From: Evgeniy Baskov <baskov@ispras.ru>
To: Borislav Petkov <bp@alien8.de>
Cc: Ard Biesheuvel <ardb@kernel.org>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Alexey Khoroshilov <khoroshilov@ispras.ru>,
Peter Jones <pjones@redhat.com>,
Gerd Hoffmann <kraxel@redhat.com>,
"Limonciello, Mario" <mario.limonciello@amd.com>,
joeyli <jlee@suse.com>,
lvc-project@linuxtesting.org, x86@kernel.org,
linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-hardening@vger.kernel.org
Subject: Re: [PATCH v5 02/27] x86/build: Remove RWX sections and align on 4KB
Date: Sat, 08 Apr 2023 18:05:13 +0300 [thread overview]
Message-ID: <7e59eaf5da2338b71d1c188e784e2ef8@ispras.ru> (raw)
In-Reply-To: <20230405174059.GEZC2yq9WiXFsICyEy@fat_crate.local>
On 2023-04-05 20:40, Borislav Petkov wrote:
> On Tue, Mar 14, 2023 at 01:13:29PM +0300, Evgeniy Baskov wrote:
>> Avoid creating sections simultaneously writable and readable to
>> prepare
>> for W^X implementation for the kernel itself (not the decompressor).
>> Align kernel sections on page size (4KB) to allow protecting them in
>> the
>> page tables.
>>
>> Split init code form ".init" segment into separate R_X ".inittext"
>
> s/form/from/
Thanks!
>
>> segment and make ".init" segment non-executable.
>
> "... and make the .init segment RW_."
Will fix.
>
>> Also add these segments to x86_32 architecture for consistency.
>
> Same comment as before: please refrain from talking about the *what* in
> a commit message but about the *why*.
>
> And considering the matter, you have a *lot* of *why* to talk about.
> :-)
>
> Pls check your whole set.
I'll try do make descriptions of patches more elaborate and to better
reflect the reasoning behind the changes before resubmitting, thanks.
>
>> Currently paging is disabled in x86_32 in compressed kernel, so
>> protection is not applied anyways, but .init code was incorrectly
>> placed in non-executable ".data" segment. This should not change
>> anything meaningful in memory layout now, but might be required in
>> case
>> memory protection will also be implemented in compressed kernel for
>> x86_32.
>
> I highly doubt that - no one cares about 32-bit x86 anymore.
>
True, but in theory it's still possible and also the change
makes things more correct.
>> @@ -226,9 +225,10 @@ SECTIONS
>> #endif
>>
>> INIT_TEXT_SECTION(PAGE_SIZE)
>> -#ifdef CONFIG_X86_64
>> - :init
>> -#endif
>> + :inittext
>> +
>> + . = ALIGN(PAGE_SIZE);
>> +
>>
>> /*
>> * Section for code used exclusively before alternatives are run.
>> All
>> @@ -240,6 +240,7 @@ SECTIONS
>> .altinstr_aux : AT(ADDR(.altinstr_aux) - LOAD_OFFSET) {
>> *(.altinstr_aux)
>> }
>> + :init
>
> Why isn't this placed after inittext but here?
Because, AFAIK, :init is a part of a section syntax so it must
come after the brace, at least according to the documentation:
https://sourceware.org/binutils/docs/ld/PHDRS.html
>
> I'm thinking you wanna have:
>
> :inittext
> . = ALIGN..
> :init
> <rest>
>
> Thx.
next prev parent reply other threads:[~2023-04-08 15:05 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-14 10:13 [PATCH v5 00/27] x86_64: Improvements at compressed kernel stage Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 01/27] x86/boot: Align vmlinuz sections on page size Evgeniy Baskov
2023-04-05 17:13 ` Borislav Petkov
2023-04-08 15:03 ` Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 02/27] x86/build: Remove RWX sections and align on 4KB Evgeniy Baskov
2023-04-05 17:40 ` Borislav Petkov
2023-04-06 11:42 ` Gerd Hoffmann
2023-04-08 15:05 ` Evgeniy Baskov [this message]
2023-03-14 10:13 ` [PATCH v5 03/27] x86/boot: Set cr0 to known state in trampoline Evgeniy Baskov
2023-04-05 17:54 ` Borislav Petkov
2023-04-08 15:09 ` Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 04/27] x86/boot: Increase boot page table size Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 05/27] x86/boot: Support 4KB pages for identity mapping Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 06/27] x86/boot: Setup memory protection for bzImage code Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 07/27] x86/build: Check W^X of vmlinux during build Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 08/27] x86/boot: Map memory explicitly Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 09/27] x86/boot: Remove mapping from page fault handler Evgeniy Baskov
2023-03-14 20:33 ` Andy Lutomirski
2023-03-15 13:25 ` Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 10/27] efi/libstub: Move helper function to related file Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 11/27] x86/boot: Make console interface more abstract Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 12/27] x86/boot: Make kernel_add_identity_map() a pointer Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 13/27] x86/boot: Split trampoline and pt init code Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 14/27] x86/boot: Add EFI kernel extraction interface Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 15/27] efi/x86: Support extracting kernel from libstub Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 16/27] x86/boot: Reduce lower limit of physical KASLR Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 17/27] x86: decompressor: Remove the 'bugger off' message Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 18/27] tools/include: Add simplified version of pe.h Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 19/27] x86/build: Cleanup tools/build.c Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 20/27] efi: x86: Use private copy of struct setup_header Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 21/27] x86/build: Add SETUP_HEADER_OFFSET constant Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 22/27] x86/build: set type_of_loader for EFISTUB Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 23/27] efi/libstub: Don't set ramdisk_image/ramdisk_size Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 24/27] x86/build: Make generated PE more spec compliant Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 25/27] efi/libstub: Use memory attribute protocol Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 26/27] efi/libstub: make memory protection warnings include newlines Evgeniy Baskov
2023-03-14 10:13 ` [PATCH v5 27/27] efi/x86: don't try to set page attributes on 0-sized regions Evgeniy Baskov
2023-03-14 21:23 ` [PATCH v5 00/27] x86_64: Improvements at compressed kernel stage Andy Lutomirski
2023-03-14 23:20 ` Andy Lutomirski
2023-03-15 9:04 ` Gerd Hoffmann
2023-03-15 17:57 ` Peter Jones
2023-04-05 16:17 ` Borislav Petkov
2023-03-15 13:25 ` Evgeniy Baskov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7e59eaf5da2338b71d1c188e784e2ef8@ispras.ru \
--to=baskov@ispras.ru \
--cc=ardb@kernel.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=jlee@suse.com \
--cc=khoroshilov@ispras.ru \
--cc=kraxel@redhat.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=lvc-project@linuxtesting.org \
--cc=mario.limonciello@amd.com \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=pjones@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox