Re: [PATCH] x86/mm: Remove set_pages_x() and set_pages_nx()

From: Linus Torvalds
Date: Wed Sep 18 2019 - 13:54:16 EST

Next message: Dave Hansen: "Re: [PATCH v3 1/2] x86: Don't let pgprot_modify() change the page encryption bit"
Previous message: Alexander Duyck: "[PATCH v10 QEMU 3/3] virtio-balloon: Provide a interface for unused page reporting"
In reply to: Christoph Hellwig: "Re: [PATCH] x86/mm: Remove set_pages_x() and set_pages_nx()"
Next in thread: Larry Finger: "Re: [PATCH] x86/mm: Remove set_pages_x() and set_pages_nx()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 18, 2019 at 10:50 AM Larry Finger <Larry.Finger@xxxxxxxxxxxx> wrote:
>
> Is there approved way for pages to be set to be executable by an external module
> that would not be a security issue?

Point to what external module and why.

Honestly, the likely answer is simply "no". Why would an external
module ever need to make something executable that isn't read-only
code? That's pretty fundamental. Marking data executable is fairly
questionable these days.

Instead, what might work is to have some higher-level concept that we
actually trust, and that isn't about making data executable, but about
doing something reasonable.

See the difference? Making things executable is not ok, but perhaps a
"alternative runtime code sequence" is ok.

Linus

Next message: Dave Hansen: "Re: [PATCH v3 1/2] x86: Don't let pgprot_modify() change the page encryption bit"
Previous message: Alexander Duyck: "[PATCH v10 QEMU 3/3] virtio-balloon: Provide a interface for unused page reporting"
In reply to: Christoph Hellwig: "Re: [PATCH] x86/mm: Remove set_pages_x() and set_pages_nx()"
Next in thread: Larry Finger: "Re: [PATCH] x86/mm: Remove set_pages_x() and set_pages_nx()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]