Re: [PATCH] x86/mm/pti: Move user W+X check into pti_finalize()

From: Joerg Roedel
Date: Thu Aug 09 2018 - 07:16:10 EST

Next message: leo . yan: "Re: [PATCH] sched: idle: Reenable sched tick for cpuidle request"
Previous message: Gwan-gyeong Mun: "[v3] drm/i915: Add detection of changing of edid on between suspend and resume"
In reply to: Dave Hansen: "Re: [PATCH] x86/mm/pti: Move user W+X check into pti_finalize()"
Next in thread: Kees Cook: "Re: [PATCH] x86/mm/pti: Move user W+X check into pti_finalize()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Dave,

On Wed, Aug 08, 2018 at 08:54:37AM -0700, Dave Hansen wrote:
> One bit of information missing from the changelog: Could you clarify how
> there are any entries in the user page tables for the code to complain?
> Before pti_init(), I would have expected the user page tables to be empty.

The W+X check runs at the end of mark_readonly() in x86, which is after
pti_init() already put kernel mappings into the user page-table. Problem
is that the cloned entries are still W+X mapped, which is fixed in
pti_finalize() running _after_ mark_readonly().

Regards,

Joerg

Next message: leo . yan: "Re: [PATCH] sched: idle: Reenable sched tick for cpuidle request"
Previous message: Gwan-gyeong Mun: "[v3] drm/i915: Add detection of changing of edid on between suspend and resume"
In reply to: Dave Hansen: "Re: [PATCH] x86/mm/pti: Move user W+X check into pti_finalize()"
Next in thread: Kees Cook: "Re: [PATCH] x86/mm/pti: Move user W+X check into pti_finalize()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]