lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080421214824.0c5dc637@daedalus.pq.iki.fi>
Date:	Mon, 21 Apr 2008 21:48:24 +0300
From:	Pekka Paalanen <pq@....fi>
To:	Steven Rostedt <rostedt@...dmis.org>
Cc:	Mathieu Desnoyers <mathieu.desnoyers@...ymtl.ca>,
	linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...e.hu>
Subject: [PATCH] x86_64: fix kernel rodata NX setting

>From 35922163c8054bd8d12df78ebae6a6a603760206 Mon Sep 17 00:00:00 2001
From: Pekka Paalanen <pq@....fi>
Date: Mon, 21 Apr 2008 21:36:09 +0300
Subject: [PATCH] x86_64: fix kernel rodata NX setting

Without CONFIG_DYNAMIC_FTRACE, mark_rodata_ro() would mark a wrong
number of pages as no-execute. The bug was introduced in the patch
"ftrace: dont write protect kernel text". The symptom was machine reboot
after a CPU hotplug.

Signed-off-by: Pekka Paalanen <pq@....fi>
---

Is this ok? At least it works for me:

[  294.564032] CPU 1 is now offline
[  294.564359] lockdep: fixing up alternatives.
[  294.565799] SMP alternatives: switching to UP code
[  306.626760] lockdep: fixing up alternatives.
[  306.627080] SMP alternatives: switching to SMP code
[  306.638566] Booting processor 1/1 ip 6000
[  306.653079] Initializing CPU#1
[  306.736556] Calibrating delay using timer specific routine.. 3991.08 BogoMIPS (lpj=6649734)
[  306.739889] CPU: L1 I cache: 32K, L1 D cache: 32K
[  306.739889] CPU: L2 cache: 4096K
[  306.739889] CPU: Physical Processor ID: 0
[  306.739889] CPU: Processor Core ID: 1
[  306.739889] x86: PAT support disabled.
[  306.741127] CPU1: <6>Clockevents: could not switch to one-shot mode: lapic is not functional.
[  306.743865] Could not switch to high resolution mode on CPU 1
[  306.750580] Intel(R) Core(TM)2 Duo CPU     T7300  @ 2.00GHz stepping 0a

 arch/x86/mm/init_64.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index 7851773..d7ae30a 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -792,7 +792,7 @@ void mark_rodata_ro(void)
 	 * The rodata section (but not the kernel text!) should also be
 	 * not-executable.
 	 */
-	set_memory_nx(rodata_start, (end - start) >> PAGE_SHIFT);
+	set_memory_nx(rodata_start, (end - rodata_start) >> PAGE_SHIFT);
 
 	rodata_test();
 
-- 
1.5.3.7

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ