| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Apr 2021 18:34:50 -0700 (PDT)
From: Palmer Dabbelt <palmer@...belt.com>
To: alex@...ti.fr
CC: anup@...infault.org, corbet@....net,
Paul Walmsley <paul.walmsley@...ive.com>,
aou@...s.berkeley.edu, Arnd Bergmann <arnd@...db.de>,
aryabinin@...tuozzo.com, glider@...gle.com, dvyukov@...gle.com,
linux-doc@...r.kernel.org, linux-riscv@...ts.infradead.org,
linux-kernel@...r.kernel.org, kasan-dev@...glegroups.com,
linux-arch@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
On Sat, 17 Apr 2021 10:26:36 PDT (-0700), alex@...ti.fr wrote:
> Le 4/16/21 à 12:33 PM, Palmer Dabbelt a écrit :
>> On Fri, 16 Apr 2021 03:47:19 PDT (-0700), alex@...ti.fr wrote:
>>> Hi Anup,
>>>
>>> Le 4/16/21 à 6:41 AM, Anup Patel a écrit :
>>>> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@...ti.fr> wrote:
>>>>>
>>>>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different
>>>>> permissions
>>>>> to the kernel data and text sections, so make sure it is defined before
>>>>> trying to protect the kernel linear mapping.
>>>>>
>>>>> Signed-off-by: Alexandre Ghiti <alex@...ti.fr>
>>>>
>>>> Maybe you should add "Fixes:" tag in commit tag ?
>>>
>>> Yes you're right I should have done that. Maybe Palmer will squash it as
>>> it just entered for-next?
>>
>> Ya, I'll do it. My testing box was just tied up last night for the rc8
>> PR, so I threw this on for-next to get the buildbots to take a look.
>> It's a bit too late to take something for this week, as I try to be
>> pretty conservative this late in the cycle. There's another kprobes fix
>> on the list so if we end up with an rc8 I might send this along with
>> that, otherwise this'll just go onto for-next before the linear map
>> changes that exercise the bug.
>>
>> You're more than welcome to just dig up the fixes tag and reply, my
>> scripts pull all tags from replies (just like Revieweb-by). Otherwise
>> I'll do it myself, most people don't really post Fixes tags that
>> accurately so I go through it for pretty much everything anyway.
>
> Here it is:
>
> Fixes: 4b67f48da707 ("riscv: Move kernel mapping outside of linear mapping")
Thanks. I just squashed it, though, as I had to rewrite this anyway.
>
> Thanks,
>
>>
>> Thanks for sorting this out so quickly!
>>
>>>
>>>>
>>>> Otherwise it looks good.
>>>>
>>>> Reviewed-by: Anup Patel <anup@...infault.org>
>>>
>>> Thank you!
>>>
>>> Alex
>>>
>>>>
>>>> Regards,
>>>> Anup
>>>>
>>>>> ---
>>>>> arch/riscv/kernel/setup.c | 8 ++++----
>>>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
>>>>> index 626003bb5fca..ab394d173cd4 100644
>>>>> --- a/arch/riscv/kernel/setup.c
>>>>> +++ b/arch/riscv/kernel/setup.c
>>>>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>>>>>
>>>>> sbi_init();
>>>>>
>>>>> - if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
>>>>> + if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>>>>> protect_kernel_text_data();
>>>>> -
>>>>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
>>>>> - protect_kernel_linear_mapping_text_rodata();
>>>>> +#ifdef CONFIG_64BIT
>>>>> + protect_kernel_linear_mapping_text_rodata();
>>>>> #endif
>>>>> + }
>>>>>
>>>>> #ifdef CONFIG_SWIOTLB
>>>>> swiotlb_init(1);
>>>>> --
>>>>> 2.20.1
>>>>>
>>>>
>>>> _______________________________________________
>>>> linux-riscv mailing list
>>>> linux-riscv@...ts.infradead.org
>>>> http://lists.infradead.org/mailman/listinfo/linux-riscv
>>>>
>>
>> _______________________________________________
>> linux-riscv mailing list
>> linux-riscv@...ts.infradead.org
>> http://lists.infradead.org/mailman/listinfo/linux-riscv
Powered by blists - more mailing lists