lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 13 Sep 2007 09:12:02 +0800
From:	"Huang, Ying" <ying.huang@...el.com>
To:	Andi Kleen <ak@...e.de>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [BUGFIX] x86_64: NX bit handling in change_page_attr

On Wed, 2007-09-12 at 15:35 +0200, Andi Kleen wrote:
> > > Index: linux-2.6.23-rc2-mm2/arch/x86_64/mm/pageattr.c
> > > ===================================================================
> > > --- linux-2.6.23-rc2-mm2.orig/arch/x86_64/mm/pageattr.c	2007-08-17
> > > 12:50:25.000000000 +0800 +++
> > > linux-2.6.23-rc2-mm2/arch/x86_64/mm/pageattr.c	2007-08-17
> > > 12:50:48.000000000 +0800 @@ -147,6 +147,7 @@
> > >  			split = split_large_page(address, prot, ref_prot2);
> > >  			if (!split)
> > >  				return -ENOMEM;
> > > +			pgprot_val(ref_prot2) &= ~_PAGE_NX;
> > >  			set_pte(kpte, mk_pte(split, ref_prot2));
> > >  			kpte_page = split;
> > >  		}
> >
> > What happened with this?  Still valid?
> 
> The bug is probably latent there, but I don't think it can affect anything
> in the kernel because nothing in the kernel should change NX status
> as far as I know.
> 
> Where did you see it? 

I found the problem for EFI runtime service supporting. Where the EFI
runtime code (from firmware) need to be mapped without NX bit set.

> Anyways I would prefer to only clear the PMD NX when NX status actually 
> changes on the PTE.Can you do that change? 

This change is sufficient for Intel CPU. Because the NX bit of PTE is
still there, no page will be made executable if not been set explicitly
through PTE. For AMD CPU, will the page be made executable if the NX bit
of PMD is cleared and the NX bit of PTE is set? If so, I will do the
change as you said.

> Anyways; it's really not very important.

It is needed by EFI runtime service supporting.

Best Regards,
Huang Ying
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ