[PATCH] [2/2] Improve not NX check in i386 direct mapping setup

From: Andi Kleen
Date: Tue Feb 12 2008 - 07:54:01 EST



[This is a replacement for the direct mapping protections patchkit from
last week. It is simpler by implementing its own specialized duplicated logic
instead of adapting the existing pageattr logic to be usable for this case]

The i386 direct mapping support needs to avoid setting NX on pages
that are used by the kernel text. This patch improves the checks
for that case.

- Check the correct range of kernel text not including data only
sections at the end.
- Check the beginning too because there could be quite some pages
before the kernel text on a high loaded kernel
(previously all pages)
- Add a special check for the PCI-BIOS range in the first MB
that needs to be executable.
- Drop the inline for that function because it is larger now.

Result will be less pages in the direct mapping without NX
in some cases (particular with relocatable kernel loaded high)
giving a very minor increase of security against buffer overflows
in the kernel.

Signed-off-by: Andi Kleen <ak@xxxxxxx>

---
arch/x86/kernel/vmlinux_32.lds.S | 1 +
arch/x86/mm/init_32.c | 14 +++++++++-----
2 files changed, 10 insertions(+), 5 deletions(-)

Index: linux/arch/x86/mm/init_32.c
===================================================================
--- linux.orig/arch/x86/mm/init_32.c
+++ linux/arch/x86/mm/init_32.c
@@ -143,9 +143,14 @@ page_table_range_init(unsigned long star
}
}

-static inline int is_kernel_text(unsigned long addr)
+extern char __end_text[];
+
+static int __init is_kernel_text(unsigned long start, unsigned long end)
{
- if (addr >= PAGE_OFFSET && addr <= (unsigned long)__init_end)
+ if (end >= (unsigned long)_text && start < (unsigned long)__end_text)
+ return 1;
+ /* Allow execution of 32bit BIOS */
+ if (end >= BIOS_BEGIN && start < BIOS_END)
return 1;
return 0;
}
@@ -188,8 +193,7 @@ static void __init kernel_physical_mappi
addr2 = (pfn + PTRS_PER_PTE-1) * PAGE_SIZE +
PAGE_OFFSET + PAGE_SIZE-1;

- if (is_kernel_text(addr) ||
- is_kernel_text(addr2))
+ if (is_kernel_text(addr, addr2))
prot = PAGE_KERNEL_LARGE_EXEC;

set_pmd(pmd, pfn_pmd(pfn, prot));
@@ -205,7 +209,7 @@ static void __init kernel_physical_mappi
pte++, pfn++, pte_ofs++, addr += PAGE_SIZE) {
pgprot_t prot = PAGE_KERNEL;

- if (is_kernel_text(addr))
+ if (is_kernel_text(addr, addr + PAGE_SIZE - 1))
prot = PAGE_KERNEL_EXEC;

set_pte(pte, pfn_pte(pfn, prot));
Index: linux/arch/x86/kernel/vmlinux_32.lds.S
===================================================================
--- linux.orig/arch/x86/kernel/vmlinux_32.lds.S
+++ linux/arch/x86/kernel/vmlinux_32.lds.S
@@ -165,6 +165,7 @@ SECTIONS
*(.parainstructions)
__parainstructions_end = .;
}
+ __end_text = .;
/* .exit.text is discard at runtime, not link time, to deal with references
from .altinstructions and .eh_frame */
.exit.text : AT(ADDR(.exit.text) - LOAD_OFFSET) {
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/