Received: by 2002:a05:6a10:8395:0:0:0:0 with SMTP id n21csp537769pxh; Tue, 9 Nov 2021 14:53:37 -0800 (PST) X-Google-Smtp-Source: ABdhPJwoFz70fv+gErssU9u9w6PsuPII3s87e+hw/L/S2TpY63NBrVGhDmvy4W4APHQPyhQlr+6Z X-Received: by 2002:a05:6638:25c8:: with SMTP id u8mr8838531jat.23.1636498416880; Tue, 09 Nov 2021 14:53:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1636498416; cv=none; d=google.com; s=arc-20160816; b=Htr3cJ8+yP3Jn/XsGQXnR5BDC9GMd0J6vN3tQPsuR9Zn49G5y2vCPN8SPNeOBq6L+b ZdykrCSqAv1ZUN0MCAoCOXQo/y//1RZYBMHhjfVC+OgNSpBYok5TliQeptwzE9rCw8Gb 0HYnWo5L85sIK5x6pQxH8WmEgtLf9/Ss0/d2fWOdfacsakrmhHg+n0nvqCeiGVLG7EeA N/bK8Ie4oxMu6n2Rb7d9K7CqtIspyzwzRIfwRPSqOJQebVlN3lh/o/O2tae3siR3lqOd m7O5VbiFeKRaZdQFTEBDv6tmKE/IEe0oaDjQEN10qXp2bm93ZFXY7S+3i0v34Cm/c2lI h1JA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=V5XhKUyMWvF3MWtNmWL1NhNdgPsBGzBMTuVPK42L/3A=; b=HFrt5/UvHMPRG2NfDqxZXiTwhgzpv3ebxXyoywO9YMWL4C3mBhSBstv3R38k+dBH5Q jq+qgxekfkTE/qsljMtz+OGuhSP/ipSE9kRmDPC4P8qRx8HVpF+xsMbe2MVKHSdO9ScC /uPm6ojC7/UUtMGWSjgdo5A5wAe9uluCC3TSFKRrVanwYi8IukjjyzNA+fAIldzUDCfY dH8VkBpHsc6BU/JHgmQtw4haL3ix6E81N0oZ7l3xyirhokcTFBF0VAYJEOaDNfMCFo2s MN+8k5dqL4a5sf+QtD/jD86MwS8EexaTuvWLN5icK8Mlw6X62DQoclnrdEgw+xn+/hqs urBQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gt4oCqru; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g2si43375978ile.118.2021.11.09.14.53.24; Tue, 09 Nov 2021 14:53:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gt4oCqru; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243884AbhKITsl (ORCPT + 99 others); Tue, 9 Nov 2021 14:48:41 -0500 Received: from mail.kernel.org ([198.145.29.99]:51116 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236838AbhKITsk (ORCPT ); Tue, 9 Nov 2021 14:48:40 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 7EA6561175 for ; Tue, 9 Nov 2021 19:45:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1636487154; bh=kDbcn4XPz7+SxL3CpEYOVVAgG/CoYcLmCTIoRUpFe04=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=gt4oCqruPrgOy+Iv6k8PoDH3xzZdi6ylRen92P6AMJyy0hV0aChuWz/sO/ot9ZASw 7S7u5Lj+sO9BvNiKCqxkAZEr2ry9I9cp1UCsmqHUBqpXZzWalfbFx9DHz8bFq+wJwm ZQg3WhoRREdcuIQcFGMCbiqjySLwrIxSOkDD+Bps5Pu+u6HIhjOLhAkjsjz6M0Y5VK p2btjOKooZqgzDG6+UHo7Ob2Tg5SRsI6op7OwEeQki3v9NDs4kJesI0a56NBZdKefp 4i2+TuwzZXkmn8h9mbfBvx+dS+DV7NkgA4OTOfEMTgmmxA/mh+rYvpaqM5C7d1rYri aWSDBP7fsHagg== Received: by mail-ot1-f41.google.com with SMTP id g91-20020a9d12e4000000b0055ae68cfc3dso303699otg.9 for ; Tue, 09 Nov 2021 11:45:54 -0800 (PST) X-Gm-Message-State: AOAM532CBkk1yFxSP35TNlhimr1hsnpshbtPhsNdR+rY37JOn9AoHAC1 TSfLlj4b2OlTD3Nuso1229/k6xfRIbRvhVA2Fy4= X-Received: by 2002:a05:6830:1445:: with SMTP id w5mr299561otp.112.1636487153833; Tue, 09 Nov 2021 11:45:53 -0800 (PST) MIME-Version: 1.0 References: <20211109164549.1724710-1-ardb@kernel.org> <20211109164549.1724710-4-ardb@kernel.org> In-Reply-To: From: Ard Biesheuvel Date: Tue, 9 Nov 2021 20:45:42 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [RFC PATCH 3/7] static_call: use helper to access non-exported key To: Peter Zijlstra Cc: Linux Kernel Mailing List , Linux ARM , Josh Poimboeuf , Jason Baron , Steven Rostedt , Mark Rutland , Kees Cook Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 9 Nov 2021 at 20:42, Peter Zijlstra wrote: > > On Tue, Nov 09, 2021 at 07:54:23PM +0100, Ard Biesheuvel wrote: > > On Tue, 9 Nov 2021 at 19:53, Peter Zijlstra wrote: > > > > > > On Tue, Nov 09, 2021 at 05:45:45PM +0100, Ard Biesheuvel wrote: > > > > @@ -196,13 +190,21 @@ extern long __static_call_return0(void); > > > > EXPORT_SYMBOL_GPL(STATIC_CALL_KEY(name)); \ > > > > EXPORT_SYMBOL_GPL(STATIC_CALL_TRAMP(name)) > > > > > > > > +#define EXPORT_STATIC_CALL_GETKEY_HELPER(name) \ > > > > + struct static_call_key *STATIC_CALL_GETKEY(name)(void) { \ > > > > + BUG_ON(!core_kernel_text( \ > > > > + (unsigned long)__builtin_return_address(0))); \ > > > > + return &STATIC_CALL_KEY(name); \ > > > > + } \ > > > > + EXPORT_SYMBOL_GPL(STATIC_CALL_GETKEY(name)) > > > > > > So if I were a nevarious module, I would look up the above symbol from > > > kallsyms (it is exported and easily obtainable) and then simply > > > read the text to discover the key address and we're in business. > > > > > > > Yeah I realised that. So would you prefer to have a > > .static_call_tramp_key section in each module and look up the keys in > > the module loader? > > Think so... do you actually have a need for this? Well, not exactly. But the XOR patch I sent earlier today does cover this use case, and would be broken if we implemented inline static calls on arm64. So the easy fix is to allow EXPORT_STATIC_CALL_RO() only from the core kernel, and require EXPORT_STATIC_CALL_RW() otherwise. That way, this can never end up being used in a way that breaks at runtime. Would you prefer doing that instead?