[PATCH v3 3/5] security: Replace indirect LSM hook calls with static calls
Kees Cook
keescook at chromium.org
Wed Sep 20 15:54:16 UTC 2023
On Mon, Sep 18, 2023 at 11:24:57PM +0200, KP Singh wrote:
> LSM hooks are currently invoked from a linked list as indirect calls
> which are invoked using retpolines as a mitigation for speculative
> attacks (Branch History / Target injection) and add extra overhead which
> is especially bad in kernel hot paths:
I feel like the performance details in the cover letter should be
repeated in this patch, since it's the one doing the heavy lifting.
> [...]
>
> Signed-off-by: KP Singh <kpsingh at kernel.org>
Regardless, this is a nice improvement on execution time and one of the
more complex cases for static calls.
> -struct security_hook_heads {
> - #define LSM_HOOK(RET, DEFAULT, NAME, ...) struct hlist_head NAME;
> - #include "lsm_hook_defs.h"
> +/*
> + * @key: static call key as defined by STATIC_CALL_KEY
> + * @trampoline: static call trampoline as defined by STATIC_CALL_TRAMP
> + * @hl: The security_hook_list as initialized by the owning LSM.
> + * @active: Enabled when the static call has an LSM hook associated.
> + */
> +struct lsm_static_call {
> + struct static_call_key *key;
> + void *trampoline;
> + struct security_hook_list *hl;
> + /* this needs to be true or false based on what the key defaults to */
> + struct static_key_false *active;
> +};
Can this be marked __randomize_layout too?
Everything else looks good to me. I actually find the result more
readable that before. But then I do love a good macro. :)
Reviewed-by: Kees Cook <keescook at chromium.org>
--
Kees Cook
More information about the Linux-security-module-archive
mailing list