[PATCH bpf-next v2 07/10] bpf: lsm: Make the allocated callback RO+X
From: KP Singh
Date: Wed Jan 15 2020 - 12:13:45 EST
From: KP Singh <kpsingh@xxxxxxxxxx>
This patch is not needed after arch_bpf_prepare_trampoline
moves to using text_poke.
The two IPI TLB flushes can be further optimized if a new API to handle
W^X in the kernel emerges as an outcome of:
https://lore.kernel.org/bpf/20200103234725.22846-1-kpsingh@xxxxxxxxxxxx/
Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx>
---
security/bpf/hooks.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c
index 4e71da0e8e9e..30f68341f5ef 100644
--- a/security/bpf/hooks.c
+++ b/security/bpf/hooks.c
@@ -222,6 +222,15 @@ static struct bpf_lsm_hook *bpf_lsm_hook_alloc(
goto error;
}
+ /* First make the page read-only, and only then make it executable to
+ * prevent it from being W+X in between.
+ */
+ set_memory_ro((unsigned long)image, 1);
+ /* More checks can be done here to ensure that nothing was changed
+ * between arch_prepare_bpf_trampoline and set_memory_ro.
+ */
+ set_memory_x((unsigned long)image, 1);
+
hook = kzalloc(sizeof(struct bpf_lsm_hook), GFP_KERNEL);
if (!hook) {
ret = -ENOMEM;
--
2.20.1