| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190215130942.GD53520@lakrids.cambridge.arm.com>
Date: Fri, 15 Feb 2019 13:09:42 +0000
From: Mark Rutland <mark.rutland@....com>
To: Khalid Aziz <khalid.aziz@...cle.com>
Cc: juergh@...il.com, tycho@...ho.ws, jsteckli@...zon.de,
ak@...ux.intel.com, torvalds@...ux-foundation.org,
liran.alon@...cle.com, keescook@...gle.com,
akpm@...ux-foundation.org, mhocko@...e.com,
catalin.marinas@....com, will.deacon@....com, jmorris@...ei.org,
konrad.wilk@...cle.com, Tycho Andersen <tycho@...ker.com>,
deepa.srinivasan@...cle.com, chris.hyser@...cle.com,
tyhicks@...onical.com, dwmw@...zon.co.uk,
andrew.cooper3@...rix.com, jcm@...hat.com,
boris.ostrovsky@...cle.com, kanth.ghatraju@...cle.com,
oao.m.martins@...cle.com, jmattson@...gle.com,
pradeep.vincent@...cle.com, john.haxby@...cle.com,
tglx@...utronix.de, kirill.shutemov@...ux.intel.com, hch@....de,
steven.sistare@...cle.com, labbott@...hat.com, luto@...nel.org,
dave.hansen@...el.com, peterz@...radead.org,
kernel-hardening@...ts.openwall.com, linux-mm@...ck.org,
x86@...nel.org, linux-arm-kernel@...ts.infradead.org,
linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v8 08/14] arm64/mm: disable section/contiguous
mappings if XPFO is enabled
Hi,
On Wed, Feb 13, 2019 at 05:01:31PM -0700, Khalid Aziz wrote:
> From: Tycho Andersen <tycho@...ker.com>
>
> XPFO doesn't support section/contiguous mappings yet, so let's disable it
> if XPFO is turned on.
>
> Thanks to Laura Abbot for the simplification from v5, and Mark Rutland for
> pointing out we need NO_CONT_MAPPINGS too.
>
> CC: linux-arm-kernel@...ts.infradead.org
> Signed-off-by: Tycho Andersen <tycho@...ker.com>
> Reviewed-by: Khalid Aziz <khalid.aziz@...cle.com>
There should be no point in this series where it's possible to enable a
broken XPFO. Either this patch should be merged into the rest of the
arm64 bits, or it should be placed before the rest of the arm64 bits.
That's a pre-requisite for merging, and it significantly reduces the
burden on reviewers.
In general, a patch series should bisect cleanly. Could you please
restructure the series to that effect?
Thanks,
Mark.
> ---
> arch/arm64/mm/mmu.c | 2 +-
> include/linux/xpfo.h | 4 ++++
> mm/xpfo.c | 6 ++++++
> 3 files changed, 11 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c
> index d1d6601b385d..f4dd27073006 100644
> --- a/arch/arm64/mm/mmu.c
> +++ b/arch/arm64/mm/mmu.c
> @@ -451,7 +451,7 @@ static void __init map_mem(pgd_t *pgdp)
> struct memblock_region *reg;
> int flags = 0;
>
> - if (debug_pagealloc_enabled())
> + if (debug_pagealloc_enabled() || xpfo_enabled())
> flags = NO_BLOCK_MAPPINGS | NO_CONT_MAPPINGS;
>
> /*
> diff --git a/include/linux/xpfo.h b/include/linux/xpfo.h
> index 1ae05756344d..8b029918a958 100644
> --- a/include/linux/xpfo.h
> +++ b/include/linux/xpfo.h
> @@ -47,6 +47,8 @@ void xpfo_temp_map(const void *addr, size_t size, void **mapping,
> void xpfo_temp_unmap(const void *addr, size_t size, void **mapping,
> size_t mapping_len);
>
> +bool xpfo_enabled(void);
> +
> #else /* !CONFIG_XPFO */
>
> static inline void xpfo_kmap(void *kaddr, struct page *page) { }
> @@ -69,6 +71,8 @@ static inline void xpfo_temp_unmap(const void *addr, size_t size,
> }
>
>
> +static inline bool xpfo_enabled(void) { return false; }
> +
> #endif /* CONFIG_XPFO */
>
> #endif /* _LINUX_XPFO_H */
> diff --git a/mm/xpfo.c b/mm/xpfo.c
> index 92ca6d1baf06..150784ae0f08 100644
> --- a/mm/xpfo.c
> +++ b/mm/xpfo.c
> @@ -71,6 +71,12 @@ struct page_ext_operations page_xpfo_ops = {
> .init = init_xpfo,
> };
>
> +bool __init xpfo_enabled(void)
> +{
> + return !xpfo_disabled;
> +}
> +EXPORT_SYMBOL(xpfo_enabled);
> +
> static inline struct xpfo *lookup_xpfo(struct page *page)
> {
> struct page_ext *page_ext = lookup_page_ext(page);
> --
> 2.17.1
>
Powered by blists - more mailing lists