| Message ID | cb778076d2d089dd52605b8eaad3ee6097e61eae.1425040940.git.daniel@iogearbox.net |
|---|---|
| State | Changes Requested, archived |
| Delegated to: | David Miller |
| Headers | show |
On 2/27/2015 6:55 AM, Daniel Borkmann wrote: > This effectively unexports set_memory_ro and set_memory_rw functions from > commit 11d91a770f1f ("arm64: Add CONFIG_DEBUG_SET_MODULE_RONX support"). > > No module user of those is in mainline kernel and we explicitly do not want > modules to use these functions, as they i.e. protect eBPF (interpreted and > JIT'ed) images from malicious modifications or bugs. > > Outside of eBPF scope, I believe also other set_memory_* functions should > be unexported on arm64 for modules. > > Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> > Cc: Laura Abbott <lauraa@codeaurora.org> > Cc: Will Deacon <will.deacon@arm.com> > Cc: linux-kernel@vger.kernel.org > Acked-by: Alexei Starovoitov <ast@plumgrid.com> > --- > arch/arm64/mm/pageattr.c | 2 -- > 1 file changed, 2 deletions(-) > We have some uses for modules doing set_memory_ro/rw but none that are in mainline. That can be dealt with if the features ever get mainlined which seems unlikely. Acked-by: Laura Abbott <lauraa@codeaurora.org> > diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c > index bb0ea94..8659357 100644 > --- a/arch/arm64/mm/pageattr.c > +++ b/arch/arm64/mm/pageattr.c > @@ -70,7 +70,6 @@ int set_memory_ro(unsigned long addr, int numpages) > __pgprot(PTE_RDONLY), > __pgprot(PTE_WRITE)); > } > -EXPORT_SYMBOL_GPL(set_memory_ro); > > int set_memory_rw(unsigned long addr, int numpages) > { > @@ -78,7 +77,6 @@ int set_memory_rw(unsigned long addr, int numpages) > __pgprot(PTE_WRITE), > __pgprot(PTE_RDONLY)); > } > -EXPORT_SYMBOL_GPL(set_memory_rw); > > int set_memory_nx(unsigned long addr, int numpages) > { >
On Fri, Feb 27, 2015 at 02:55:41PM +0000, Daniel Borkmann wrote: > This effectively unexports set_memory_ro and set_memory_rw functions from > commit 11d91a770f1f ("arm64: Add CONFIG_DEBUG_SET_MODULE_RONX support"). > > No module user of those is in mainline kernel and we explicitly do not want > modules to use these functions, as they i.e. protect eBPF (interpreted and > JIT'ed) images from malicious modifications or bugs. > > Outside of eBPF scope, I believe also other set_memory_* functions should > be unexported on arm64 for modules. > > Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> > Cc: Laura Abbott <lauraa@codeaurora.org> > Cc: Will Deacon <will.deacon@arm.com> > Cc: linux-kernel@vger.kernel.org > Acked-by: Alexei Starovoitov <ast@plumgrid.com> > --- > arch/arm64/mm/pageattr.c | 2 -- > 1 file changed, 2 deletions(-) > > diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c > index bb0ea94..8659357 100644 > --- a/arch/arm64/mm/pageattr.c > +++ b/arch/arm64/mm/pageattr.c > @@ -70,7 +70,6 @@ int set_memory_ro(unsigned long addr, int numpages) > __pgprot(PTE_RDONLY), > __pgprot(PTE_WRITE)); > } > -EXPORT_SYMBOL_GPL(set_memory_ro); > > int set_memory_rw(unsigned long addr, int numpages) > { > @@ -78,7 +77,6 @@ int set_memory_rw(unsigned long addr, int numpages) > __pgprot(PTE_WRITE), > __pgprot(PTE_RDONLY)); > } > -EXPORT_SYMBOL_GPL(set_memory_rw); > > int set_memory_nx(unsigned long addr, int numpages) > { Looks good to me. Can this be applied independently, or does it need to remain part of your series? Will -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 02/27/2015 08:54 PM, Will Deacon wrote: ... > Looks good to me. Can this be applied independently, or does it need to > remain part of your series? Ideally, it should be seen as part of this series, but I have no problem if this one goes via arm64 tree, instead. What Dave and you prefer. ;) Thanks, Daniel -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Hi Will, On 02/27/2015 09:05 PM, Daniel Borkmann wrote: > On 02/27/2015 08:54 PM, Will Deacon wrote: > ... >> Looks good to me. Can this be applied independently, or does it need to >> remain part of your series? > > Ideally, it should be seen as part of this series, but I have no problem > if this one goes via arm64 tree, instead. What Dave and you prefer. ;) I'll resend you this one directly as a stand-alone patch to arm64, with Acked-by's preserved. Thanks, Daniel -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c index bb0ea94..8659357 100644 --- a/arch/arm64/mm/pageattr.c +++ b/arch/arm64/mm/pageattr.c @@ -70,7 +70,6 @@ int set_memory_ro(unsigned long addr, int numpages) __pgprot(PTE_RDONLY), __pgprot(PTE_WRITE)); } -EXPORT_SYMBOL_GPL(set_memory_ro); int set_memory_rw(unsigned long addr, int numpages) { @@ -78,7 +77,6 @@ int set_memory_rw(unsigned long addr, int numpages) __pgprot(PTE_WRITE), __pgprot(PTE_RDONLY)); } -EXPORT_SYMBOL_GPL(set_memory_rw); int set_memory_nx(unsigned long addr, int numpages) {
This effectively unexports set_memory_ro and set_memory_rw functions from commit 11d91a770f1f ("arm64: Add CONFIG_DEBUG_SET_MODULE_RONX support"). No module user of those is in mainline kernel and we explicitly do not want modules to use these functions, as they i.e. protect eBPF (interpreted and JIT'ed) images from malicious modifications or bugs. Outside of eBPF scope, I believe also other set_memory_* functions should be unexported on arm64 for modules. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Cc: Laura Abbott <lauraa@codeaurora.org> Cc: Will Deacon <will.deacon@arm.com> Cc: linux-kernel@vger.kernel.org Acked-by: Alexei Starovoitov <ast@plumgrid.com> --- arch/arm64/mm/pageattr.c | 2 -- 1 file changed, 2 deletions(-)