| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7e59eaf5da2338b71d1c188e784e2ef8@ispras.ru>
Date: Sat, 08 Apr 2023 18:05:13 +0300
From: Evgeniy Baskov <baskov@...ras.ru>
To: Borislav Petkov <bp@...en8.de>
Cc: Ard Biesheuvel <ardb@...nel.org>,
Andy Lutomirski <luto@...nel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Ingo Molnar <mingo@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Alexey Khoroshilov <khoroshilov@...ras.ru>,
Peter Jones <pjones@...hat.com>,
Gerd Hoffmann <kraxel@...hat.com>,
"Limonciello, Mario" <mario.limonciello@....com>,
joeyli <jlee@...e.com>, lvc-project@...uxtesting.org,
x86@...nel.org, linux-efi@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH v5 02/27] x86/build: Remove RWX sections and align on 4KB
On 2023-04-05 20:40, Borislav Petkov wrote:
> On Tue, Mar 14, 2023 at 01:13:29PM +0300, Evgeniy Baskov wrote:
>> Avoid creating sections simultaneously writable and readable to
>> prepare
>> for W^X implementation for the kernel itself (not the decompressor).
>> Align kernel sections on page size (4KB) to allow protecting them in
>> the
>> page tables.
>>
>> Split init code form ".init" segment into separate R_X ".inittext"
>
> s/form/from/
Thanks!
>
>> segment and make ".init" segment non-executable.
>
> "... and make the .init segment RW_."
Will fix.
>
>> Also add these segments to x86_32 architecture for consistency.
>
> Same comment as before: please refrain from talking about the *what* in
> a commit message but about the *why*.
>
> And considering the matter, you have a *lot* of *why* to talk about.
> :-)
>
> Pls check your whole set.
I'll try do make descriptions of patches more elaborate and to better
reflect the reasoning behind the changes before resubmitting, thanks.
>
>> Currently paging is disabled in x86_32 in compressed kernel, so
>> protection is not applied anyways, but .init code was incorrectly
>> placed in non-executable ".data" segment. This should not change
>> anything meaningful in memory layout now, but might be required in
>> case
>> memory protection will also be implemented in compressed kernel for
>> x86_32.
>
> I highly doubt that - no one cares about 32-bit x86 anymore.
>
True, but in theory it's still possible and also the change
makes things more correct.
>> @@ -226,9 +225,10 @@ SECTIONS
>> #endif
>>
>> INIT_TEXT_SECTION(PAGE_SIZE)
>> -#ifdef CONFIG_X86_64
>> - :init
>> -#endif
>> + :inittext
>> +
>> + . = ALIGN(PAGE_SIZE);
>> +
>>
>> /*
>> * Section for code used exclusively before alternatives are run.
>> All
>> @@ -240,6 +240,7 @@ SECTIONS
>> .altinstr_aux : AT(ADDR(.altinstr_aux) - LOAD_OFFSET) {
>> *(.altinstr_aux)
>> }
>> + :init
>
> Why isn't this placed after inittext but here?
Because, AFAIK, :init is a part of a section syntax so it must
come after the brace, at least according to the documentation:
https://sourceware.org/binutils/docs/ld/PHDRS.html
>
> I'm thinking you wanna have:
>
> :inittext
> . = ALIGN..
> :init
> <rest>
>
> Thx.
Powered by blists - more mailing lists