From: tip-bot for Yinghai Lu <yinghai@kernel.org>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@kernel.org,
yinghai@kernel.org, tglx@linutronix.de, hpa@linux.intel.com
Subject: [tip:x86/mm2] x86, 64bit, mm: Mark data/bss/brk to nx
Date: Tue, 29 Jan 2013 19:55:09 -0800 [thread overview]
Message-ID: <tip-72212675d1c96f5db8ec6fb35701879911193158@git.kernel.org> (raw)
In-Reply-To: <1359058816-7615-33-git-send-email-yinghai@kernel.org>
Commit-ID: 72212675d1c96f5db8ec6fb35701879911193158
Gitweb: http://git.kernel.org/tip/72212675d1c96f5db8ec6fb35701879911193158
Author: Yinghai Lu <yinghai@kernel.org>
AuthorDate: Thu, 24 Jan 2013 12:20:13 -0800
Committer: H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Tue, 29 Jan 2013 19:32:58 -0800
x86, 64bit, mm: Mark data/bss/brk to nx
HPA said, we should not have RW and +x set at the time.
for kernel layout:
[ 0.000000] Kernel Layout:
[ 0.000000] .text: [0x01000000-0x021434f8]
[ 0.000000] .rodata: [0x02200000-0x02a13fff]
[ 0.000000] .data: [0x02c00000-0x02dc763f]
[ 0.000000] .init: [0x02dc9000-0x0312cfff]
[ 0.000000] .bss: [0x0313b000-0x03dd6fff]
[ 0.000000] .brk: [0x03dd7000-0x03dfffff]
before the patch, we have
---[ High Kernel Mapping ]---
0xffffffff80000000-0xffffffff81000000 16M pmd
0xffffffff81000000-0xffffffff82200000 18M ro PSE GLB x pmd
0xffffffff82200000-0xffffffff82c00000 10M ro PSE GLB NX pmd
0xffffffff82c00000-0xffffffff82dc9000 1828K RW GLB x pte
0xffffffff82dc9000-0xffffffff82e00000 220K RW GLB NX pte
0xffffffff82e00000-0xffffffff83000000 2M RW PSE GLB NX pmd
0xffffffff83000000-0xffffffff8313a000 1256K RW GLB NX pte
0xffffffff8313a000-0xffffffff83200000 792K RW GLB x pte
0xffffffff83200000-0xffffffff83e00000 12M RW PSE GLB x pmd
0xffffffff83e00000-0xffffffffa0000000 450M pmd
after patch,, we get
---[ High Kernel Mapping ]---
0xffffffff80000000-0xffffffff81000000 16M pmd
0xffffffff81000000-0xffffffff82200000 18M ro PSE GLB x pmd
0xffffffff82200000-0xffffffff82c00000 10M ro PSE GLB NX pmd
0xffffffff82c00000-0xffffffff82e00000 2M RW GLB NX pte
0xffffffff82e00000-0xffffffff83000000 2M RW PSE GLB NX pmd
0xffffffff83000000-0xffffffff83200000 2M RW GLB NX pte
0xffffffff83200000-0xffffffff83e00000 12M RW PSE GLB NX pmd
0xffffffff83e00000-0xffffffffa0000000 450M pmd
so data, bss, brk get NX ...
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Link: http://lkml.kernel.org/r/1359058816-7615-33-git-send-email-yinghai@kernel.org
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
---
arch/x86/mm/init_64.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index dc67337..e2fcbc3 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -810,6 +810,7 @@ void mark_rodata_ro(void)
unsigned long text_end = PAGE_ALIGN((unsigned long) &__stop___ex_table);
unsigned long rodata_end = PAGE_ALIGN((unsigned long) &__end_rodata);
unsigned long data_start = (unsigned long) &_sdata;
+ unsigned long all_end = PFN_ALIGN(&_end);
printk(KERN_INFO "Write protecting the kernel read-only data: %luk\n",
(end - start) >> 10);
@@ -818,10 +819,10 @@ void mark_rodata_ro(void)
kernel_set_to_readonly = 1;
/*
- * The rodata section (but not the kernel text!) should also be
- * not-executable.
+ * The rodata/data/bss/brk section (but not the kernel text!)
+ * should also be not-executable.
*/
- set_memory_nx(rodata_start, (end - rodata_start) >> PAGE_SHIFT);
+ set_memory_nx(rodata_start, (all_end - rodata_start) >> PAGE_SHIFT);
rodata_test();
next prev parent reply other threads:[~2013-01-30 3:55 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-24 20:19 [PATCH 00/35] x86, boot, 64bit: Add support for loading ramdisk and bzImage above 4G Yinghai Lu
2013-01-24 20:19 ` [PATCH 01/35] x86, mm: Fix page table early allocation offset checking Yinghai Lu
2013-01-30 1:20 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 02/35] x86: Handle multiple exactmaps and out of order exactmap Yinghai Lu
2013-01-24 20:19 ` [PATCH 03/35] x86, mm: Introduce memmap=reserveram Yinghai Lu
2013-01-24 20:19 ` [PATCH 04/35] x86: Clean up e820 add kernel range Yinghai Lu
2013-01-24 23:21 ` Jacob Shin
2013-01-30 1:21 ` [tip:x86/mm2] x86: Factor out e820_add_kernel_range() tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 05/35] x86, 64bit, mm: Make pgd next calculation consistent with pud/pmd Yinghai Lu
2013-01-30 1:22 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 06/35] x86, realmode: Set real_mode permissions early Yinghai Lu
2013-01-30 1:23 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 07/35] x86, 64bit, mm: Add generic kernel/ident mapping helper Yinghai Lu
2013-01-30 1:24 ` [tip:x86/mm2] x86, 64bit, mm: Add generic kernel/ ident " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 08/35] x86, 64bit: Copy zero-page early Yinghai Lu
2013-01-30 1:25 ` [tip:x86/mm2] x86, 64bit: Copy struct boot_params early tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 09/35] x86, 64bit, realmode: Use init_level4_pgt to set trapmoline_pgd directly Yinghai Lu
2013-01-30 1:27 ` [tip:x86/mm2] x86, 64bit, realmode: Use init_level4_pgt to set trampoline_pgd directly tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 10/35] x86, realmode: Separate real_mode reserve and setup Yinghai Lu
2013-01-30 1:28 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 11/35] x86, 64bit: early #PF handler set page table Yinghai Lu
2013-01-30 1:29 ` [tip:x86/mm2] x86, 64bit: Use a #PF handler to materialize early mappings on demand tip-bot for H. Peter Anvin
2013-01-24 20:19 ` [PATCH 12/35] x86, 64bit: #PF handler set page to cover only 2M per #PF Yinghai Lu
2013-01-30 1:30 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 13/35] x86, 64bit: Don't set max_pfn_mapped wrong value early on native path Yinghai Lu
2013-01-30 1:31 ` [tip:x86/mm2] x86, 64bit: Don' t " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 14/35] x86: Merge early_reserve_initrd for 32bit and 64bit Yinghai Lu
2013-01-30 1:32 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 15/35] x86: Add get_ramdisk_image/size() Yinghai Lu
2013-01-30 1:34 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 16/35] x86, boot: Add get_cmd_line_ptr() Yinghai Lu
2013-01-30 1:35 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 17/35] x86, boot: Move checking of cmd_line_ptr out of common path Yinghai Lu
2013-01-30 1:36 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 18/35] x86, boot: Pass cmd_line_ptr with unsigned long instead Yinghai Lu
2013-01-30 1:37 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 19/35] x86, boot: Move verify_cpu.S and no_longmode down Yinghai Lu
2013-01-30 1:38 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 20/35] x86, boot: Move lldt/ltr out of 64bit code section Yinghai Lu
2013-01-30 1:39 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 21/35] x86, kexec: Remove 1024G limitation for kexec buffer on 64bit Yinghai Lu
2013-01-30 1:40 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 22/35] x86, kexec: Set ident mapping for kernel that is above max_pfn Yinghai Lu
2013-01-30 1:42 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 23/35] x86, kexec: Replace ident_mapping_init and init_level4_page Yinghai Lu
2013-01-30 1:43 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 24/35] x86, kexec, 64bit: Only set ident mapping for ram Yinghai Lu
2013-01-30 1:44 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 25/35] x86, boot: Add fields to support load bzImage and ramdisk above 4G Yinghai Lu
2013-01-28 0:07 ` [tip:x86/boot] x86, boot: Define the 2.12 bzImage boot protocol tip-bot for H. Peter Anvin
2013-01-29 9:48 ` [tip:x86/boot] x86, boot: Sanitize boot_params if not zeroed on creation tip-bot for H. Peter Anvin
2013-01-30 1:45 ` [tip:x86/mm2] x86, boot: enable support load bzImage and ramdisk above 4G tip-bot for Yinghai Lu
2013-01-30 1:54 ` Yinghai Lu
2013-01-30 2:18 ` H. Peter Anvin
2013-01-30 3:47 ` [tip:x86/mm2] x86, boot: Support loading bzImage, boot_params " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 26/35] x86, boot: Update comments about entries for 64bit image Yinghai Lu
2013-01-30 1:46 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:48 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 27/35] x86, boot: Not need to check setup_header version for setup_data Yinghai Lu
2013-01-30 1:47 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:49 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 28/35] memblock: Add memblock_mem_size() Yinghai Lu
2013-01-30 1:49 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:50 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 29/35] x86, kdump: Remove crashkernel range find limit for 64bit Yinghai Lu
2013-01-30 1:50 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:51 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 30/35] x86: Add Crash kernel low reservation Yinghai Lu
2013-01-30 1:51 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-02-07 5:14 ` Rob Landley
2013-02-07 6:39 ` Yinghai Lu
2013-01-30 3:52 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 31/35] x86: Merge early kernel reserve for 32bit and 64bit Yinghai Lu
2013-01-30 1:52 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:53 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 32/35] x86, 64bit, mm: Mark data/bss/brk to nx Yinghai Lu
2013-01-30 1:53 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:55 ` tip-bot for Yinghai Lu [this message]
2013-01-24 20:20 ` [PATCH 33/35] x86, 64bit, mm: hibernate use generic mapping_init Yinghai Lu
2013-01-24 22:50 ` Rafael J. Wysocki
2013-01-30 1:54 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:56 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 34/35] mm: Add alloc_bootmem_low_pages_nopanic() Yinghai Lu
2013-01-30 1:56 ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30 3:57 ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 35/35] x86: Don't panic if can not alloc buffer for swiotlb Yinghai Lu
2013-01-24 20:20 ` Yinghai Lu
2013-01-25 16:47 ` Konrad Rzeszutek Wilk
2013-01-25 16:47 ` Konrad Rzeszutek Wilk
2013-01-30 1:57 ` [tip:x86/mm2] x86: Don' t " tip-bot for Yinghai Lu
2013-01-30 3:58 ` tip-bot for Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-72212675d1c96f5db8ec6fb35701879911193158@git.kernel.org \
--to=yinghai@kernel.org \
--cc=hpa@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.