From: will.deacon@arm.com (Will Deacon)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v6 0/8] arm: support CONFIG_RODATA
Date: Fri, 26 Sep 2014 12:21:10 +0100 [thread overview]
Message-ID: <20140926112109.GH22293@arm.com> (raw)
In-Reply-To: <CAGXu5j+v075p9j6tME5N1fN9WsX1YiBO-vYtP8MLM=eo5UsqHg@mail.gmail.com>
On Fri, Sep 26, 2014 at 06:58:05AM +0100, Kees Cook wrote:
> On Thu, Sep 18, 2014 at 12:19 PM, Kees Cook <keescook@chromium.org> wrote:
> > This is a series of patches to support CONFIG_RODATA on ARM, so that
> > the kernel text is RO, and non-text sections default to NX. To support
> > on-the-fly kernel text patching (via ftrace, kprobes, etc), fixmap
> > support has been finalized based on several versions of various patches
> > that are floating around on the mailing list. This series attempts to
> > include the least intrusive version, so that others can build on it for
> > future fixmap work.
> >
> > The series has been heavily tested, and appears to be working correctly:
> >
> > With CONFIG_ARM_PTDUMP, expected page table permissions are seen in
> > /sys/kernel/debug/kernel_page_tables.
> >
> > Using CONFIG_LKDTM, the kernel now correctly detects bad accesses for
> > for the following lkdtm tests via /sys/kernel/debug/provoke-crash/DIRECT:
> > EXEC_DATA
> > WRITE_RO
> > WRITE_KERN
> >
> > ftrace works:
> > CONFIG_FTRACE_STARTUP_TEST passes
> > Enabling tracing works:
> > echo function > /sys/kernel/debug/tracing/current_tracer
> > kprobes works:
> > CONFIG_ARM_KPROBES_TEST passes
> >
> > kexec works:
> > kexec will load and start a new kernel
> >
> > Built with and without CONFIG_HIGHMEM, CONFIG_HIGHMEM_DEBUG, and
> > CONFIG_NR_CPUS=32.
> >
> > Thanks to everyone who has been testing this series and working on its
> > various pieces!
> >
> > Hopefully this should address Will's last concerns. :)
> >
> > Thanks!
> >
> > -Kees
> >
> > v6:
> > - always run patch_text under stop_machine (will.deacon)
> > - document set_fixmap's TLB flushing situation (will.deacon)
>
> Hi Will,
>
> Does this version look good to you? Should I turn it into a pull request?
The TLB flushing bits look sensible now, but the locking in __set_fixmap is
still pretty horrible (x86 just uses a mutex, not sure why we need to be
different). Still, it's Russell's call.
Will
WARNING: multiple messages have this Message-ID (diff)
From: Will Deacon <will.deacon@arm.com>
To: Kees Cook <keescook@chromium.org>
Cc: Rabin Vincent <rabin@rab.in>,
Laura Abbott <lauraa@codeaurora.org>,
Rob Herring <robh@kernel.org>,
Leif Lindholm <leif.lindholm@linaro.org>,
"msalter@redhat.com" <msalter@redhat.com>,
Liu hua <sdu.liu@huawei.com>,
Nikolay Borisov <Nikolay.Borisov@arm.com>,
Nicolas Pitre <nicolas.pitre@linaro.org>,
Doug Anderson <dianders@google.com>,
Jason Wessel <jason.wessel@windriver.com>,
Catalin Marinas <Catalin.Marinas@arm.com>,
Russell King - ARM Linux <linux@arm.linux.org.uk>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v6 0/8] arm: support CONFIG_RODATA
Date: Fri, 26 Sep 2014 12:21:10 +0100 [thread overview]
Message-ID: <20140926112109.GH22293@arm.com> (raw)
In-Reply-To: <CAGXu5j+v075p9j6tME5N1fN9WsX1YiBO-vYtP8MLM=eo5UsqHg@mail.gmail.com>
On Fri, Sep 26, 2014 at 06:58:05AM +0100, Kees Cook wrote:
> On Thu, Sep 18, 2014 at 12:19 PM, Kees Cook <keescook@chromium.org> wrote:
> > This is a series of patches to support CONFIG_RODATA on ARM, so that
> > the kernel text is RO, and non-text sections default to NX. To support
> > on-the-fly kernel text patching (via ftrace, kprobes, etc), fixmap
> > support has been finalized based on several versions of various patches
> > that are floating around on the mailing list. This series attempts to
> > include the least intrusive version, so that others can build on it for
> > future fixmap work.
> >
> > The series has been heavily tested, and appears to be working correctly:
> >
> > With CONFIG_ARM_PTDUMP, expected page table permissions are seen in
> > /sys/kernel/debug/kernel_page_tables.
> >
> > Using CONFIG_LKDTM, the kernel now correctly detects bad accesses for
> > for the following lkdtm tests via /sys/kernel/debug/provoke-crash/DIRECT:
> > EXEC_DATA
> > WRITE_RO
> > WRITE_KERN
> >
> > ftrace works:
> > CONFIG_FTRACE_STARTUP_TEST passes
> > Enabling tracing works:
> > echo function > /sys/kernel/debug/tracing/current_tracer
> > kprobes works:
> > CONFIG_ARM_KPROBES_TEST passes
> >
> > kexec works:
> > kexec will load and start a new kernel
> >
> > Built with and without CONFIG_HIGHMEM, CONFIG_HIGHMEM_DEBUG, and
> > CONFIG_NR_CPUS=32.
> >
> > Thanks to everyone who has been testing this series and working on its
> > various pieces!
> >
> > Hopefully this should address Will's last concerns. :)
> >
> > Thanks!
> >
> > -Kees
> >
> > v6:
> > - always run patch_text under stop_machine (will.deacon)
> > - document set_fixmap's TLB flushing situation (will.deacon)
>
> Hi Will,
>
> Does this version look good to you? Should I turn it into a pull request?
The TLB flushing bits look sensible now, but the locking in __set_fixmap is
still pretty horrible (x86 just uses a mutex, not sure why we need to be
different). Still, it's Russell's call.
Will
next prev parent reply other threads:[~2014-09-26 11:21 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-18 19:19 [PATCH v6 0/8] arm: support CONFIG_RODATA Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 1/8] arm: use generic fixmap.h Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 2/8] ARM: expand fixmap region to 3MB Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 3/8] arm: fixmap: implement __set_fixmap() Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 4/8] arm: use fixmap for text patching when text is RO Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 5/8] ARM: kexec: Make .text R/W in machine_kexec Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 6/8] arm: kgdb: Handle read-only text / modules Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 7/8] ARM: mm: allow non-text sections to be non-executable Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-26 11:42 ` Russell King - ARM Linux
2014-09-26 11:42 ` Russell King - ARM Linux
2014-09-26 16:43 ` Kees Cook
2014-09-26 16:43 ` Kees Cook
2014-09-26 16:59 ` Russell King - ARM Linux
2014-09-26 16:59 ` Russell King - ARM Linux
2014-09-26 17:07 ` Kees Cook
2014-09-26 17:07 ` Kees Cook
2014-09-18 19:19 ` [PATCH v6 8/8] ARM: mm: allow text and rodata sections to be read-only Kees Cook
2014-09-18 19:19 ` Kees Cook
2014-09-26 5:58 ` [PATCH v6 0/8] arm: support CONFIG_RODATA Kees Cook
2014-09-26 5:58 ` Kees Cook
2014-09-26 11:21 ` Will Deacon [this message]
2014-09-26 11:21 ` Will Deacon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140926112109.GH22293@arm.com \
--to=will.deacon@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.