| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <288c578a-d680-e2e8-33a1-004e11a4f6f0@ghiti.fr>
Date: Sun, 2 May 2021 10:06:29 -0400
From: Alex Ghiti <alex@...ti.fr>
To: Geert Uytterhoeven <geert+renesas@...der.be>,
Paul Walmsley <paul.walmsley@...ive.com>,
Palmer Dabbelt <palmer@...belt.com>,
Albert Ou <aou@...s.berkeley.edu>,
Vitaly Wool <vitaly.wool@...sulko.com>
Cc: linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] riscv: Consistify
protect_kernel_linear_mapping_text_rodata() use
Le 4/29/21 à 11:10 AM, Geert Uytterhoeven a écrit :
> The various uses of protect_kernel_linear_mapping_text_rodata() are
> not consistent:
> - Its definition depends on "64BIT && !XIP_KERNEL",
> - Its forward declaration depends on MMU,
> - Its single caller depends on "STRICT_KERNEL_RWX && 64BIT && MMU &&
> !XIP_KERNEL".
>
> Fix this by settling on the dependencies of the caller, which can be
> simplified as STRICT_KERNEL_RWX depends on "MMU && !XIP_KERNEL".
> Provide a dummy definition, as the caller is protected by
> "IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)" instead of "#ifdef
> CONFIG_STRICT_KERNEL_RWX".
>
> Signed-off-by: Geert Uytterhoeven <geert+renesas@...der.be>
> ---
> Only tested on K210 (SiPeed MAIX BiT).
> ---
> arch/riscv/include/asm/set_memory.h | 7 ++++++-
> arch/riscv/kernel/setup.c | 2 --
> arch/riscv/mm/init.c | 2 +-
> 3 files changed, 7 insertions(+), 4 deletions(-)
>
> diff --git a/arch/riscv/include/asm/set_memory.h b/arch/riscv/include/asm/set_memory.h
> index a9c56776fa0e74d6..086f757e8ba3cc69 100644
> --- a/arch/riscv/include/asm/set_memory.h
> +++ b/arch/riscv/include/asm/set_memory.h
> @@ -17,7 +17,6 @@ int set_memory_x(unsigned long addr, int numpages);
> int set_memory_nx(unsigned long addr, int numpages);
> int set_memory_rw_nx(unsigned long addr, int numpages);
> void protect_kernel_text_data(void);
> -void protect_kernel_linear_mapping_text_rodata(void);
> #else
> static inline int set_memory_ro(unsigned long addr, int numpages) { return 0; }
> static inline int set_memory_rw(unsigned long addr, int numpages) { return 0; }
> @@ -27,6 +26,12 @@ static inline void protect_kernel_text_data(void) {}
> static inline int set_memory_rw_nx(unsigned long addr, int numpages) { return 0; }
> #endif
>
> +#if defined(CONFIG_64BIT) && defined(CONFIG_STRICT_KERNEL_RWX)
> +void protect_kernel_linear_mapping_text_rodata(void);
> +#else
> +static inline void protect_kernel_linear_mapping_text_rodata(void) {}
> +#endif
> +
> int set_direct_map_invalid_noflush(struct page *page);
> int set_direct_map_default_noflush(struct page *page);
> bool kernel_page_present(struct page *page);
> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
> index 7b31779101f662e4..03901d3a8b027343 100644
> --- a/arch/riscv/kernel/setup.c
> +++ b/arch/riscv/kernel/setup.c
> @@ -293,9 +293,7 @@ void __init setup_arch(char **cmdline_p)
>
> if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
> protect_kernel_text_data();
> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU) && !defined(CONFIG_XIP_KERNEL)
> protect_kernel_linear_mapping_text_rodata();
> -#endif
> }
>
> #ifdef CONFIG_SWIOTLB
> diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c
> index 3ebc0f5d2b73b42b..6cc0421a5d0ef4a3 100644
> --- a/arch/riscv/mm/init.c
> +++ b/arch/riscv/mm/init.c
> @@ -646,7 +646,7 @@ asmlinkage void __init setup_vm(uintptr_t dtb_pa)
> #endif
> }
>
> -#if defined(CONFIG_64BIT) && !defined(CONFIG_XIP_KERNEL)
> +#if defined(CONFIG_64BIT) && defined(CONFIG_STRICT_KERNEL_RWX)
> void protect_kernel_linear_mapping_text_rodata(void)
> {
> unsigned long text_start = (unsigned long)lm_alias(_start);
>
I tested this on the following configs:
- rv32_defconfig (build and valid on qemu)
- defconfig (with and without CONFIG_STRICT_KERNEL_RWX) (build and valid
on qemu)
- xip kernel (build and valid on qemu)
- nommu_k210_defconfig (build only)
so you can add:
Tested-by: Alexandre Ghiti <alex@...ti.fr>
Thank you for the cleanup!
Alex
Powered by blists - more mailing lists