lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <mhng-45fde203-6fd8-408c-b911-3efbb83d9cf3@palmerdabbelt-glaptop>
Date:   Thu, 22 Apr 2021 18:34:50 -0700 (PDT)
From:   Palmer Dabbelt <palmer@...belt.com>
To:     alex@...ti.fr
CC:     anup@...infault.org, corbet@....net,
        Paul Walmsley <paul.walmsley@...ive.com>,
        aou@...s.berkeley.edu, Arnd Bergmann <arnd@...db.de>,
        aryabinin@...tuozzo.com, glider@...gle.com, dvyukov@...gle.com,
        linux-doc@...r.kernel.org, linux-riscv@...ts.infradead.org,
        linux-kernel@...r.kernel.org, kasan-dev@...glegroups.com,
        linux-arch@...r.kernel.org, linux-mm@...ck.org
Subject:     Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set

On Sat, 17 Apr 2021 10:26:36 PDT (-0700), alex@...ti.fr wrote:
> Le 4/16/21 à 12:33 PM, Palmer Dabbelt a écrit :
>> On Fri, 16 Apr 2021 03:47:19 PDT (-0700), alex@...ti.fr wrote:
>>> Hi Anup,
>>>
>>> Le 4/16/21 à 6:41 AM, Anup Patel a écrit :
>>>> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@...ti.fr> wrote:
>>>>>
>>>>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different
>>>>> permissions
>>>>> to the kernel data and text sections, so make sure it is defined before
>>>>> trying to protect the kernel linear mapping.
>>>>>
>>>>> Signed-off-by: Alexandre Ghiti <alex@...ti.fr>
>>>>
>>>> Maybe you should add "Fixes:" tag in commit tag ?
>>>
>>> Yes you're right I should have done that. Maybe Palmer will squash it as
>>> it just entered for-next?
>>
>> Ya, I'll do it.  My testing box was just tied up last night for the rc8
>> PR, so I threw this on for-next to get the buildbots to take a look.
>> It's a bit too late to take something for this week, as I try to be
>> pretty conservative this late in the cycle.  There's another kprobes fix
>> on the list so if we end up with an rc8 I might send this along with
>> that, otherwise this'll just go onto for-next before the linear map
>> changes that exercise the bug.
>>
>> You're more than welcome to just dig up the fixes tag and reply, my
>> scripts pull all tags from replies (just like Revieweb-by).  Otherwise
>> I'll do it myself, most people don't really post Fixes tags that
>> accurately so I go through it for pretty much everything anyway.
>
> Here it is:
>
> Fixes: 4b67f48da707 ("riscv: Move kernel mapping outside of linear mapping")

Thanks.  I just squashed it, though, as I had to rewrite this anyway.

>
> Thanks,
>
>>
>> Thanks for sorting this out so quickly!
>>
>>>
>>>>
>>>> Otherwise it looks good.
>>>>
>>>> Reviewed-by: Anup Patel <anup@...infault.org>
>>>
>>> Thank you!
>>>
>>> Alex
>>>
>>>>
>>>> Regards,
>>>> Anup
>>>>
>>>>> ---
>>>>>   arch/riscv/kernel/setup.c | 8 ++++----
>>>>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
>>>>> index 626003bb5fca..ab394d173cd4 100644
>>>>> --- a/arch/riscv/kernel/setup.c
>>>>> +++ b/arch/riscv/kernel/setup.c
>>>>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>>>>>
>>>>>          sbi_init();
>>>>>
>>>>> -       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
>>>>> +       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>>>>>                  protect_kernel_text_data();
>>>>> -
>>>>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
>>>>> -       protect_kernel_linear_mapping_text_rodata();
>>>>> +#ifdef CONFIG_64BIT
>>>>> +               protect_kernel_linear_mapping_text_rodata();
>>>>>   #endif
>>>>> +       }
>>>>>
>>>>>   #ifdef CONFIG_SWIOTLB
>>>>>          swiotlb_init(1);
>>>>> --
>>>>> 2.20.1
>>>>>
>>>>
>>>> _______________________________________________
>>>> linux-riscv mailing list
>>>> linux-riscv@...ts.infradead.org
>>>> http://lists.infradead.org/mailman/listinfo/linux-riscv
>>>>
>>
>> _______________________________________________
>> linux-riscv mailing list
>> linux-riscv@...ts.infradead.org
>> http://lists.infradead.org/mailman/listinfo/linux-riscv

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ