6JHPMUf1tUnRz3kZ1DzzOPdMc/01eaUZWH2HmQlD1eNmoe3vp7vg+P4+dGU X-Received: by 2002:aa7:db88:: with SMTP id u8mr5745180edt.278.1572029521105; Fri, 25 Oct 2019 11:52:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1572029521; cv=none; d=google.com; s=arc-20160816; b=kuCTQpwWahWC6Y7f1RT50UBD9hm9Q32me6Sv1SA+e8caFzW3O4m98gD+qS988OYGDe Xm7LT7wr+pDROiXEdci1eVx4go5j9S32f6WiMv8G0VRO17LW8VF7CnXwt3nd80AqCj9o aA+/I9OTvenoS/CVsxgCwAH9w3nOUtgqJyyYMA4BIHBumJwYrxDlzCrw6onUuutdYMAT Qu+PNlu0QLnB+MZCzTXo/9v6PtexRn0CGljPtvme0aOy10MRQtR5JMGkYUzw8d6auoql MKxk9HEfijR3rl9/CBcl7zU4R9FpQ+8cV+8z9uLs8lH4zpcUJ+umE5QG+GYFuGP7CuCV ZhnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:user-agent:in-reply-to:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=H2aBhb6mYxSEN3F5sFE2bFJJzAJjFs83lANYjYhjQS8=; b=sF7aj0r5JB+JCL8ch4E0wmKkH1HwNVrIka5v/sdQD0RDFpLEj52idPBvtWbKbxJTw0 GykxPsfcMASYJv+3JsTz69wCzPNQt080MMgNJIMoiqWiV+0lJ+3SX8LcSd5PKRc6tGu4 AvibZgWYPkA5EXhM8q+4JfIH5M+ECyb73soOZxnTCasU8PMwqRT5BwKORRQHwxdIa3iv EtC74ousH7cdbfJanMjNhhkhab6+DCEhLFxLmW3uVVUGxtwdaR7tTV+a3LiEi4iSYmHn 6rrrtku0maFxg3XJ9F3R5CAOW+bsV4aA4CZQORISsnzbXgiRnd0uj9nv8RS/mVULiVX+ Qpgg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GnUNTrFX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 8si1917859ejc.104.2019.10.25.11.51.37; Fri, 25 Oct 2019 11:52:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GnUNTrFX; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2394133AbfJXSbb (ORCPT + 99 others); Thu, 24 Oct 2019 14:31:31 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:47441 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726155AbfJXSba (ORCPT ); Thu, 24 Oct 2019 14:31:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1571941889; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=H2aBhb6mYxSEN3F5sFE2bFJJzAJjFs83lANYjYhjQS8=; b=GnUNTrFX6vYlJb9lIbQJt7YnAx8l/fv7JKxDEHt2yi6g57txuRPavdtuWJkKRfQuIFxP6U HBLNijFhLAxcs4I4ieVXT5DqqJVSvirIjQcuKWQBhfsMYOn9YkY2NvPnNPK6X+ZxiyAL91 31V7W/iVg8P/wF9EJaF+ZWv7UdK52+U= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-113-dSg4lei_PDW1nW54ltodpw-1; Thu, 24 Oct 2019 14:31:24 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 070305E6; Thu, 24 Oct 2019 18:31:23 +0000 (UTC) Received: from treble (ovpn-121-225.rdu2.redhat.com [10.10.121.225]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AF5664506; Thu, 24 Oct 2019 18:31:17 +0000 (UTC) Date: Thu, 24 Oct 2019 13:31:15 -0500 From: Josh Poimboeuf To: Peter Zijlstra Cc: x86@kernel.org, linux-kernel@vger.kernel.org, rostedt@goodmis.org, mhiramat@kernel.org, bristot@redhat.com, jbaron@akamai.com, torvalds@linux-foundation.org, tglx@linutronix.de, mingo@kernel.org, namit@vmware.com, hpa@zytor.com, luto@kernel.org, ard.biesheuvel@linaro.org, jeyu@kernel.org Subject: Re: [PATCH v4 15/16] module: Move where we mark modules RO,X Message-ID: <20191024183115.jomddpijq5u453qc@treble> References: <20191018073525.768931536@infradead.org> <20191018074634.801435443@infradead.org> <20191021135312.jbbxsuipxldocdjk@treble> <20191021141402.GI1817@hirez.programming.kicks-ass.net> <20191023114835.GT1817@hirez.programming.kicks-ass.net> <20191023151654.GF19358@hirez.programming.kicks-ass.net> <20191023171514.7hkhtvfcj5vluwcg@treble> <20191024105904.GB4131@hirez.programming.kicks-ass.net> MIME-Version: 1.0 In-Reply-To: <20191024105904.GB4131@hirez.programming.kicks-ass.net> User-Agent: NeoMutt/20180716 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-MC-Unique: dSg4lei_PDW1nW54ltodpw-1 X-Mimecast-Spam-Score: 0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Oct 24, 2019 at 12:59:04PM +0200, Peter Zijlstra wrote: > On Wed, Oct 23, 2019 at 12:15:14PM -0500, Josh Poimboeuf wrote: > > On Wed, Oct 23, 2019 at 05:16:54PM +0200, Peter Zijlstra wrote: > > > @@ -157,6 +158,14 @@ static int __apply_relocate_add(Elf64_Sh > > > =20 > > > =09=09val =3D sym->st_value + rel[i].r_addend; > > > =20 > > > +=09=09/* > > > +=09=09 * .klp.rela.* sections should only contain module > > > +=09=09 * related RELAs. All core-kernel RELAs should be in > > > +=09=09 * normal .rela.* sections and be applied when loading > > > +=09=09 * the patch module itself. > > > +=09=09 */ > > > +=09=09WARN_ON_ONCE(klp && core_kernel_text(val)); > > > + > >=20 > > This isn't quite true, we also use .klp.rela sections to access > > unexported vmlinux symbols. >=20 > Yes, you said in that earlier email. That all makes it really hard to > validate this. But unless we validate it, it will stay buggy :/ >=20 > Hmmm.... /me ponders >=20 > The alternative would be to apply the .klp.rela.* sections twice, once > at patch-module load time and then apply those core_kernel_text() > entries, and then once later and skip over them. >=20 > How's this? How about something like this? Completely untested, but if you agree with this approach I could hack up kpatch-build to test it properly. diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c index ab4a4606d19b..597bf32bc591 100644 --- a/kernel/livepatch/core.c +++ b/kernel/livepatch/core.c @@ -239,6 +239,17 @@ static int klp_resolve_symbols(Elf_Shdr *relasec, stru= ct module *pmod) =09=09if (ret) =09=09=09return ret; =20 +=09=09/* +=09=09 * Prevent module patches from using livepatch relas for +=09=09 * vmlinux symbols. Presumably such symbols are exported and +=09=09 * normal relas can instead be used at patch module loading +=09=09 * time. +=09=09 */ +=09=09if (!vmlinux && core_kernel_text(addr)) { +=09=09=09pr_err("unsupported livepatch symbol\n"); +=09=09=09return -EINVAL; +=09=09} + =09=09sym->st_value =3D addr; =09} =20