* [PATCH] powerpc/fsl_book3e: Don't set rodata RO too early
@ 2022-05-19 17:24 Christophe Leroy
2022-05-24 11:09 ` Michael Ellerman
0 siblings, 1 reply; 3+ messages in thread
From: Christophe Leroy @ 2022-05-19 17:24 UTC (permalink / raw)
To: Benjamin Herrenschmidt, Paul Mackerras, Michael Ellerman
Cc: Guenter Roeck, linuxppc-dev, linux-kernel
On fsl_book3e, rodata is set read-only at the same time as
init text is set NX at the end of init. That's too early.
As both action are performed at the same time, delay both
actions to the time rodata is expected to be made read-only.
It means we will have a small window with init mem freed but
still executable. It shouldn't be an issue though, especially
because the said memory gets poisoned and should therefore
result to a bad instruction fault in case it gets executer.
mmu_mark_initmem_nx() is bailing out before doing anything when
CONFIG_STRICT_KERNEL_RWX is not selected or rodata_enabled is false.
mmu_mark_rodata_ro() is called only when CONFIG_STRICT_KERNEL_RWX
is selected and rodata_enabled is true so this is equivalent.
Move code from mmu_mark_initmem_nx() into mmu_mark_rodata_ro() and
remove the call to strict_kernel_rwx_enabled() which is not needed
anymore.
Reported-by: Guenter Roeck <linux@roeck-us.net>
Fixes: d5970045cf9e ("powerpc/fsl_booke: Update of TLBCAMs after init")
Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
---
arch/powerpc/mm/nohash/fsl_book3e.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/arch/powerpc/mm/nohash/fsl_book3e.c b/arch/powerpc/mm/nohash/fsl_book3e.c
index 08a984e29433..036e6a0e0137 100644
--- a/arch/powerpc/mm/nohash/fsl_book3e.c
+++ b/arch/powerpc/mm/nohash/fsl_book3e.c
@@ -285,22 +285,19 @@ void __init adjust_total_lowmem(void)
#ifdef CONFIG_STRICT_KERNEL_RWX
void mmu_mark_rodata_ro(void)
-{
- /* Everything is done in mmu_mark_initmem_nx() */
-}
-#endif
-
-void mmu_mark_initmem_nx(void)
{
unsigned long remapped;
- if (!strict_kernel_rwx_enabled())
- return;
-
remapped = map_mem_in_cams(__max_low_memory, CONFIG_LOWMEM_CAM_NUM, false, false);
WARN_ON(__max_low_memory != remapped);
}
+#endif
+
+void mmu_mark_initmem_nx(void)
+{
+ /* Everything is done in mmu_mark_rodata_ro() */
+}
void setup_initial_memory_limit(phys_addr_t first_memblock_base,
phys_addr_t first_memblock_size)
--
2.35.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] powerpc/fsl_book3e: Don't set rodata RO too early
@ 2022-05-19 18:29 Guenter Roeck
0 siblings, 0 replies; 3+ messages in thread
From: Guenter Roeck @ 2022-05-19 18:29 UTC (permalink / raw)
To: Christophe Leroy; +Cc: linuxppc-dev, Paul Mackerras, linux-kernel
On Thu, May 19, 2022 at 07:24:15PM +0200, Christophe Leroy wrote:
> On fsl_book3e, rodata is set read-only at the same time as
> init text is set NX at the end of init. That's too early.
>
> As both action are performed at the same time, delay both
> actions to the time rodata is expected to be made read-only.
>
> It means we will have a small window with init mem freed but
> still executable. It shouldn't be an issue though, especially
> because the said memory gets poisoned and should therefore
> result to a bad instruction fault in case it gets executer.
executed
>
> mmu_mark_initmem_nx() is bailing out before doing anything when
> CONFIG_STRICT_KERNEL_RWX is not selected or rodata_enabled is false.
>
> mmu_mark_rodata_ro() is called only when CONFIG_STRICT_KERNEL_RWX
> is selected and rodata_enabled is true so this is equivalent.
>
> Move code from mmu_mark_initmem_nx() into mmu_mark_rodata_ro() and
> remove the call to strict_kernel_rwx_enabled() which is not needed
> anymore.
>
> Reported-by: Guenter Roeck <linux@roeck-us.net>
> Fixes: d5970045cf9e ("powerpc/fsl_booke: Update of TLBCAMs after init")
> Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Guenter
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] powerpc/fsl_book3e: Don't set rodata RO too early
2022-05-19 17:24 Christophe Leroy
@ 2022-05-24 11:09 ` Michael Ellerman
0 siblings, 0 replies; 3+ messages in thread
From: Michael Ellerman @ 2022-05-24 11:09 UTC (permalink / raw)
To: Michael Ellerman, Benjamin Herrenschmidt, Paul Mackerras,
Christophe Leroy
Cc: linuxppc-dev, linux-kernel, Guenter Roeck
On Thu, 19 May 2022 19:24:15 +0200, Christophe Leroy wrote:
> On fsl_book3e, rodata is set read-only at the same time as
> init text is set NX at the end of init. That's too early.
>
> As both action are performed at the same time, delay both
> actions to the time rodata is expected to be made read-only.
>
> It means we will have a small window with init mem freed but
> still executable. It shouldn't be an issue though, especially
> because the said memory gets poisoned and should therefore
> result to a bad instruction fault in case it gets executer.
>
> [...]
Applied to powerpc/next.
[1/1] powerpc/fsl_book3e: Don't set rodata RO too early
https://git.kernel.org/powerpc/c/ad91f66f5fa7c6f9346e721c3159ce818568028b
cheers
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-05-24 11:17 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-05-19 18:29 [PATCH] powerpc/fsl_book3e: Don't set rodata RO too early Guenter Roeck
-- strict thread matches above, loose matches on Subject: below --
2022-05-19 17:24 Christophe Leroy
2022-05-24 11:09 ` Michael Ellerman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).