lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 30 May 2018 07:58:15 +0200
From:   Ingo Molnar <mingo@...nel.org>
To:     nixiaoming <nixiaoming@...wei.com>
Cc:     catalin.marinas@....com, will.deacon@....com,
        ard.biesheuvel@...aro.org, marc.zyngier@....com,
        james.morse@....com, kristina.martsenko@....com,
        steve.capper@....com, tglx@...utronix.de, mingo@...hat.com,
        hpa@...or.com, akpm@...ux-foundation.org, vbabka@...e.cz,
        mhocko@...e.com, dave.hansen@...ux.intel.com,
        dan.j.williams@...el.com, kirill.shutemov@...ux.intel.com,
        zhang.jia@...ux.alibaba.com, schwidefsky@...ibm.com,
        heiko.carstens@...ibm.com, gregkh@...uxfoundation.org,
        linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        x86@...nel.org, linux-s390@...r.kernel.org
Subject: Re: [PATCH 2/3] x86:add missing CONFIG_STRICT_KERNEL_RWX for
 mark_rodata_ro


* nixiaoming <nixiaoming@...wei.com> wrote:

> mark_rodata_ro is only called by the function mark_readonly
> when CONFIG_STRICT_KERNEL_RWX=y
> 
> if CONFIG_STRICT_KERNEL_RWX is not set
> a compile warning may be triggered: unused function
> 
> Signed-off-by: nixiaoming <nixiaoming@...wei.com>
> ---
>  arch/x86/mm/init_32.c | 2 ++
>  arch/x86/mm/init_64.c | 2 ++
>  2 files changed, 4 insertions(+)
> 
> diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
> index c893c6a..121c567 100644
> --- a/arch/x86/mm/init_32.c
> +++ b/arch/x86/mm/init_32.c
> @@ -920,6 +920,7 @@ static void mark_nxdata_nx(void)
>  	set_pages_nx(virt_to_page(start), size >> PAGE_SHIFT);
>  }
>  
> +#ifdef CONFIG_STRICT_KERNEL_RWX
>  void mark_rodata_ro(void)
>  {
>  	unsigned long start = PFN_ALIGN(_text);
> @@ -957,3 +958,4 @@ void mark_rodata_ro(void)
>  	if (__supported_pte_mask & _PAGE_NX)
>  		debug_checkwx();
>  }
> +#endif /*end of CONFIG_STRICT_KERNEL_RWX*/
> diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
> index 0a40060..1b7a1a7 100644
> --- a/arch/x86/mm/init_64.c
> +++ b/arch/x86/mm/init_64.c
> @@ -1245,6 +1245,7 @@ void set_kernel_text_ro(void)
>  	set_memory_ro(start, (end - start) >> PAGE_SHIFT);
>  }
>  
> +#ifdef CONFIG_STRICT_KERNEL_RWX
>  void mark_rodata_ro(void)
>  {
>  	unsigned long start = PFN_ALIGN(_text);
> @@ -1298,6 +1299,7 @@ void mark_rodata_ro(void)
>  	 */
>  	pti_clone_kernel_text();
>  }
> +#endif

NAK, this is very ugly and the changelog doesn't appear to be true: the build 
warning does not trigger in the default build, correct?

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ