[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGXu5jK-=c00ppm7h7ZgH7iVpRqRBLUQusYgm7yW4JDZ+r4RYw@mail.gmail.com>
Date: Tue, 23 May 2017 08:54:48 -0700
From: Kees Cook <keescook@...omium.org>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: LKML <linux-kernel@...r.kernel.org>, x86@...utronix.de,
Masami Hiramatsu <mhiramat@...nel.org>,
"Luis R. Rodriguez" <mcgrof@...nel.org>
Subject: Re: [WARNING] x86/mm: Found insecure W+X mapping at address ..
On Tue, May 23, 2017 at 8:40 AM, Thomas Gleixner <tglx@...utronix.de> wrote:
> As of 4.12-rc1 one of my machines triggers the insecure W+X mapping.
>
> It's consistenly 9 entries close to the beginning of the module space,
> before the first actual module starts. See below.
>
> Any ideas which avoid bisecting would be appreciated.
Is this the same as:
https://lkml.org/lkml/2017/5/19/899
?
The location is very similar.
-Kees
>
> Thanks,
>
> tglx
>
> ---[ Modules ]---
> 0xffffffffc0000000-0xffffffffc017d000 1524K pte
> 0xffffffffc017d000-0xffffffffc017e000 4K RW GLB x pte
> 0xffffffffc017e000-0xffffffffc017f000 4K pte
> 0xffffffffc017f000-0xffffffffc0180000 4K RW GLB x pte
> 0xffffffffc0180000-0xffffffffc0181000 4K pte
> 0xffffffffc0181000-0xffffffffc0182000 4K RW GLB x pte
> 0xffffffffc0182000-0xffffffffc0183000 4K pte
> 0xffffffffc0183000-0xffffffffc0184000 4K RW GLB x pte
> 0xffffffffc0184000-0xffffffffc0185000 4K pte
> 0xffffffffc0185000-0xffffffffc0186000 4K RW GLB x pte
> 0xffffffffc0186000-0xffffffffc0187000 4K pte
> 0xffffffffc0187000-0xffffffffc0188000 4K RW GLB x pte
> 0xffffffffc0188000-0xffffffffc0189000 4K pte
> 0xffffffffc0189000-0xffffffffc018a000 4K RW GLB x pte
> 0xffffffffc018a000-0xffffffffc018b000 4K pte
> 0xffffffffc018b000-0xffffffffc018c000 4K RW GLB x pte
> 0xffffffffc018c000-0xffffffffc018d000 4K pte
> 0xffffffffc018d000-0xffffffffc018e000 4K RW GLB x pte
>
> First module starts here:
>
> 0xffffffffc018e000-0xffffffffc0191000 12K pte
> 0xffffffffc0191000-0xffffffffc0192000 4K ro GLB x pte
>
> ---[ Modules ]---
> 0xffffffffc0000000-0xffffffffc0200000 2M pmd
> 0xffffffffc0200000-0xffffffffc02f8000 992K pte
> 0xffffffffc02f8000-0xffffffffc02f9000 4K RW GLB x pte
> 0xffffffffc02f9000-0xffffffffc02fa000 4K pte
> 0xffffffffc02fa000-0xffffffffc02fb000 4K RW GLB x pte
> 0xffffffffc02fb000-0xffffffffc02fc000 4K pte
> 0xffffffffc02fc000-0xffffffffc02fd000 4K RW GLB x pte
> 0xffffffffc02fd000-0xffffffffc02fe000 4K pte
> 0xffffffffc02fe000-0xffffffffc02ff000 4K RW GLB x pte
> 0xffffffffc02ff000-0xffffffffc0300000 4K pte
> 0xffffffffc0300000-0xffffffffc0301000 4K RW GLB x pte
> 0xffffffffc0301000-0xffffffffc0302000 4K pte
> 0xffffffffc0302000-0xffffffffc0303000 4K RW GLB x pte
> 0xffffffffc0303000-0xffffffffc0304000 4K pte
> 0xffffffffc0304000-0xffffffffc0305000 4K RW GLB x pte
> 0xffffffffc0305000-0xffffffffc0306000 4K pte
> 0xffffffffc0306000-0xffffffffc0307000 4K RW GLB x pte
> 0xffffffffc0307000-0xffffffffc0308000 4K pte
> 0xffffffffc0308000-0xffffffffc0309000 4K RW GLB x pte
>
> First module starts here:
>
> 0xffffffffc0309000-0xffffffffc030c000 12K pte
> 0xffffffffc030c000-0xffffffffc030d000 4K ro GLB x pte
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists