From: Russell King - ARM Linux <linux@arm.linux.org.uk>
To: Laura Abbott <lauraa@codeaurora.org>
Cc: Nicoas Pitre <nicolas.pitre@linaro.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
linux-arm-kernel@lists.infradead.org,
linux-arm-msm@vger.kernel.org
Subject: Re: [RFC 0/3] Allow CONFIG_DEBUG_SET_MODULE_RONX to be used on ARM
Date: Thu, 24 Oct 2013 14:03:46 +0100 [thread overview]
Message-ID: <20131024130346.GA31369@n2100.arm.linux.org.uk> (raw)
In-Reply-To: <1371057810-3189-1-git-send-email-lauraa@codeaurora.org>
On Wed, Jun 12, 2013 at 10:23:27AM -0700, Laura Abbott wrote:
> Hi,
>
> This is an RFC to allow CONFIG_DEBUG_SET_MODULE_RONX to be used on ARM. The
> current config description from x86 describes it best:
>
> This option helps catch unintended modifications to loadable
> kernel module's text and read-only data. It also prevents execution
> of module data. Such protection may interfere with run-time code
> patching and dynamic kernel tracing - and they might also protect
> against certain classes of kernel exploits.
>
> ARM was missing a few functions to modify the page tables so those have been
> added. I believe modules are always mapped with pages so changing them at map
> time should be acceptable. Comments/concerns are appreciated.
I've just tested this and it seems to work:
---[ Modules ]---
0xbf000000-0xbf002000 8K ro x MEM/CACHED/WBRA
0xbf002000-0xbf003000 4K ro NX MEM/CACHED/WBRA
0xbf003000-0xbf005000 8K RW NX MEM/CACHED/WBRA
0xbf009000-0xbf00b000 8K ro x MEM/CACHED/WBRA
0xbf00b000-0xbf00c000 4K ro NX MEM/CACHED/WBRA
0xbf00c000-0xbf00e000 8K RW NX MEM/CACHED/WBRA
0xbf012000-0xbf013000 4K ro x MEM/CACHED/WBRA
0xbf013000-0xbf014000 4K ro NX MEM/CACHED/WBRA
0xbf014000-0xbf016000 8K RW NX MEM/CACHED/WBRA
0xbf01a000-0xbf01c000 8K ro x MEM/CACHED/WBRA
0xbf01c000-0xbf01d000 4K ro NX MEM/CACHED/WBRA
0xbf01d000-0xbf01f000 8K RW NX MEM/CACHED/WBRA
0xbf024000-0xbf025000 4K ro x MEM/CACHED/WBRA
0xbf025000-0xbf026000 4K ro NX MEM/CACHED/WBRA
0xbf026000-0xbf028000 8K RW NX MEM/CACHED/WBRA
0xbf02c000-0xbf033000 28K ro x MEM/CACHED/WBRA
0xbf033000-0xbf035000 8K ro NX MEM/CACHED/WBRA
0xbf035000-0xbf03a000 20K RW NX MEM/CACHED/WBRA
0xbf041000-0xbf043000 8K ro x MEM/CACHED/WBRA
0xbf043000-0xbf045000 8K ro NX MEM/CACHED/WBRA
0xbf045000-0xbf048000 12K RW NX MEM/CACHED/WBRA
0xbf04e000-0xbf04f000 4K ro x MEM/CACHED/WBRA
0xbf04f000-0xbf050000 4K ro NX MEM/CACHED/WBRA
0xbf050000-0xbf052000 8K RW NX MEM/CACHED/WBRA
0xbf056000-0xbf05f000 36K ro x MEM/CACHED/WBRA
0xbf05f000-0xbf061000 8K ro NX MEM/CACHED/WBRA
0xbf061000-0xbf064000 12K RW NX MEM/CACHED/WBRA
WARNING: multiple messages have this Message-ID (diff)
From: linux@arm.linux.org.uk (Russell King - ARM Linux)
To: linux-arm-kernel@lists.infradead.org
Subject: [RFC 0/3] Allow CONFIG_DEBUG_SET_MODULE_RONX to be used on ARM
Date: Thu, 24 Oct 2013 14:03:46 +0100 [thread overview]
Message-ID: <20131024130346.GA31369@n2100.arm.linux.org.uk> (raw)
In-Reply-To: <1371057810-3189-1-git-send-email-lauraa@codeaurora.org>
On Wed, Jun 12, 2013 at 10:23:27AM -0700, Laura Abbott wrote:
> Hi,
>
> This is an RFC to allow CONFIG_DEBUG_SET_MODULE_RONX to be used on ARM. The
> current config description from x86 describes it best:
>
> This option helps catch unintended modifications to loadable
> kernel module's text and read-only data. It also prevents execution
> of module data. Such protection may interfere with run-time code
> patching and dynamic kernel tracing - and they might also protect
> against certain classes of kernel exploits.
>
> ARM was missing a few functions to modify the page tables so those have been
> added. I believe modules are always mapped with pages so changing them at map
> time should be acceptable. Comments/concerns are appreciated.
I've just tested this and it seems to work:
---[ Modules ]---
0xbf000000-0xbf002000 8K ro x MEM/CACHED/WBRA
0xbf002000-0xbf003000 4K ro NX MEM/CACHED/WBRA
0xbf003000-0xbf005000 8K RW NX MEM/CACHED/WBRA
0xbf009000-0xbf00b000 8K ro x MEM/CACHED/WBRA
0xbf00b000-0xbf00c000 4K ro NX MEM/CACHED/WBRA
0xbf00c000-0xbf00e000 8K RW NX MEM/CACHED/WBRA
0xbf012000-0xbf013000 4K ro x MEM/CACHED/WBRA
0xbf013000-0xbf014000 4K ro NX MEM/CACHED/WBRA
0xbf014000-0xbf016000 8K RW NX MEM/CACHED/WBRA
0xbf01a000-0xbf01c000 8K ro x MEM/CACHED/WBRA
0xbf01c000-0xbf01d000 4K ro NX MEM/CACHED/WBRA
0xbf01d000-0xbf01f000 8K RW NX MEM/CACHED/WBRA
0xbf024000-0xbf025000 4K ro x MEM/CACHED/WBRA
0xbf025000-0xbf026000 4K ro NX MEM/CACHED/WBRA
0xbf026000-0xbf028000 8K RW NX MEM/CACHED/WBRA
0xbf02c000-0xbf033000 28K ro x MEM/CACHED/WBRA
0xbf033000-0xbf035000 8K ro NX MEM/CACHED/WBRA
0xbf035000-0xbf03a000 20K RW NX MEM/CACHED/WBRA
0xbf041000-0xbf043000 8K ro x MEM/CACHED/WBRA
0xbf043000-0xbf045000 8K ro NX MEM/CACHED/WBRA
0xbf045000-0xbf048000 12K RW NX MEM/CACHED/WBRA
0xbf04e000-0xbf04f000 4K ro x MEM/CACHED/WBRA
0xbf04f000-0xbf050000 4K ro NX MEM/CACHED/WBRA
0xbf050000-0xbf052000 8K RW NX MEM/CACHED/WBRA
0xbf056000-0xbf05f000 36K ro x MEM/CACHED/WBRA
0xbf05f000-0xbf061000 8K ro NX MEM/CACHED/WBRA
0xbf061000-0xbf064000 12K RW NX MEM/CACHED/WBRA
next prev parent reply other threads:[~2013-10-24 13:03 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-12 17:23 [RFC 0/3] Allow CONFIG_DEBUG_SET_MODULE_RONX to be used on ARM Laura Abbott
2013-06-12 17:23 ` Laura Abbott
2013-06-12 17:23 ` [RFC 1/3] arm: Add definitions for pte_mkexec/pte_mknexec Laura Abbott
2013-06-12 17:23 ` [RFC 2/3] arm: mm: Define set_memory_* functions for ARM Laura Abbott
2013-06-12 17:32 ` Russell King - ARM Linux
2013-06-12 17:32 ` Russell King - ARM Linux
2013-06-13 16:25 ` Catalin Marinas
2013-06-13 16:25 ` Catalin Marinas
2013-06-18 11:09 ` Will Deacon
2013-06-18 11:09 ` Will Deacon
2013-06-19 1:48 ` Laura Abbott
2013-06-19 1:48 ` Laura Abbott
2013-06-19 13:59 ` Will Deacon
2013-06-19 13:59 ` Will Deacon
2013-10-25 13:08 ` Will Deacon
2013-10-25 13:08 ` Will Deacon
2013-10-27 10:18 ` Russell King - ARM Linux
2013-10-27 10:18 ` Russell King - ARM Linux
2013-06-12 17:23 ` [RFC 3/3] arm: add DEBUG_SET_MODULE_RONX option to Kconfig Laura Abbott
2013-10-24 13:03 ` Russell King - ARM Linux [this message]
2013-10-24 13:03 ` [RFC 0/3] Allow CONFIG_DEBUG_SET_MODULE_RONX to be used on ARM Russell King - ARM Linux
2013-10-27 10:34 ` Russell King - ARM Linux
2013-10-27 10:34 ` Russell King - ARM Linux
2013-10-27 11:57 ` Russell King - ARM Linux
2013-10-27 11:57 ` Russell King - ARM Linux
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131024130346.GA31369@n2100.arm.linux.org.uk \
--to=linux@arm.linux.org.uk \
--cc=catalin.marinas@arm.com \
--cc=lauraa@codeaurora.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=nicolas.pitre@linaro.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.