Re: [PATCH 27/37] x86/mm/pti: Keep permissions when cloning kernel text in pti_clone_kernel_text()

From: Joerg Roedel
Date: Mon Apr 23 2018 - 14:00:17 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH 4.9 00/95] 4.9.96-stable review"
Previous message: Marcel Holtmann: "Re: [PATCH] Bluetooth: use wait_event API instead of open-coding it"
In reply to: Kees Cook: "Re: [PATCH 27/37] x86/mm/pti: Keep permissions when cloning kernel text in pti_clone_kernel_text()"
Next in thread: Joerg Roedel: "[PATCH 28/37] x86/mm/pti: Map kernel-text to user-space on 32 bit kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Apr 23, 2018 at 10:06:20AM -0700, Kees Cook wrote:
> Why are there R/W text mappings in this range? I find that to be
> unexpected. Shouldn't CONFIG_DEBUG_WX already complain if that were
> true?

It actually complains, I have seen that with the base-kernel too. I
guess this is because of the different mark_rodata_ro() and
mark_nxdata_nx() implementations between 32 and 64 bit. They actually
protect different regions, I think one reason is that some regions are
not hupe-page aligned on 32 bit and doing the right protections as on 64
bit would require to split the 2M mappings into 4k mappings.

But I havn't looked deeper into that and whether it can be unified and
fixed for 32 bit. It is probably out-of-scope for this patch-set.

Regards,

Joerg

Next message: Greg Kroah-Hartman: "Re: [PATCH 4.9 00/95] 4.9.96-stable review"
Previous message: Marcel Holtmann: "Re: [PATCH] Bluetooth: use wait_event API instead of open-coding it"
In reply to: Kees Cook: "Re: [PATCH 27/37] x86/mm/pti: Keep permissions when cloning kernel text in pti_clone_kernel_text()"
Next in thread: Joerg Roedel: "[PATCH 28/37] x86/mm/pti: Map kernel-text to user-space on 32 bit kernels"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]