| Message ID | 20210316031741.1004850-5-jniethe5@gmail.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | [v9,1/8] powerpc/mm: Implement set_memory() routines | expand |
| Related | show |
| Context | Check | Description |
|---|---|---|
| snowpatch_ozlabs/apply_patch | warning | Failed to apply on branch powerpc/merge (0512161accb8b6f6dacc85d165350b1812ddcc33) |
| snowpatch_ozlabs/apply_patch | warning | Failed to apply on branch powerpc/next (fbda7904302499dd7ffc073a3c84eb7c9275db0a) |
| snowpatch_ozlabs/apply_patch | warning | Failed to apply on branch linus/master (1a4431a5db2bf800c647ee0ed87f2727b8d6c29c) |
| snowpatch_ozlabs/apply_patch | warning | Failed to apply on branch powerpc/fixes (eed5fae00593ab9d261a0c1ffc1bdb786a87a55a) |
| snowpatch_ozlabs/apply_patch | warning | Failed to apply on branch linux-next (1e28eed17697bcf343c6743f0028cc3b5dd88bf0) |
| snowpatch_ozlabs/apply_patch | fail | Failed to apply to any branch |
Le 16/03/2021 à 04:17, Jordan Niethe a écrit : > From: Russell Currey <ruscur@russell.cc> > > To enable strict module RWX on powerpc, set: > > CONFIG_STRICT_MODULE_RWX=y > > You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real > security benefit. > > ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX. > This is due to a quirk in arch/Kconfig and arch/powerpc/Kconfig that > makes STRICT_MODULE_RWX *on by default* in configurations where > STRICT_KERNEL_RWX is *unavailable*. Not that easy on book3s/32. On it, you can't protect memory against execution on a page basis, you can only do it on a segment basis. So in order to do that, when would need to allocate to areas of memory: one in module space for text and one in vmalloc space for data. See https://github.com/linuxppc/linux/commit/6ca05532 and https://github.com/linuxppc/linux/commit/7fbc22ce > > Since this doesn't make much sense, and module RWX without kernel RWX > doesn't make much sense, having the same dependencies as kernel RWX > works around this problem. > > Signed-off-by: Russell Currey <ruscur@russell.cc> > Signed-off-by: Jordan Niethe <jniethe5@gmail.com> > --- > arch/powerpc/Kconfig | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > index 4498a27ac9db..d9cadc4212d0 100644 > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -137,6 +137,7 @@ config PPC > select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 > select ARCH_HAS_SET_MEMORY > select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION) > + select ARCH_HAS_STRICT_MODULE_RWX if ARCH_HAS_STRICT_KERNEL_RWX > select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST > select ARCH_HAS_UACCESS_FLUSHCACHE > select ARCH_HAS_COPY_MC if PPC64 >
On Tue, Mar 16, 2021 at 5:51 PM Christophe Leroy <christophe.leroy@csgroup.eu> wrote: > > > > Le 16/03/2021 à 04:17, Jordan Niethe a écrit : > > From: Russell Currey <ruscur@russell.cc> > > > > To enable strict module RWX on powerpc, set: > > > > CONFIG_STRICT_MODULE_RWX=y > > > > You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real > > security benefit. > > > > ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX. > > This is due to a quirk in arch/Kconfig and arch/powerpc/Kconfig that > > makes STRICT_MODULE_RWX *on by default* in configurations where > > STRICT_KERNEL_RWX is *unavailable*. > > Not that easy on book3s/32. On it, you can't protect memory against execution on a page basis, you > can only do it on a segment basis. So in order to do that, when would need to allocate to areas of > memory: one in module space for text and one in vmalloc space for data. > > See https://github.com/linuxppc/linux/commit/6ca05532 and > https://github.com/linuxppc/linux/commit/7fbc22ce Would it be ok to just make ARCH_HAS_STRICT_MODULE_RWX conditional on 64s? > > > > > > Since this doesn't make much sense, and module RWX without kernel RWX > > doesn't make much sense, having the same dependencies as kernel RWX > > works around this problem. > > > > Signed-off-by: Russell Currey <ruscur@russell.cc> > > Signed-off-by: Jordan Niethe <jniethe5@gmail.com> > > --- > > arch/powerpc/Kconfig | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig > > index 4498a27ac9db..d9cadc4212d0 100644 > > --- a/arch/powerpc/Kconfig > > +++ b/arch/powerpc/Kconfig > > @@ -137,6 +137,7 @@ config PPC > > select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 > > select ARCH_HAS_SET_MEMORY > > select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION) > > + select ARCH_HAS_STRICT_MODULE_RWX if ARCH_HAS_STRICT_KERNEL_RWX > > select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST > > select ARCH_HAS_UACCESS_FLUSHCACHE > > select ARCH_HAS_COPY_MC if PPC64 > >
Le 17/03/2021 à 03:15, Jordan Niethe a écrit : > On Tue, Mar 16, 2021 at 5:51 PM Christophe Leroy > <christophe.leroy@csgroup.eu> wrote: >> >> >> >> Le 16/03/2021 à 04:17, Jordan Niethe a écrit : >>> From: Russell Currey <ruscur@russell.cc> >>> >>> To enable strict module RWX on powerpc, set: >>> >>> CONFIG_STRICT_MODULE_RWX=y >>> >>> You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real >>> security benefit. >>> >>> ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX. >>> This is due to a quirk in arch/Kconfig and arch/powerpc/Kconfig that >>> makes STRICT_MODULE_RWX *on by default* in configurations where >>> STRICT_KERNEL_RWX is *unavailable*. >> >> Not that easy on book3s/32. On it, you can't protect memory against execution on a page basis, you >> can only do it on a segment basis. So in order to do that, when would need to allocate to areas of >> memory: one in module space for text and one in vmalloc space for data. >> >> See https://github.com/linuxppc/linux/commit/6ca05532 and >> https://github.com/linuxppc/linux/commit/7fbc22ce > Would it be ok to just make ARCH_HAS_STRICT_MODULE_RWX conditional on 64s? I think making it conditional on !PPC_BOOK3S_604 should be enough. >> >> >>> >>> Since this doesn't make much sense, and module RWX without kernel RWX >>> doesn't make much sense, having the same dependencies as kernel RWX >>> works around this problem. >>> >>> Signed-off-by: Russell Currey <ruscur@russell.cc> >>> Signed-off-by: Jordan Niethe <jniethe5@gmail.com> >>> --- >>> arch/powerpc/Kconfig | 1 + >>> 1 file changed, 1 insertion(+) >>> >>> diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig >>> index 4498a27ac9db..d9cadc4212d0 100644 >>> --- a/arch/powerpc/Kconfig >>> +++ b/arch/powerpc/Kconfig >>> @@ -137,6 +137,7 @@ config PPC >>> select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 >>> select ARCH_HAS_SET_MEMORY >>> select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION) >>> + select ARCH_HAS_STRICT_MODULE_RWX if ARCH_HAS_STRICT_KERNEL_RWX >>> select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST >>> select ARCH_HAS_UACCESS_FLUSHCACHE >>> select ARCH_HAS_COPY_MC if PPC64 >>>
diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 4498a27ac9db..d9cadc4212d0 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -137,6 +137,7 @@ config PPC select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 select ARCH_HAS_SET_MEMORY select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION) + select ARCH_HAS_STRICT_MODULE_RWX if ARCH_HAS_STRICT_KERNEL_RWX select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST select ARCH_HAS_UACCESS_FLUSHCACHE select ARCH_HAS_COPY_MC if PPC64