| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTimNiU_d+WEiWCXyMF_cgohCwuyJzqxog+Y+nTmZ@mail.gmail.com> Date: Tue, 16 Nov 2010 15:32:30 +0000 From: Catalin Marinas <catalin.marinas@....com> To: Russell King - ARM Linux <linux@....linux.org.uk> Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 05/20] ARM: LPAE: Introduce L_PTE_NOEXEC and L_PTE_NOWRITE On 16 November 2010 15:18, Catalin Marinas <catalin.marinas@....com> wrote: > On 15 November 2010 18:30, Russell King - ARM Linux > <linux@....linux.org.uk> wrote: >> On Fri, Nov 12, 2010 at 06:00:25PM +0000, Catalin Marinas wrote: >>> The LPAE page table format needs to explicitly disable execution or >>> write permissions on a page by setting the corresponding bits (similar >>> to the classic page table format with Access Flag enabled). This patch >>> introduces null definitions for the 2-level format and the actual noexec >>> and nowrite bits for the LPAE format. It also changes several PTE >>> maintenance macros and masks. >>> >>> Signed-off-by: Catalin Marinas <catalin.marinas@....com> >>> --- >>> arch/arm/include/asm/pgtable-2level.h | 2 + >>> arch/arm/include/asm/pgtable.h | 44 +++++++++++++++++++++------------ >>> arch/arm/mm/mmu.c | 6 ++-- >>> 3 files changed, 33 insertions(+), 19 deletions(-) >>> >>> diff --git a/arch/arm/include/asm/pgtable-2level.h b/arch/arm/include/asm/pgtable-2level.h >>> index 36bdef7..4e21166 100644 >>> --- a/arch/arm/include/asm/pgtable-2level.h >>> +++ b/arch/arm/include/asm/pgtable-2level.h >>> @@ -128,6 +128,8 @@ >>> #define L_PTE_USER (1 << 8) >>> #define L_PTE_EXEC (1 << 9) >>> #define L_PTE_SHARED (1 << 10) /* shared(v6), coherent(xsc3) */ >>> +#define L_PTE_NOEXEC (0) >>> +#define L_PTE_NOWRITE (0) >> >> Let's not make this more complicated than it has to be. If we need the >> inverse of WRITE and EXEC, then that's what we should change everyone to, >> not invent a new system to work along side the old system. > > This adds an additional instruction in set_pte_ext, unless you can > write the bit checking in a better way: > > tst r1, #L_PTE_NOWRITE > orrne r3, r3, #PTE_EXT_APX > tsteq r1, #L_PTE_DIRTY > orreq r3, r3, #PTE_EXT_APX I think that would work with 3 instructions: eor r1, r1, L_PTE_DIRTY tst r1, #L_PTE_NOWRITE | L_PTE_DIRTY orrne r3, r3, #PTE_EXT_APX -- Catalin -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists