lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20220227201356.241452-1-linux@treblig.org>
Date:   Sun, 27 Feb 2022 20:13:56 +0000
From:   "Dr. David Alan Gilbert" <linux@...blig.org>
To:     dave.hansen@...ux.intel.com, luto@...nel.org, peterz@...radead.org,
        jeremy.fitzhardinge@...rix.com
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org,
        "Dr. David Alan Gilbert" <linux@...blig.org>
Subject: [PATCH] x86/mm: Use strtobool for noexec parsing

Use strtobool to parse the 'noexec' parameter rather than open coding
it.
'disable_nx' is changed to a bool and flipped to 'enable_nx'
so it's meaning follows the command line option.

There's no change in behaviour for noexec=on/off.
noexec=junk will now warn
strtobool allows 0/1 and y/n (etc) as well as the on/off.

Signed-off-by: Dr. David Alan Gilbert <linux@...blig.org>
---
 arch/x86/mm/setup_nx.c | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/arch/x86/mm/setup_nx.c b/arch/x86/mm/setup_nx.c
index ed5667f5169ff..77450b5889a0d 100644
--- a/arch/x86/mm/setup_nx.c
+++ b/arch/x86/mm/setup_nx.c
@@ -7,7 +7,7 @@
 #include <asm/proto.h>
 #include <asm/cpufeature.h>
 
-static int disable_nx;
+static bool enable_nx = true;
 
 /*
  * noexec = on|off
@@ -19,21 +19,15 @@ static int disable_nx;
  */
 static int __init noexec_setup(char *str)
 {
-	if (!str)
-		return -EINVAL;
-	if (!strncmp(str, "on", 2)) {
-		disable_nx = 0;
-	} else if (!strncmp(str, "off", 3)) {
-		disable_nx = 1;
-	}
+	int ret = strtobool(str, &enable_nx);
 	x86_configure_nx();
-	return 0;
+	return ret;
 }
 early_param("noexec", noexec_setup);
 
 void x86_configure_nx(void)
 {
-	if (boot_cpu_has(X86_FEATURE_NX) && !disable_nx)
+	if (boot_cpu_has(X86_FEATURE_NX) && enable_nx)
 		__supported_pte_mask |= _PAGE_NX;
 	else
 		__supported_pte_mask &= ~_PAGE_NX;
@@ -46,7 +40,7 @@ void __init x86_report_nx(void)
 		       "missing in CPU!\n");
 	} else {
 #if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE)
-		if (disable_nx) {
+		if (!enable_nx) {
 			printk(KERN_INFO "NX (Execute Disable) protection: "
 			       "disabled by kernel command line option\n");
 		} else {
-- 
2.35.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ