From: Guenter Roeck <linux@roeck-us.net>
To: Christophe Leroy <christophe.leroy@csgroup.eu>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
Michael Ellerman <mpe@ellerman.id.au>,
linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org
Subject: Re: [PATCH] powerpc/fsl_book3e: Don't set rodata RO too early
Date: Thu, 19 May 2022 11:29:37 -0700 [thread overview]
Message-ID: <20220519182937.GA80472@roeck-us.net> (raw)
On Thu, May 19, 2022 at 07:24:15PM +0200, Christophe Leroy wrote:
> On fsl_book3e, rodata is set read-only at the same time as
> init text is set NX at the end of init. That's too early.
>
> As both action are performed at the same time, delay both
> actions to the time rodata is expected to be made read-only.
>
> It means we will have a small window with init mem freed but
> still executable. It shouldn't be an issue though, especially
> because the said memory gets poisoned and should therefore
> result to a bad instruction fault in case it gets executer.
executed
>
> mmu_mark_initmem_nx() is bailing out before doing anything when
> CONFIG_STRICT_KERNEL_RWX is not selected or rodata_enabled is false.
>
> mmu_mark_rodata_ro() is called only when CONFIG_STRICT_KERNEL_RWX
> is selected and rodata_enabled is true so this is equivalent.
>
> Move code from mmu_mark_initmem_nx() into mmu_mark_rodata_ro() and
> remove the call to strict_kernel_rwx_enabled() which is not needed
> anymore.
>
> Reported-by: Guenter Roeck <linux@roeck-us.net>
> Fixes: d5970045cf9e ("powerpc/fsl_booke: Update of TLBCAMs after init")
> Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Guenter
next reply other threads:[~2022-05-19 18:29 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-19 18:29 Guenter Roeck [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-05-19 17:24 [PATCH] powerpc/fsl_book3e: Don't set rodata RO too early Christophe Leroy
2022-05-24 11:09 ` Michael Ellerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220519182937.GA80472@roeck-us.net \
--to=linux@roeck-us.net \
--cc=benh@kernel.crashing.org \
--cc=christophe.leroy@csgroup.eu \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox