From: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
To: Kees Cook <keescook@chromium.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
x86@kernel.org, linux-kernel@vger.kernel.org,
Andy Honig <ahonig@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Jianguo Wu <wujianguo@huawei.com>,
David Rientjes <rientjes@google.com>,
Fengguang Wu <fengguang.wu@intel.com>
Subject: Re: [PATCH] x86, kaslr: fix module lock ordering problem
Date: Mon, 24 Mar 2014 20:30:28 +0900 [thread overview]
Message-ID: <53301754.30901@hitachi.com> (raw)
In-Reply-To: <20140310204248.GA1958@www.outflux.net>
(2014/03/11 5:42), Kees Cook wrote:
> There was a potential lock ordering problem with the module kASLR patch
> ("x86, kaslr: randomize module base load address"). This patch removes
> the usage of the module_mutex and creates a new mutex to protect the
> module base address offset value.
>
> Chain exists of:
> text_mutex --> kprobe_insn_slots.mutex --> module_mutex
>
> [ 0.515561] Possible unsafe locking scenario:
> [ 0.515561]
> [ 0.515561] CPU0 CPU1
> [ 0.515561] ---- ----
> [ 0.515561] lock(module_mutex);
> [ 0.515561] lock(kprobe_insn_slots.mutex);
> [ 0.515561] lock(module_mutex);
> [ 0.515561] lock(text_mutex);
> [ 0.515561]
> [ 0.515561] *** DEADLOCK ***
>
> Reported-by: Fengguang Wu <fengguang.wu@intel.com>
> Signed-off-by: Andy Honig <ahonig@google.com>
> Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Thanks for fix that ! :)
> ---
> arch/x86/kernel/module.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c
> index 49483137371f..e69f9882bf95 100644
> --- a/arch/x86/kernel/module.c
> +++ b/arch/x86/kernel/module.c
> @@ -48,6 +48,9 @@ do { \
> static unsigned long module_load_offset;
> static int randomize_modules = 1;
>
> +/* Mutex protects the module_load_offset. */
> +static DEFINE_MUTEX(module_kaslr_mutex);
> +
> static int __init parse_nokaslr(char *p)
> {
> randomize_modules = 0;
> @@ -58,7 +61,7 @@ early_param("nokaslr", parse_nokaslr);
> static unsigned long int get_module_load_offset(void)
> {
> if (randomize_modules) {
> - mutex_lock(&module_mutex);
> + mutex_lock(&module_kaslr_mutex);
> /*
> * Calculate the module_load_offset the first time this
> * code is called. Once calculated it stays the same until
> @@ -67,7 +70,7 @@ static unsigned long int get_module_load_offset(void)
> if (module_load_offset == 0)
> module_load_offset =
> (get_random_int() % 1024 + 1) * PAGE_SIZE;
> - mutex_unlock(&module_mutex);
> + mutex_unlock(&module_kaslr_mutex);
> }
> return module_load_offset;
> }
>
--
Masami HIRAMATSU
IT Management Research Dept. Linux Technology Center
Hitachi, Ltd., Yokohama Research Laboratory
E-mail: masami.hiramatsu.pt@hitachi.com
prev parent reply other threads:[~2014-03-24 11:30 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-10 20:42 [PATCH] x86, kaslr: fix module lock ordering problem Kees Cook
2014-03-24 11:30 ` Masami Hiramatsu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53301754.30901@hitachi.com \
--to=masami.hiramatsu.pt@hitachi.com \
--cc=ahonig@google.com \
--cc=akpm@linux-foundation.org \
--cc=fengguang.wu@intel.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rientjes@google.com \
--cc=tglx@linutronix.de \
--cc=wujianguo@huawei.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.