From: Kees Cook <keescook@chromium.org>
To: Will Deacon <will@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
linux-arch@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-alpha@vger.kernel.org, linux-ia64@vger.kernel.org,
linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org,
Yoshinori Sato <ysato@users.sourceforge.jp>,
Michal Simek <monstr@monstr.eu>,
linux-parisc@vger.kernel.org, linux-xtensa@linux-xtensa.org,
x86@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 18/29] arm64: Move EXCEPTION_TABLE to RO_DATA segment
Date: Tue, 1 Oct 2019 08:48:11 -0700 [thread overview]
Message-ID: <201910010846.D0712C1@keescook> (raw)
In-Reply-To: <20191001090355.blnaqlf4rfzucpb2@willie-the-truck>
On Tue, Oct 01, 2019 at 10:03:56AM +0100, Will Deacon wrote:
> Hi Kees,
>
> On Thu, Sep 26, 2019 at 10:55:51AM -0700, Kees Cook wrote:
> > The EXCEPTION_TABLE is read-only, so collapse it into RO_DATA.
> >
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> > arch/arm64/kernel/vmlinux.lds.S | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
> > index 81d94e371c95..c6ba2eee0ee8 100644
> > --- a/arch/arm64/kernel/vmlinux.lds.S
> > +++ b/arch/arm64/kernel/vmlinux.lds.S
> > @@ -5,6 +5,8 @@
> > * Written by Martin Mares <mj@atrey.karlin.mff.cuni.cz>
> > */
> >
> > +#define RO_DATA_EXCEPTION_TABLE_ALIGN 8
> > +
> > #include <asm-generic/vmlinux.lds.h>
> > #include <asm/cache.h>
> > #include <asm/kernel-pgtable.h>
> > @@ -135,8 +137,8 @@ SECTIONS
> > . = ALIGN(SEGMENT_ALIGN);
> > _etext = .; /* End of text section */
> >
> > - RO_DATA(PAGE_SIZE) /* everything from this point to */
> > - EXCEPTION_TABLE(8) /* __init_begin will be marked RO NX */
> > + /* everything from this point to __init_begin will be marked RO NX */
> > + RO_DATA(PAGE_SIZE)
> >
> > . = ALIGN(PAGE_SIZE);
>
> Do you reckon it would be worth merging this last ALIGN directive into the
> RO_DATA definition too? Given that we want to map the thing read-only, it
> really has to be aligned either side.
Actually, taking a closer look, this appears to be redundant: RO_DATA()
ends with:
. = ALIGN(align)
(where "align" is the "PAGE_SIZE" argument to RO_DATA())
> Anyway, that's only a nit, so:
>
> Acked-by: Will Deacon <will@kernel.org>
Thanks!
> P.S. Please CC the arm64 maintainers on arm64 patches -- I nearly missed
> this one!
Okay, I can re-expand my list. I originally had done this but it was
getting to be a rather large set of people. :)
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Will Deacon <will@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
linux-arch@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-alpha@vger.kernel.org, linux-ia64@vger.kernel.org,
linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org,
Yoshinori Sato <ysato@users.sourceforge.jp>,
Michal Simek <monstr@monstr.eu>,
linux-parisc@vger.kernel.org, linux-xtensa@linux-xtensa.org,
x86@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 18/29] arm64: Move EXCEPTION_TABLE to RO_DATA segment
Date: Tue, 01 Oct 2019 15:48:11 +0000 [thread overview]
Message-ID: <201910010846.D0712C1@keescook> (raw)
In-Reply-To: <20191001090355.blnaqlf4rfzucpb2@willie-the-truck>
On Tue, Oct 01, 2019 at 10:03:56AM +0100, Will Deacon wrote:
> Hi Kees,
>
> On Thu, Sep 26, 2019 at 10:55:51AM -0700, Kees Cook wrote:
> > The EXCEPTION_TABLE is read-only, so collapse it into RO_DATA.
> >
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> > arch/arm64/kernel/vmlinux.lds.S | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
> > index 81d94e371c95..c6ba2eee0ee8 100644
> > --- a/arch/arm64/kernel/vmlinux.lds.S
> > +++ b/arch/arm64/kernel/vmlinux.lds.S
> > @@ -5,6 +5,8 @@
> > * Written by Martin Mares <mj@atrey.karlin.mff.cuni.cz>
> > */
> >
> > +#define RO_DATA_EXCEPTION_TABLE_ALIGN 8
> > +
> > #include <asm-generic/vmlinux.lds.h>
> > #include <asm/cache.h>
> > #include <asm/kernel-pgtable.h>
> > @@ -135,8 +137,8 @@ SECTIONS
> > . = ALIGN(SEGMENT_ALIGN);
> > _etext = .; /* End of text section */
> >
> > - RO_DATA(PAGE_SIZE) /* everything from this point to */
> > - EXCEPTION_TABLE(8) /* __init_begin will be marked RO NX */
> > + /* everything from this point to __init_begin will be marked RO NX */
> > + RO_DATA(PAGE_SIZE)
> >
> > . = ALIGN(PAGE_SIZE);
>
> Do you reckon it would be worth merging this last ALIGN directive into the
> RO_DATA definition too? Given that we want to map the thing read-only, it
> really has to be aligned either side.
Actually, taking a closer look, this appears to be redundant: RO_DATA()
ends with:
. = ALIGN(align)
(where "align" is the "PAGE_SIZE" argument to RO_DATA())
> Anyway, that's only a nit, so:
>
> Acked-by: Will Deacon <will@kernel.org>
Thanks!
> P.S. Please CC the arm64 maintainers on arm64 patches -- I nearly missed
> this one!
Okay, I can re-expand my list. I originally had done this but it was
getting to be a rather large set of people. :)
--
Kees Cook
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Will Deacon <will@kernel.org>
Cc: linux-arch@vger.kernel.org, linux-s390@vger.kernel.org,
Michal Simek <monstr@monstr.eu>,
linux-alpha@vger.kernel.org, linux-ia64@vger.kernel.org,
linux-c6x-dev@linux-c6x.org, Arnd Bergmann <arnd@arndb.de>,
linux-xtensa@linux-xtensa.org, linux-kernel@vger.kernel.org,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, Yoshinori Sato <ysato@users.sourceforge.jp>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
linux-parisc@vger.kernel.org, Andy Lutomirski <luto@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH 18/29] arm64: Move EXCEPTION_TABLE to RO_DATA segment
Date: Tue, 1 Oct 2019 08:48:11 -0700 [thread overview]
Message-ID: <201910010846.D0712C1@keescook> (raw)
In-Reply-To: <20191001090355.blnaqlf4rfzucpb2@willie-the-truck>
On Tue, Oct 01, 2019 at 10:03:56AM +0100, Will Deacon wrote:
> Hi Kees,
>
> On Thu, Sep 26, 2019 at 10:55:51AM -0700, Kees Cook wrote:
> > The EXCEPTION_TABLE is read-only, so collapse it into RO_DATA.
> >
> > Signed-off-by: Kees Cook <keescook@chromium.org>
> > ---
> > arch/arm64/kernel/vmlinux.lds.S | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
> > index 81d94e371c95..c6ba2eee0ee8 100644
> > --- a/arch/arm64/kernel/vmlinux.lds.S
> > +++ b/arch/arm64/kernel/vmlinux.lds.S
> > @@ -5,6 +5,8 @@
> > * Written by Martin Mares <mj@atrey.karlin.mff.cuni.cz>
> > */
> >
> > +#define RO_DATA_EXCEPTION_TABLE_ALIGN 8
> > +
> > #include <asm-generic/vmlinux.lds.h>
> > #include <asm/cache.h>
> > #include <asm/kernel-pgtable.h>
> > @@ -135,8 +137,8 @@ SECTIONS
> > . = ALIGN(SEGMENT_ALIGN);
> > _etext = .; /* End of text section */
> >
> > - RO_DATA(PAGE_SIZE) /* everything from this point to */
> > - EXCEPTION_TABLE(8) /* __init_begin will be marked RO NX */
> > + /* everything from this point to __init_begin will be marked RO NX */
> > + RO_DATA(PAGE_SIZE)
> >
> > . = ALIGN(PAGE_SIZE);
>
> Do you reckon it would be worth merging this last ALIGN directive into the
> RO_DATA definition too? Given that we want to map the thing read-only, it
> really has to be aligned either side.
Actually, taking a closer look, this appears to be redundant: RO_DATA()
ends with:
. = ALIGN(align)
(where "align" is the "PAGE_SIZE" argument to RO_DATA())
> Anyway, that's only a nit, so:
>
> Acked-by: Will Deacon <will@kernel.org>
Thanks!
> P.S. Please CC the arm64 maintainers on arm64 patches -- I nearly missed
> this one!
Okay, I can re-expand my list. I originally had done this but it was
getting to be a rather large set of people. :)
--
Kees Cook
next prev parent reply other threads:[~2019-10-01 15:48 UTC|newest]
Thread overview: 126+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-26 17:55 [PATCH 00/29] vmlinux.lds.h: Refactor EXCEPTION_TABLE and NOTES Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 01/29] powerpc: Rename "notes" PT_NOTE to "note" Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 02/29] powerpc: Remove PT_NOTE workaround Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 03/29] powerpc: Rename PT_LOAD identifier "kernel" to "text" Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 04/29] alpha: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 05/29] ia64: Rename PT_LOAD identifier "code" " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 06/29] s390: Move RO_DATA into "text" PT_LOAD Program Header Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 07/29] x86: Restore "text" Program Header with dummy section Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-10-10 10:33 ` Borislav Petkov
2019-10-10 10:33 ` Borislav Petkov
2019-10-10 10:33 ` Borislav Petkov
2019-10-10 16:46 ` Kees Cook
2019-10-10 16:46 ` Kees Cook
2019-10-10 16:46 ` Kees Cook
2019-09-26 17:55 ` [PATCH 08/29] vmlinux.lds.h: Provide EMIT_PT_NOTE to indicate export of .notes Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-10-10 10:40 ` Borislav Petkov
2019-10-10 10:40 ` Borislav Petkov
2019-10-10 10:40 ` Borislav Petkov
2019-09-26 17:55 ` [PATCH 09/29] vmlinux.lds.h: Move Program Header restoration into NOTES macro Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 10/29] vmlinux.lds.h: Move NOTES into RO_DATA Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 11/29] vmlinux.lds.h: Replace RODATA with RO_DATA Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 12/29] vmlinux.lds.h: Replace RO_DATA_SECTION " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 13/29] vmlinux.lds.h: Replace RW_DATA_SECTION with RW_DATA Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 14/29] vmlinux.lds.h: Allow EXCEPTION_TABLE to live in RO_DATA Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-10-01 9:05 ` Will Deacon
2019-10-01 9:05 ` Will Deacon
2019-10-01 9:05 ` Will Deacon
2019-10-10 15:25 ` Borislav Petkov
2019-10-10 15:25 ` Borislav Petkov
2019-10-10 15:25 ` Borislav Petkov
2019-10-10 16:47 ` Kees Cook
2019-10-10 16:47 ` Kees Cook
2019-10-10 16:47 ` Kees Cook
2019-09-26 17:55 ` [PATCH 15/29] x86: Actually use _etext for end of text segment Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 16/29] x86: Move EXCEPTION_TABLE to RO_DATA segment Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 17/29] alpha: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 18/29] arm64: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-10-01 9:03 ` Will Deacon
2019-10-01 9:03 ` Will Deacon
2019-10-01 9:03 ` Will Deacon
2019-10-01 15:48 ` Kees Cook [this message]
2019-10-01 15:48 ` Kees Cook
2019-10-01 15:48 ` Kees Cook
2019-09-26 17:55 ` [PATCH 19/29] c6x: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 20/29] h8300: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 21/29] ia64: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 22/29] microblaze: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 23/29] parisc: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 24/29] powerpc: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 25/29] xtensa: " Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` [PATCH 26/29] x86/mm: Remove redundant &s on addresses Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:55 ` Kees Cook
2019-09-26 17:56 ` [PATCH 27/29] x86/mm: Report which part of kernel image is freed Kees Cook
2019-09-26 17:56 ` Kees Cook
2019-09-26 17:56 ` Kees Cook
2019-09-26 17:56 ` [PATCH 28/29] x86/mm: Report actual image regions in /proc/iomem Kees Cook
2019-09-26 17:56 ` Kees Cook
2019-09-26 17:56 ` Kees Cook
2019-10-10 18:00 ` Borislav Petkov
2019-10-10 18:00 ` Borislav Petkov
2019-10-10 18:00 ` Borislav Petkov
2019-09-26 17:56 ` [PATCH 29/29] x86: Use INT3 instead of NOP for linker fill bytes Kees Cook
2019-09-26 17:56 ` Kees Cook
2019-09-26 17:56 ` Kees Cook
2019-10-10 18:03 ` [PATCH 00/29] vmlinux.lds.h: Refactor EXCEPTION_TABLE and NOTES Borislav Petkov
2019-10-10 18:03 ` Borislav Petkov
2019-10-10 18:03 ` Borislav Petkov
2019-10-10 23:57 ` Kees Cook
2019-10-10 23:57 ` Kees Cook
2019-10-10 23:57 ` Kees Cook
2019-10-11 1:38 ` hpa
2019-10-11 1:38 ` hpa
2019-10-11 1:38 ` hpa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201910010846.D0712C1@keescook \
--to=keescook@chromium.org \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-alpha@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-c6x-dev@linux-c6x.org \
--cc=linux-ia64@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-xtensa@linux-xtensa.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=monstr@monstr.eu \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=ysato@users.sourceforge.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.