[kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking

All of lore.kernel.org
 help / color / mirror / Atom feed

* [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking
@ 2017-12-06 10:23 ` Jinbum Park
  0 siblings, 0 replies; 6+ messages in thread
From: Jinbum Park @ 2017-12-06 10:23 UTC (permalink / raw)
  To: linux-arm-kernel, linux-kernel, kernel-hardening
  Cc: afzal.mohd.ma, mark.rutland, labbott, linux, gregkh, keescook,
	vladimir.murzin, arnd

Hi,

Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.

This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.

v2 :
Fix a sender name of mail header, there was an mistake.
(from "jinb.park" to Jinbum Park)
Contents of patch-set are perfectly same.

v3 :
Take advantage of the existing pg_level and bits arrays
to check ro, nx prot.

v4 :
Add boolean for ro_bit, nx_bit into prot_bits
to point ro_bit, nx_bit in pg_level.
This change is suggested by Laura Abbott.

jinb.park (3):
  arm: mm: dump: make page table dumping reusable
  arm: mm: dump: make the page table dumping seq_file optional
  arm: mm: dump: add checking for writable and executable pages

 arch/arm/Kconfig.debug        |  33 ++++++++-
 arch/arm/include/asm/ptdump.h |  56 ++++++++++++++++
 arch/arm/mm/Makefile          |   3 +-
 arch/arm/mm/dump.c            | 151 +++++++++++++++++++++++++++++-------------
 arch/arm/mm/init.c            |   2 +
 arch/arm/mm/ptdump_debugfs.c  |  34 ++++++++++
 6 files changed, 232 insertions(+), 47 deletions(-)
 create mode 100644 arch/arm/include/asm/ptdump.h
 create mode 100644 arch/arm/mm/ptdump_debugfs.c

-- 
1.9.1

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking
@ 2017-12-06 10:23 ` Jinbum Park
  0 siblings, 0 replies; 6+ messages in thread
From: Jinbum Park @ 2017-12-06 10:23 UTC (permalink / raw)
  To: linux-arm-kernel

Hi,

Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.

This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.

v2 :
Fix a sender name of mail header, there was an mistake.
(from "jinb.park" to Jinbum Park)
Contents of patch-set are perfectly same.

v3 :
Take advantage of the existing pg_level and bits arrays
to check ro, nx prot.

v4 :
Add boolean for ro_bit, nx_bit into prot_bits
to point ro_bit, nx_bit in pg_level.
This change is suggested by Laura Abbott.

jinb.park (3):
  arm: mm: dump: make page table dumping reusable
  arm: mm: dump: make the page table dumping seq_file optional
  arm: mm: dump: add checking for writable and executable pages

 arch/arm/Kconfig.debug        |  33 ++++++++-
 arch/arm/include/asm/ptdump.h |  56 ++++++++++++++++
 arch/arm/mm/Makefile          |   3 +-
 arch/arm/mm/dump.c            | 151 +++++++++++++++++++++++++++++-------------
 arch/arm/mm/init.c            |   2 +
 arch/arm/mm/ptdump_debugfs.c  |  34 ++++++++++
 6 files changed, 232 insertions(+), 47 deletions(-)
 create mode 100644 arch/arm/include/asm/ptdump.h
 create mode 100644 arch/arm/mm/ptdump_debugfs.c

-- 
1.9.1

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking
  2017-12-06 10:23 ` Jinbum Park
@ 2017-12-07  1:45   ` Laura Abbott
  -1 siblings, 0 replies; 6+ messages in thread
From: Laura Abbott @ 2017-12-07  1:45 UTC (permalink / raw)
  To: Jinbum Park, linux-arm-kernel, linux-kernel, kernel-hardening
  Cc: afzal.mohd.ma, mark.rutland, linux, gregkh, keescook,
	vladimir.murzin, arnd

On 12/06/2017 02:23 AM, Jinbum Park wrote:
> Hi,
> 
> Page table dumping code for arm64-x86 is reusable,
> and they have function for WX page checking.
> But arm doesn't have that.
> 
> This path series are to makes ptdump reusable,
> and add WX page checking for arm.
> This is heavily based on arm64 version.
> 
> v2 :
> Fix a sender name of mail header, there was an mistake.
> (from "jinb.park" to Jinbum Park)
> Contents of patch-set are perfectly same.
> 
> v3 :
> Take advantage of the existing pg_level and bits arrays
> to check ro, nx prot.
> 
> v4 :
> Add boolean for ro_bit, nx_bit into prot_bits
> to point ro_bit, nx_bit in pg_level.
> This change is suggested by Laura Abbott.
> 
> jinb.park (3):
>    arm: mm: dump: make page table dumping reusable
>    arm: mm: dump: make the page table dumping seq_file optional
>    arm: mm: dump: add checking for writable and executable pages
> 
>   arch/arm/Kconfig.debug        |  33 ++++++++-
>   arch/arm/include/asm/ptdump.h |  56 ++++++++++++++++
>   arch/arm/mm/Makefile          |   3 +-
>   arch/arm/mm/dump.c            | 151 +++++++++++++++++++++++++++++-------------
>   arch/arm/mm/init.c            |   2 +
>   arch/arm/mm/ptdump_debugfs.c  |  34 ++++++++++
>   6 files changed, 232 insertions(+), 47 deletions(-)
>   create mode 100644 arch/arm/include/asm/ptdump.h
>   create mode 100644 arch/arm/mm/ptdump_debugfs.c
> 

You can add

Tested-by: Laura Abbott <labbott@redhat.com>
Reviewed-by: Laura Abbott <labbott@redhat.com>

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking
@ 2017-12-07  1:45   ` Laura Abbott
  0 siblings, 0 replies; 6+ messages in thread
From: Laura Abbott @ 2017-12-07  1:45 UTC (permalink / raw)
  To: linux-arm-kernel

On 12/06/2017 02:23 AM, Jinbum Park wrote:
> Hi,
> 
> Page table dumping code for arm64-x86 is reusable,
> and they have function for WX page checking.
> But arm doesn't have that.
> 
> This path series are to makes ptdump reusable,
> and add WX page checking for arm.
> This is heavily based on arm64 version.
> 
> v2 :
> Fix a sender name of mail header, there was an mistake.
> (from "jinb.park" to Jinbum Park)
> Contents of patch-set are perfectly same.
> 
> v3 :
> Take advantage of the existing pg_level and bits arrays
> to check ro, nx prot.
> 
> v4 :
> Add boolean for ro_bit, nx_bit into prot_bits
> to point ro_bit, nx_bit in pg_level.
> This change is suggested by Laura Abbott.
> 
> jinb.park (3):
>    arm: mm: dump: make page table dumping reusable
>    arm: mm: dump: make the page table dumping seq_file optional
>    arm: mm: dump: add checking for writable and executable pages
> 
>   arch/arm/Kconfig.debug        |  33 ++++++++-
>   arch/arm/include/asm/ptdump.h |  56 ++++++++++++++++
>   arch/arm/mm/Makefile          |   3 +-
>   arch/arm/mm/dump.c            | 151 +++++++++++++++++++++++++++++-------------
>   arch/arm/mm/init.c            |   2 +
>   arch/arm/mm/ptdump_debugfs.c  |  34 ++++++++++
>   6 files changed, 232 insertions(+), 47 deletions(-)
>   create mode 100644 arch/arm/include/asm/ptdump.h
>   create mode 100644 arch/arm/mm/ptdump_debugfs.c
> 

You can add

Tested-by: Laura Abbott <labbott@redhat.com>
Reviewed-by: Laura Abbott <labbott@redhat.com>

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking
  2017-12-06 10:23 ` Jinbum Park
@ 2017-12-07 17:45   ` Kees Cook
  -1 siblings, 0 replies; 6+ messages in thread
From: Kees Cook @ 2017-12-07 17:45 UTC (permalink / raw)
  To: Jinbum Park
  Cc: linux-arm-kernel, LKML, kernel-hardening, Afzal Mohammed,
	Mark Rutland, Laura Abbott, Russell King, Greg KH,
	Vladimir Murzin, Arnd Bergmann

On Wed, Dec 6, 2017 at 2:23 AM, Jinbum Park <jinb.park7@gmail.com> wrote:
> Hi,
>
> Page table dumping code for arm64-x86 is reusable,
> and they have function for WX page checking.
> But arm doesn't have that.
>
> This path series are to makes ptdump reusable,
> and add WX page checking for arm.
> This is heavily based on arm64 version.
>
> v2 :
> Fix a sender name of mail header, there was an mistake.
> (from "jinb.park" to Jinbum Park)
> Contents of patch-set are perfectly same.
>
> v3 :
> Take advantage of the existing pg_level and bits arrays
> to check ro, nx prot.
>
> v4 :
> Add boolean for ro_bit, nx_bit into prot_bits
> to point ro_bit, nx_bit in pg_level.
> This change is suggested by Laura Abbott.
>
> jinb.park (3):
>   arm: mm: dump: make page table dumping reusable
>   arm: mm: dump: make the page table dumping seq_file optional
>   arm: mm: dump: add checking for writable and executable pages
>
>  arch/arm/Kconfig.debug        |  33 ++++++++-
>  arch/arm/include/asm/ptdump.h |  56 ++++++++++++++++
>  arch/arm/mm/Makefile          |   3 +-
>  arch/arm/mm/dump.c            | 151 +++++++++++++++++++++++++++++-------------
>  arch/arm/mm/init.c            |   2 +
>  arch/arm/mm/ptdump_debugfs.c  |  34 ++++++++++
>  6 files changed, 232 insertions(+), 47 deletions(-)
>  create mode 100644 arch/arm/include/asm/ptdump.h
>  create mode 100644 arch/arm/mm/ptdump_debugfs.c

Please consider this series:

Reviewed-by: Kees Cook <keescook@chromium.org>

With Laura's review, this is probably ready to put into the ARM patch tracker.

-Kees

-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking
@ 2017-12-07 17:45   ` Kees Cook
  0 siblings, 0 replies; 6+ messages in thread
From: Kees Cook @ 2017-12-07 17:45 UTC (permalink / raw)
  To: linux-arm-kernel

On Wed, Dec 6, 2017 at 2:23 AM, Jinbum Park <jinb.park7@gmail.com> wrote:
> Hi,
>
> Page table dumping code for arm64-x86 is reusable,
> and they have function for WX page checking.
> But arm doesn't have that.
>
> This path series are to makes ptdump reusable,
> and add WX page checking for arm.
> This is heavily based on arm64 version.
>
> v2 :
> Fix a sender name of mail header, there was an mistake.
> (from "jinb.park" to Jinbum Park)
> Contents of patch-set are perfectly same.
>
> v3 :
> Take advantage of the existing pg_level and bits arrays
> to check ro, nx prot.
>
> v4 :
> Add boolean for ro_bit, nx_bit into prot_bits
> to point ro_bit, nx_bit in pg_level.
> This change is suggested by Laura Abbott.
>
> jinb.park (3):
>   arm: mm: dump: make page table dumping reusable
>   arm: mm: dump: make the page table dumping seq_file optional
>   arm: mm: dump: add checking for writable and executable pages
>
>  arch/arm/Kconfig.debug        |  33 ++++++++-
>  arch/arm/include/asm/ptdump.h |  56 ++++++++++++++++
>  arch/arm/mm/Makefile          |   3 +-
>  arch/arm/mm/dump.c            | 151 +++++++++++++++++++++++++++++-------------
>  arch/arm/mm/init.c            |   2 +
>  arch/arm/mm/ptdump_debugfs.c  |  34 ++++++++++
>  6 files changed, 232 insertions(+), 47 deletions(-)
>  create mode 100644 arch/arm/include/asm/ptdump.h
>  create mode 100644 arch/arm/mm/ptdump_debugfs.c

Please consider this series:

Reviewed-by: Kees Cook <keescook@chromium.org>

With Laura's review, this is probably ready to put into the ARM patch tracker.

-Kees

-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2017-12-07 17:45 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-12-06 10:23 [kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking Jinbum Park
2017-12-06 10:23 ` Jinbum Park
2017-12-07  1:45 ` Laura Abbott
2017-12-07  1:45   ` Laura Abbott
2017-12-07 17:45 ` Kees Cook
2017-12-07 17:45   ` Kees Cook

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.