linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Ingo Molnar <mingo@kernel.org>
To: Josh Triplett <josh@joshtriplett.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>,
	Borislav Petkov <bp@alien8.de>,
	Stephen Smalley <sds@tycho.nsa.gov>,
	x86@kernel.org, linux-kernel@vger.kernel.org,
	keescook@chromium.org, Thomas Gleixner <tglx@linutronix.de>,
	"H. Peter Anvin" <hpa@zytor.com>,
	Peter Zijlstra <a.p.zijlstra@chello.nl>
Subject: Re: [PATCH v2] x86/mm: warn on W+x mappings
Date: Wed, 21 Oct 2015 11:43:57 +0200	[thread overview]
Message-ID: <20151021094357.GB12155@gmail.com> (raw)
In-Reply-To: <20151014164744.GA14705@x>


* Josh Triplett <josh@joshtriplett.org> wrote:

> On Wed, Oct 14, 2015 at 05:19:40PM +0200, Ingo Molnar wrote:
> > 
> > * Josh Triplett <josh@joshtriplett.org> wrote:
> > 
> > > On Mon, Oct 12, 2015 at 04:17:54PM +0200, Ingo Molnar wrote:
> > > > * Matt Fleming <matt@codeblueprint.co.uk> wrote:
> > > > > On Mon, 12 Oct, at 02:49:36PM, Ingo Molnar wrote:
> > > > > > So why not unmap them after bootup? Is there any reason to call into EFI code 
> > > > > > while the system is up and running?
> > > > > 
> > > > > That's where the runtime services code lives. So if you want things like EFI 
> > > > > variables (used by the distro installer, among other things) you need to map the 
> > > > > runtime regions.
> > > > 
> > > > So EFI variables could be queried during bootup and saved on the Linux side.
> > > 
> > > That wouldn't support writing to EFI variables.  Or using the EFI
> > > capsule update system to update firmware.
> > 
> > Well, if we know the location of those pages then we could map those 'rw-' - while 
> > the rest would be mapped 'r-x'.
> 
> We have no way to do so in the absence of the additional code/data
> separation information provided by more recent firmware.

But we could map those out via transparent page faults dynamically, as those 
accesses happen. It should be maximally compatible AFAICS, even without the new 
EFI extensions - and at no time would there be vulnerable 'rwx' mappings in the 
kernel page tables.

Thanks,

	Ingo

      reply	other threads:[~2015-10-21  9:44 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-10-02 19:29 [PATCH v2] x86/mm: warn on W+x mappings Stephen Smalley
2015-10-02 20:44 ` Kees Cook
2015-10-03 11:27 ` Ingo Molnar
2015-10-05 19:13   ` Stephen Smalley
2015-10-06  7:32     ` Ingo Molnar
2015-10-06 15:37       ` Stephen Smalley
2015-10-12 11:36         ` Borislav Petkov
2015-10-12 12:41           ` Matt Fleming
2015-10-12 12:49             ` Ingo Molnar
2015-10-12 12:55               ` Matt Fleming
2015-10-12 14:17                 ` Ingo Molnar
2015-10-12 14:49                   ` Matt Fleming
2015-10-12 15:34                     ` Ard Biesheuvel
2015-10-12 15:50                       ` Matt Fleming
2015-10-12 16:43                         ` Ard Biesheuvel
2015-10-14 15:18                     ` Ingo Molnar
2015-10-14 15:30                       ` Andy Lutomirski
2015-10-14 15:35                         ` Borislav Petkov
2015-10-15 10:10                           ` Matt Fleming
2015-10-15 10:33                             ` Borislav Petkov
2015-10-16  1:45                               ` Ricardo Neri
2015-10-14 21:02                       ` Matt Fleming
2015-10-21  9:42                         ` Ingo Molnar
2015-10-21 12:49                           ` Ingo Molnar
2015-10-21 12:57                             ` Ard Biesheuvel
2015-10-21 13:24                               ` Borislav Petkov
2015-10-21 13:28                                 ` Ard Biesheuvel
2015-10-21 14:36                                   ` Borislav Petkov
2015-10-21 18:46                                     ` Andy Lutomirski
2015-10-21 20:45                                       ` Matt Fleming
2015-10-21 20:49                                         ` Andy Lutomirski
2015-10-21 20:38                           ` Matt Fleming
2015-10-12 14:56                   ` Josh Triplett
2015-10-14 15:19                     ` Ingo Molnar
2015-10-14 16:47                       ` Josh Triplett
2015-10-21  9:43                         ` Ingo Molnar [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151021094357.GB12155@gmail.com \
    --to=mingo@kernel.org \
    --cc=a.p.zijlstra@chello.nl \
    --cc=bp@alien8.de \
    --cc=hpa@zytor.com \
    --cc=josh@joshtriplett.org \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=matt@codeblueprint.co.uk \
    --cc=sds@tycho.nsa.gov \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).