From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.2 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9C4CFC432C0 for ; Mon, 2 Dec 2019 09:17:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 6A839215E5 for ; Mon, 2 Dec 2019 09:17:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726410AbfLBJRU (ORCPT ); Mon, 2 Dec 2019 04:17:20 -0500 Received: from www62.your-server.de ([213.133.104.62]:54546 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725977AbfLBJRU (ORCPT ); Mon, 2 Dec 2019 04:17:20 -0500 Received: from [194.230.159.159] (helo=localhost) by www62.your-server.de with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from ) id 1ibhpV-00034d-II; Mon, 02 Dec 2019 10:17:17 +0100 Date: Mon, 2 Dec 2019 10:17:16 +0100 From: Daniel Borkmann To: Peter Zijlstra Cc: Eric Dumazet , alexei.starovoitov@gmail.com, netdev@vger.kernel.org, bpf@vger.kernel.org, "H. Peter Anvin" Subject: Re: [PATCH bpf] bpf: avoid setting bpf insns pages read-only when prog is jited Message-ID: <20191202091716.GA30232@localhost.localdomain> References: <20191129222911.3710-1-daniel@iogearbox.net> <10d4c87c-3d53-2dbf-d8c0-8b36863fec60@iogearbox.net> <20191202083006.GJ2844@hirez.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191202083006.GJ2844@hirez.programming.kicks-ass.net> User-Agent: Mutt/1.12.1 (2019-06-15) X-Authenticated-Sender: daniel@iogearbox.net X-Virus-Scanned: Clear (ClamAV 0.101.4/25650/Sun Dec 1 11:04:04 2019) Sender: bpf-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org On Mon, Dec 02, 2019 at 09:30:06AM +0100, Peter Zijlstra wrote: > On Sun, Dec 01, 2019 at 06:49:32PM -0800, Eric Dumazet wrote: > > > Thanks for the link ! > > > > Having RO protection as a debug feature would be useful. > > > > I believe we have CONFIG_STRICT_MODULE_RWX (and CONFIG_STRICT_KERNEL_RWX) for that already. > > > > Or are we saying we also want to get rid of them ? > > No, in fact I'm working on making that stronger. We currently still have > a few cases that violate the W^X rule. > > The thing is, when the BPF stuff is JIT'ed, the actual BPF instruction > page is not actually executed at all, so making it RO serves no purpose, > other than to fragment the direct map. Yes exactly, in that case it is only used for dumping the BPF insns back to user space and therefore no need at all to set it RO. (The JITed image however *is* set as RO. - Perhaps there was some confusion given your earlier question.) Thanks, Daniel