From: Tony Lindgren <tony@atomide.com>
To: Pavel Machek <pavel@ucw.cz>
Cc: pali.rohar@gmail.com, sre@kernel.org,
"kernel list" <linux-kernel@vger.kernel.org>,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
linux-omap@vger.kernel.org, khilman@kernel.org,
aaro.koskinen@iki.fi, ivo.g.dimitrov.75@gmail.com,
patrikbachan@gmail.com, serge@hallyn.com, abcloriens@gmail.com,
clayton@craftyguy.net, martijn@brixit.nl,
sakari.ailus@linux.intel.com,
"Filip Matijević" <filip.matijevic.pz@gmail.com>,
"Dave Gerlach" <d-gerlach@ti.com>
Subject: Re: Nokia N900: insecure W+X mapping at 0xd0050000
Date: Thu, 8 Mar 2018 08:46:52 -0800 [thread overview]
Message-ID: <20180308164652.GL5799@atomide.com> (raw)
In-Reply-To: <20180308162446.GK5799@atomide.com>
* Tony Lindgren <tony@atomide.com> [180308 16:25]:
> * Pavel Machek <pavel@ucw.cz> [180308 06:29]:
> > Insecure W+X mappings, who cares about those? I have 7 pages...
>
> Is this with CONFIG_DEBUG_WX=y?
>
> My guess is that it's for mapping the PM assembly to SRAM. This
> is already fixed for am335x that is using drivers/misc/sram*.c.
> I think omap2 - omap4 still need fixing if this is the culprit.
Adding Dave to Cc, here's a quick fix for this one.
Regards,
Tony
8< -------------------
>From tony Mon Sep 17 00:00:00 2001
From: Tony Lindgren <tony@atomide.com>
Date: Thu, 8 Mar 2018 08:41:16 -0800
Subject: [PATCH] ARM: OMAP: Fix SRAM W+X mapping
We are still using custom SRAM code for some SoCs and are not marking
the PM code mapped to SRAM as read-only and executable after we're
done. With CONFIG_DEBUG_WX=y, we will get "Found insecure W+X mapping
at address" warning.
Let's fix this issue the same way as commit 728bbe75c82f ("misc: sram:
Introduce support code for protect-exec sram type") is doing for
drivers/misc/sram-exec.c.
Note that eventually we should be using sram-exec.c for all SoCs.
Cc: Dave Gerlach <d-gerlach@ti.com>
Reported-by: Pavel Machek <pavel@ucw.cz>
Signed-off-by: Tony Lindgren <tony@atomide.com>
---
arch/arm/plat-omap/sram.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/arch/arm/plat-omap/sram.c b/arch/arm/plat-omap/sram.c
--- a/arch/arm/plat-omap/sram.c
+++ b/arch/arm/plat-omap/sram.c
@@ -23,6 +23,7 @@
#include <asm/fncpy.h>
#include <asm/tlb.h>
#include <asm/cacheflush.h>
+#include <asm/set_memory.h>
#include <asm/mach/map.h>
@@ -96,3 +97,21 @@ void __init omap_map_sram(unsigned long start, unsigned long size,
memset_io(omap_sram_base + omap_sram_skip, 0,
omap_sram_size - omap_sram_skip);
}
+
+static int __init omap_sram_lock(void)
+{
+ unsigned long base;
+ int pages;
+
+ if (!omap_sram_base || !omap_sram_size)
+ return 0;
+
+ base = (unsigned long)omap_sram_base;
+ pages = PAGE_ALIGN(omap_sram_size) / PAGE_SIZE;
+
+ set_memory_ro((unsigned long)base, pages);
+ set_memory_x((unsigned long)base, pages);
+
+ return 0;
+}
+late_initcall(omap_sram_lock);
--
2.16.2
WARNING: multiple messages have this Message-ID (diff)
From: tony@atomide.com (Tony Lindgren)
To: linux-arm-kernel@lists.infradead.org
Subject: Nokia N900: insecure W+X mapping at 0xd0050000
Date: Thu, 8 Mar 2018 08:46:52 -0800 [thread overview]
Message-ID: <20180308164652.GL5799@atomide.com> (raw)
In-Reply-To: <20180308162446.GK5799@atomide.com>
* Tony Lindgren <tony@atomide.com> [180308 16:25]:
> * Pavel Machek <pavel@ucw.cz> [180308 06:29]:
> > Insecure W+X mappings, who cares about those? I have 7 pages...
>
> Is this with CONFIG_DEBUG_WX=y?
>
> My guess is that it's for mapping the PM assembly to SRAM. This
> is already fixed for am335x that is using drivers/misc/sram*.c.
> I think omap2 - omap4 still need fixing if this is the culprit.
Adding Dave to Cc, here's a quick fix for this one.
Regards,
Tony
8< -------------------
>From tony Mon Sep 17 00:00:00 2001
From: Tony Lindgren <tony@atomide.com>
Date: Thu, 8 Mar 2018 08:41:16 -0800
Subject: [PATCH] ARM: OMAP: Fix SRAM W+X mapping
We are still using custom SRAM code for some SoCs and are not marking
the PM code mapped to SRAM as read-only and executable after we're
done. With CONFIG_DEBUG_WX=y, we will get "Found insecure W+X mapping
at address" warning.
Let's fix this issue the same way as commit 728bbe75c82f ("misc: sram:
Introduce support code for protect-exec sram type") is doing for
drivers/misc/sram-exec.c.
Note that eventually we should be using sram-exec.c for all SoCs.
Cc: Dave Gerlach <d-gerlach@ti.com>
Reported-by: Pavel Machek <pavel@ucw.cz>
Signed-off-by: Tony Lindgren <tony@atomide.com>
---
arch/arm/plat-omap/sram.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/arch/arm/plat-omap/sram.c b/arch/arm/plat-omap/sram.c
--- a/arch/arm/plat-omap/sram.c
+++ b/arch/arm/plat-omap/sram.c
@@ -23,6 +23,7 @@
#include <asm/fncpy.h>
#include <asm/tlb.h>
#include <asm/cacheflush.h>
+#include <asm/set_memory.h>
#include <asm/mach/map.h>
@@ -96,3 +97,21 @@ void __init omap_map_sram(unsigned long start, unsigned long size,
memset_io(omap_sram_base + omap_sram_skip, 0,
omap_sram_size - omap_sram_skip);
}
+
+static int __init omap_sram_lock(void)
+{
+ unsigned long base;
+ int pages;
+
+ if (!omap_sram_base || !omap_sram_size)
+ return 0;
+
+ base = (unsigned long)omap_sram_base;
+ pages = PAGE_ALIGN(omap_sram_size) / PAGE_SIZE;
+
+ set_memory_ro((unsigned long)base, pages);
+ set_memory_x((unsigned long)base, pages);
+
+ return 0;
+}
+late_initcall(omap_sram_lock);
--
2.16.2
next prev parent reply other threads:[~2018-03-08 16:46 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-08 14:28 Nokia N900: insecure W+X mapping at 0xd0050000 Pavel Machek
2018-03-08 14:28 ` Pavel Machek
2018-03-08 16:24 ` Tony Lindgren
2018-03-08 16:24 ` Tony Lindgren
2018-03-08 16:46 ` Tony Lindgren [this message]
2018-03-08 16:46 ` Tony Lindgren
2018-03-08 18:05 ` Pavel Machek
2018-03-08 18:05 ` Pavel Machek
2018-03-21 15:24 ` Tony Lindgren
2018-03-21 15:24 ` Tony Lindgren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180308164652.GL5799@atomide.com \
--to=tony@atomide.com \
--cc=aaro.koskinen@iki.fi \
--cc=abcloriens@gmail.com \
--cc=clayton@craftyguy.net \
--cc=d-gerlach@ti.com \
--cc=filip.matijevic.pz@gmail.com \
--cc=ivo.g.dimitrov.75@gmail.com \
--cc=khilman@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-omap@vger.kernel.org \
--cc=martijn@brixit.nl \
--cc=pali.rohar@gmail.com \
--cc=patrikbachan@gmail.com \
--cc=pavel@ucw.cz \
--cc=sakari.ailus@linux.intel.com \
--cc=serge@hallyn.com \
--cc=sre@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.