From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932586AbcHKQDD (ORCPT ); Thu, 11 Aug 2016 12:03:03 -0400 Received: from mout.kundenserver.de ([212.227.17.13]:64158 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932395AbcHKQDB (ORCPT ); Thu, 11 Aug 2016 12:03:01 -0400 From: Arnd Bergmann To: linux-arm-kernel@lists.infradead.org Cc: Russell King - ARM Linux , linux-arch@vger.kernel.org, Kees Cook , Ard Biesheuvel , x86@kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Andrew Morton , Mathias Krause , Mark Brown , Daniel Thompson Subject: Re: [PATCH 2/2] arm: apply more __ro_after_init Date: Thu, 11 Aug 2016 18:02:15 +0200 Message-ID: <28485373.pjx0rukqdF@wuerfel> User-Agent: KMail/5.1.3 (Linux/4.4.0-31-generic; KDE/5.18.0; x86_64; ; ) In-Reply-To: <20160810230242.GO1041@n2100.armlinux.org.uk> References: <1464979224-2085-1-git-send-email-keescook@chromium.org> <2096112.OBiRuggdEi@wuerfel> <20160810230242.GO1041@n2100.armlinux.org.uk> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Provags-ID: V03:K0:shzUrBPAkB3Y945DSob8l4c7ujOqZ24Oz9/AMgjdld8Rv0jaP5V mj3JDE7Lv9v9hkbO9mfhA1BG58CApz/tTkAI3o9OYJJ7oeGXitgrV0YvjuT3KEY2ZX65CXL urxmoKu8wa9MR3tkgZD6FoSRvZMgGfWh7QpSYxQJglXwnkYiRWzhWfe31fqxGGudqwa5Wn6 FUph/1yFXRXCAC71jAmzw== X-UI-Out-Filterresults: notjunk:1;V01:K0:VL9oD5mOnL8=:7iq3aT9o4bbboB2SDufHA/ +th1iy88+pMun7LxDXnyIATPnWfMeoyiVrkJ62H+D0D2bwtBKfnhho4qEkDEcBthgsEZv/Njw 8f2fzwEAmberlhbQz6f7vLvK0RC36gyfBVcWcmNTfZjjq+HRpRTAzq/Gj8Fxvy25tn+3nX/ag ATQ4+79wWsln0/voRuLHQOirKhZj48YCSUT/zLEZQGYWJkC0WzZ0pYUpgOaShjAG/IiqPjUdq tXCCoKupQJwQiQ8TZajW952fi8E6bQh7jYauq8eF+Gk7sgvh5wAA8RNCaFnco06PnnHNnk/mG D7UjimF7a6u0LnfP6wLuFPYrbMy/hTb+YzXUY/p85J+yQlhvU7/WTJ1itXTgdf7fvSElfGDHc 5IwgPH+omzf3xzd3PdVgg/zNDG8ZCPsMKW12Q0rh7u1VHHC3ezBoKg2LBT9c7S7pIAFm1frHA zx5ULaGFEqYEZBFoJS/7xAbqL5gbL3v0KunPGiG/KuUXGMayh/qBOmTlR1KRW4E64qGeBYc9w EMMkryqzYI1LrVnE9RsEegmvsuyS234cA3KJWmuewu+xeh2gRv1YE3m/on4HENIPPZUTB59J3 wbgl/xSJm4lv3NM3zv2iC1eoKRZFULlMWcJAo5JCXxZf8uQvYcoWrOVSSmdMZTfH2mrSOm0yI ZiCHeOUtvNXzBVS/oh+8yz0OQxnIsnpwGJm5VJWJ9DfMOVKx+wbMMPdpD+2ZlOOp+KNz/37Cu 9897/i1/biV222ly Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thursday, August 11, 2016 12:02:42 AM CEST Russell King - ARM Linux wrote: > On Wed, Aug 10, 2016 at 09:31:05PM +0200, Arnd Bergmann wrote: > > On Wednesday, August 10, 2016 11:12:53 AM CEST Russell King - ARM Linux wrote: > > > There's the TLS emulation too, but that writes via the vectors mapping > > > at 0xffff0ff0. > > > > Ok, so that should be safe. Can we change the fiq code to also use the > > high mapping and then take the __ro_after_init patch on top? > > We can't - if the kernel is configured without the kuser helpers in > the vectors page, it's mapped read-only. I'm not sure what the > intersection is between platforms that can have FIQs and platforms > that can disable the kuser helpers. >>From Kconfig logic and callers of set_fiq_handler(), theoretically there is just i.MX3, but I think they never use fiq in their audio drivers in practice already, and Mark Brown mentioned that we could remove fiq support in the imx audio driver (don't remember the details at the moment). If we can prove that i.MX3 PCM FIQ support is never used, then the intersection is empty, and all machines that use FIQ require kuser helpers. This may change with Daniel Thompson's patches that use the FIQ for NMI backtrace. Arnd