From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.2 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED, USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3B5A1C43460 for ; Sat, 17 Apr 2021 17:26:43 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id D3D7D610CD for ; Sat, 17 Apr 2021 17:26:42 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org D3D7D610CD Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ghiti.fr Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 6A9036B006C; Sat, 17 Apr 2021 13:26:42 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 631C46B006E; Sat, 17 Apr 2021 13:26:42 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4AB706B0070; Sat, 17 Apr 2021 13:26:42 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0105.hostedemail.com [216.40.44.105]) by kanga.kvack.org (Postfix) with ESMTP id 2B48E6B006C for ; Sat, 17 Apr 2021 13:26:42 -0400 (EDT) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id D43DE3640 for ; Sat, 17 Apr 2021 17:26:41 +0000 (UTC) X-FDA: 78042538602.28.4BC0F9D Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net [217.70.183.196]) by imf21.hostedemail.com (Postfix) with ESMTP id 0057AE000111 for ; Sat, 17 Apr 2021 17:26:38 +0000 (UTC) X-Originating-IP: 2.7.49.219 Received: from [192.168.1.12] (lfbn-lyo-1-457-219.w2-7.abo.wanadoo.fr [2.7.49.219]) (Authenticated sender: alex@ghiti.fr) by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id 39881E0003; Sat, 17 Apr 2021 17:26:37 +0000 (UTC) Subject: Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set To: Palmer Dabbelt Cc: anup@brainfault.org, corbet@lwn.net, Paul Walmsley , aou@eecs.berkeley.edu, Arnd Bergmann , aryabinin@virtuozzo.com, glider@google.com, dvyukov@google.com, linux-doc@vger.kernel.org, linux-riscv@lists.infradead.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-arch@vger.kernel.org, linux-mm@kvack.org References: From: Alex Ghiti Message-ID: <72130961-0419-9b1f-e88e-aa1e933f2942@ghiti.fr> Date: Sat, 17 Apr 2021 13:26:36 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: fr X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 0057AE000111 X-Stat-Signature: o1pmjijwhwfqciyyeuowp5ojdzpxo58b Received-SPF: none (ghiti.fr>: No applicable sender policy available) receiver=imf21; identity=mailfrom; envelope-from=""; helo=relay4-d.mail.gandi.net; client-ip=217.70.183.196 X-HE-DKIM-Result: none/none X-HE-Tag: 1618680398-580584 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000038, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Le 4/16/21 =C3=A0 12:33 PM, Palmer Dabbelt a =C3=A9crit=C2=A0: > On Fri, 16 Apr 2021 03:47:19 PDT (-0700), alex@ghiti.fr wrote: >> Hi Anup, >> >> Le 4/16/21 =C3=A0 6:41 AM, Anup Patel a =C3=A9crit=C2=A0: >>> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti wrote= : >>>> >>>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different=20 >>>> permissions >>>> to the kernel data and text sections, so make sure it is defined bef= ore >>>> trying to protect the kernel linear mapping. >>>> >>>> Signed-off-by: Alexandre Ghiti >>> >>> Maybe you should add "Fixes:" tag in commit tag ? >> >> Yes you're right I should have done that. Maybe Palmer will squash it = as >> it just entered for-next? >=20 > Ya, I'll do it.=C2=A0 My testing box was just tied up last night for th= e rc8=20 > PR, so I threw this on for-next to get the buildbots to take a look.=20 > It's a bit too late to take something for this week, as I try to be=20 > pretty conservative this late in the cycle.=C2=A0 There's another kprob= es fix=20 > on the list so if we end up with an rc8 I might send this along with=20 > that, otherwise this'll just go onto for-next before the linear map=20 > changes that exercise the bug. >=20 > You're more than welcome to just dig up the fixes tag and reply, my=20 > scripts pull all tags from replies (just like Revieweb-by).=C2=A0 Other= wise=20 > I'll do it myself, most people don't really post Fixes tags that=20 > accurately so I go through it for pretty much everything anyway. Here it is: Fixes: 4b67f48da707 ("riscv: Move kernel mapping outside of linear mappin= g") Thanks, >=20 > Thanks for sorting this out so quickly! >=20 >> >>> >>> Otherwise it looks good. >>> >>> Reviewed-by: Anup Patel >> >> Thank you! >> >> Alex >> >>> >>> Regards, >>> Anup >>> >>>> --- >>>> =C2=A0 arch/riscv/kernel/setup.c | 8 ++++---- >>>> =C2=A0 1 file changed, 4 insertions(+), 4 deletions(-) >>>> >>>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c >>>> index 626003bb5fca..ab394d173cd4 100644 >>>> --- a/arch/riscv/kernel/setup.c >>>> +++ b/arch/riscv/kernel/setup.c >>>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p) >>>> >>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 sbi_init(); >>>> >>>> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (IS_ENABLED(CONFIG_STRICT_K= ERNEL_RWX)) >>>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 if (IS_ENABLED(CONFIG_STRICT_K= ERNEL_RWX)) { >>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0 protect_kernel_text_data(); >>>> - >>>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU) >>>> -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 protect_kernel_linear_mapping_= text_rodata(); >>>> +#ifdef CONFIG_64BIT >>>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0 protect_kernel_linear_mapping_text_rodata(); >>>> =C2=A0 #endif >>>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 } >>>> >>>> =C2=A0 #ifdef CONFIG_SWIOTLB >>>> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 swiotlb_init(1); >>>> --=20 >>>> 2.20.1 >>>> >>> >>> _______________________________________________ >>> linux-riscv mailing list >>> linux-riscv@lists.infradead.org >>> http://lists.infradead.org/mailman/listinfo/linux-riscv >>> >=20 > _______________________________________________ > linux-riscv mailing list > linux-riscv@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/linux-riscv