| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <68ba78a7.a70a0220.2f582b.f2d1@mx.google.com>
Date: Fri, 05 Sep 2025 10:53:04 +0530
From: Ritesh Harjani (IBM) <ritesh.list@...il.com>
To: Christophe Leroy <christophe.leroy@...roup.eu>, Andrew Donnellan <ajd@...ux.ibm.com>, Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin <npiggin@...il.com>, Madhavan Srinivasan <maddy@...ux.ibm.com>
Cc: linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, Erhard Furtner <erhard_f@...lbox.org>
Subject: Re: [PATCH] powerpc/32: Remove PAGE_KERNEL_TEXT to fix startup failure
Christophe Leroy <christophe.leroy@...roup.eu> writes:
> Le 05/09/2025 à 05:55, Ritesh Harjani a écrit :
>> Christophe Leroy <christophe.leroy@...roup.eu> writes:
>>
>>> PAGE_KERNEL_TEXT is an old macro that is used to tell kernel whether
>>> kernel text has to be mapped read-only or read-write based on build
>>> time options.
>>>
>>> But nowadays, with functionnalities like jump_labels, static links,
>>> etc ... more only less all kernels need to be read-write at some
>>> point, and some combinations of configs failed to work due to
>>> innacurate setting of PAGE_KERNEL_TEXT. On the other hand, today
>>> we have CONFIG_STRICT_KERNEL_RWX which implements a more controlled
>>> access to kernel modifications.
>>>
>>> Instead of trying to keep PAGE_KERNEL_TEXT accurate with all
>>> possible options that may imply kernel text modification, always
>>> set kernel text read-write at startup and rely on
>>> CONFIG_STRICT_KERNEL_RWX to provide accurate protection.
>>>
>>> Reported-by: Erhard Furtner <erhard_f@...lbox.org>
>>> Closes: https://lore.kernel.org/all/342b4120-911c-4723-82ec-d8c9b03a8aef@mailbox.org/
>>> Signed-off-by: Christophe Leroy <christophe.leroy@...roup.eu>
>>> ---
>>> arch/powerpc/include/asm/pgtable.h | 12 ------------
>>> arch/powerpc/mm/book3s32/mmu.c | 4 ++--
>>> arch/powerpc/mm/pgtable_32.c | 2 +-
>>> 3 files changed, 3 insertions(+), 15 deletions(-)
>>>
>>
>> AFAIU - mmu_mark_initmem_nx gets called during kernel_init() which is
>> way after static call initialization correct? i.e.
>>
>> start_kernel
>> ...
>> jump_label_init()
>> static_call_init()
>> ...
>> ...
>> rest_init() /* Do the rest non-__init'ed, we're now alive */
>> kernel_init()
>> free_initmem() -> mark_initmem_nx() -> __mark_initmem_nx -> mmu_mark_initmem_nx()
>> mark_readonly()
>> if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX) && rodata_enabled) {
>> jump_label_init_ro()
>> mark_rodata_ro() -> ....
>> ...
>> ...
>>
>> Then I guess we mainly only need __mapin_ram_chunk() to be PAGE_KERNEL_X (RWX)
>> instead of PAGE_KERNEL_TEXT (ROX), isn't it?
>>
>> Let me quickly validate it...
>> ...Ok, so I was able to get just this diff to be working.
>>
>> Thoughts?
>
> setibat() doesn't take into account whether it is RO or RW. Only X or NX
> is taken into account, so it doesn't matter whether it is X or ROX.
>
> Then allthough you are right in principle, once the PAGE_KERNEL_TEXT is
> removed from __mapin_ram_chunk() it becomes completely useless, so
> better get rid of PAGE_KERNEL_TEXT completely.
>
Aah yes, I checked the function setibat() and as you mentioned, it
doesn't honour RW permission anyways. Can we please update the same in
the commit message too? That makes it more clear then.
-ritesh
Powered by blists - more mailing lists