| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Apr 2018 09:36:44 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Ram Pai <linuxram@...ibm.com>
Cc: Dave Hansen <dave.hansen@...ux.intel.com>,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
shakeelb@...gle.com, stable@...nel.org, tglx@...utronix.de,
mpe@...erman.id.au, mingo@...nel.org, akpm@...ux-foundation.org,
shuah@...nel.org
Subject: Re: [PATCH 4/9] x86, pkeys: override pkey when moving away from
PROT_EXEC
On 04/30/2018 12:51 AM, Ram Pai wrote:
> /*
> * Look for a protection-key-drive execute-only mapping
> * which is now being given permissions that are not
> * execute-only. Move it back to the default pkey.
> */
> if (vma_is_pkey_exec_only(vma) && (prot != PROT_EXEC)) <--------
> return ARCH_DEFAULT_PKEY;
>
> /*
> * The mapping is execute-only. Go try to get the
> * execute-only protection key. If we fail to do that,
> * fall through as if we do not have execute-only
> * support.
> */
> if (prot == PROT_EXEC) {
> pkey = execute_only_pkey(vma->vm_mm);
> if (pkey > 0)
> return pkey;
> }
Yes, that would also work. It's just a matter of whether you prefer
having the prot==PROT_EXEC checks in one place or two. I'd rather leave
it the way I've got it unless there are major objections since it's been
tested.
Powered by blists - more mailing lists