Re: [PATCH v2] x86/mm: Refuse W^X violations

From: Dave Hansen
Date: Thu Sep 22 2022 - 11:00:46 EST

Next message: Andy Shevchenko: "Re: [PATCH v1 1/1] serial: 8250_dma: Convert to use uart_xmit_advance()"
Previous message: Chris Paterson: "RE: [RFC PATCH 1/2] riscv: vendors: andes: Add support to configure the PMA regions"
In reply to: Peter Zijlstra: "Re: [PATCH v2] x86/mm: Refuse W^X violations"
Next in thread: Guenter Roeck: "Re: [PATCH v2] x86/mm: Refuse W^X violations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/22/22 00:46, Peter Zijlstra wrote:
> On Wed, Sep 21, 2022 at 08:09:13PM -0700, Guenter Roeck wrote:
>
>> Oh well, that "helped" to hide one of the crashes. Here is another one.
>> This is with PAE enabled and booting through efi32.
>
>> [ 1.086592] efi_runtime_update_mappings+0x36/0x42
>> [ 1.086717] efi_enter_virtual_mode+0x351/0x36e
>> [ 1.086860] start_kernel+0x57d/0x60f
>> [ 1.086956] ? set_intr_gate+0x42/0x55
>> [ 1.087079] i386_start_kernel+0x43/0x45
>> [ 1.087272] startup_32_smp+0x161/0x164
>
> Does this help? Dave; perhaps we should just let i386 be i386 and let it
> bitrot :/

How about we just turn off enforcement for now so that the poor i386
folks can at least boot? I have the feeling we're going to get bored
with even the warnings if they persist for too long, though.

Untested patch to make i386 violations harmless is attached.diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c
index 20b1e24baa85..c899c55d8304 100644
--- a/arch/x86/mm/pat/set_memory.c
+++ b/arch/x86/mm/pat/set_memory.c
@@ -585,6 +585,8 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long start,
static inline pgprot_t verify_rwx(pgprot_t old, pgprot_t new, unsigned long start,
unsigned long pfn, unsigned long npg)
{
+ /* Just warn on i386, there are still too many issues there: */
+ bool refuse = IS_ENABLED(CONFIG_X86_64);
unsigned long end;

/* Only enforce when NX is supported: */
@@ -598,13 +600,17 @@ static inline pgprot_t verify_rwx(pgprot_t old, pgprot_t new, unsigned long star
return new;

end = start + npg * PAGE_SIZE - 1;
- WARN_ONCE(1, "CPA refuse W^X violation: %016llx -> %016llx range: 0x%016lx - 0x%016lx PFN %lx\n",
+ WARN_ONCE(1, "CPA %sW^X violation: %016llx -> %016llx range: 0x%016lx - 0x%016lx PFN %lx\n",
+ refuse ? "refuse " : "",
(unsigned long long)pgprot_val(old),
(unsigned long long)pgprot_val(new),
start, end, pfn);

/* refuse the transition into WX */
- return old;
+ if (refuse)
+ return old;
+
+ return new;
}

/*

Next message: Andy Shevchenko: "Re: [PATCH v1 1/1] serial: 8250_dma: Convert to use uart_xmit_advance()"
Previous message: Chris Paterson: "RE: [RFC PATCH 1/2] riscv: vendors: andes: Add support to configure the PMA regions"
In reply to: Peter Zijlstra: "Re: [PATCH v2] x86/mm: Refuse W^X violations"
Next in thread: Guenter Roeck: "Re: [PATCH v2] x86/mm: Refuse W^X violations"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]