| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230617064421.GQ52412@kernel.org> Date: Sat, 17 Jun 2023 09:44:21 +0300 From: Mike Rapoport <rppt@...nel.org> To: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "tglx@...utronix.de" <tglx@...utronix.de>, "mcgrof@...nel.org" <mcgrof@...nel.org>, "deller@....de" <deller@....de>, "davem@...emloft.net" <davem@...emloft.net>, "nadav.amit@...il.com" <nadav.amit@...il.com>, "linux@...linux.org.uk" <linux@...linux.org.uk>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>, "linux-riscv@...ts.infradead.org" <linux-riscv@...ts.infradead.org>, "hca@...ux.ibm.com" <hca@...ux.ibm.com>, "catalin.marinas@....com" <catalin.marinas@....com>, "kent.overstreet@...ux.dev" <kent.overstreet@...ux.dev>, "puranjay12@...il.com" <puranjay12@...il.com>, "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>, "palmer@...belt.com" <palmer@...belt.com>, "chenhuacai@...nel.org" <chenhuacai@...nel.org>, "tsbogend@...ha.franken.de" <tsbogend@...ha.franken.de>, "linux-trace-kernel@...r.kernel.org" <linux-trace-kernel@...r.kernel.org>, "linux-parisc@...r.kernel.org" <linux-parisc@...r.kernel.org>, "christophe.leroy@...roup.eu" <christophe.leroy@...roup.eu>, "x86@...nel.org" <x86@...nel.org>, "mpe@...erman.id.au" <mpe@...erman.id.au>, "mark.rutland@....com" <mark.rutland@....com>, "rostedt@...dmis.org" <rostedt@...dmis.org>, "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>, "will@...nel.org" <will@...nel.org>, "dinguyen@...nel.org" <dinguyen@...nel.org>, "naveen.n.rao@...ux.ibm.com" <naveen.n.rao@...ux.ibm.com>, "sparclinux@...r.kernel.org" <sparclinux@...r.kernel.org>, "linux-modules@...r.kernel.org" <linux-modules@...r.kernel.org>, "bpf@...r.kernel.org" <bpf@...r.kernel.org>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, "song@...nel.org" <song@...nel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, "loongarch@...ts.linux.dev" <loongarch@...ts.linux.dev>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org> Subject: Re: [PATCH v2 06/12] mm/execmem: introduce execmem_data_alloc() On Fri, Jun 16, 2023 at 04:55:53PM +0000, Edgecombe, Rick P wrote: > On Fri, 2023-06-16 at 11:50 +0300, Mike Rapoport wrote: > > From: "Mike Rapoport (IBM)" <rppt@...nel.org> > > > > Data related to code allocations, such as module data section, need > > to > > comply with architecture constraints for its placement and its > > allocation right now was done using execmem_text_alloc(). > > > > Create a dedicated API for allocating data related to code > > allocations > > and allow architectures to define address ranges for data > > allocations. > > Right now the cross-arch way to specify kernel memory permissions is > encoded in the function names of all the set_memory_foo()'s. You can't > just have unified prot names because some arch's have NX and some have > X bits, etc. CPA wouldn't know if it needs to set or unset a bit if you > pass in a PROT. The idea is that allocator never uses CPA. It allocates with the permissions defined by architecture at the first place and then the callers might use CPA to change them. Ideally, that shouldn't be needed for anything but ro_after_init, but we are far from there. > But then you end up with a new function for *each* combination (i.e. > set_memory_rox()). I wish CPA has flags like mmap() does, and I wonder > if it makes sense here instead of execmem_data_alloc(). I don't think execmem should handle all the combinations. The code is always allocated as ROX for architectures that support text poking and as RWX for those that don't. Maybe execmem_data_alloc() will need to able to handle RW and RO data differently at some point, but that's the only variant I can think of, but even then I don't expect CPA will be used by execmem. We also might move resetting the permissions to default from vmalloc to execmem, but again, we are far from there. > Maybe that is an overhaul for another day though... CPA surely needs some love :) -- Sincerely yours, Mike.
Powered by blists - more mailing lists