Linux-RISC-V Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
@ 2021-04-15 11:04 Alexandre Ghiti
  2021-04-16 10:41 ` Anup Patel
  0 siblings, 1 reply; 6+ messages in thread
From: Alexandre Ghiti @ 2021-04-15 11:04 UTC (permalink / raw)
  To: Jonathan Corbet, Paul Walmsley, Palmer Dabbelt, Albert Ou,
	Arnd Bergmann, Andrey Ryabinin, Alexander Potapenko,
	Dmitry Vyukov, linux-doc, linux-riscv, linux-kernel, kasan-dev,
	linux-arch, linux-mm
  Cc: Alexandre Ghiti

If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different permissions
to the kernel data and text sections, so make sure it is defined before
trying to protect the kernel linear mapping.

Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
---
 arch/riscv/kernel/setup.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
index 626003bb5fca..ab394d173cd4 100644
--- a/arch/riscv/kernel/setup.c
+++ b/arch/riscv/kernel/setup.c
@@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
 
 	sbi_init();
 
-	if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
+	if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
 		protect_kernel_text_data();
-
-#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
-	protect_kernel_linear_mapping_text_rodata();
+#ifdef CONFIG_64BIT
+		protect_kernel_linear_mapping_text_rodata();
 #endif
+	}
 
 #ifdef CONFIG_SWIOTLB
 	swiotlb_init(1);
-- 
2.20.1


_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
  2021-04-15 11:04 [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set Alexandre Ghiti
@ 2021-04-16 10:41 ` Anup Patel
  2021-04-16 10:47   ` Alex Ghiti
  0 siblings, 1 reply; 6+ messages in thread
From: Anup Patel @ 2021-04-16 10:41 UTC (permalink / raw)
  To: Alexandre Ghiti
  Cc: Jonathan Corbet, Paul Walmsley, Palmer Dabbelt, Albert Ou,
	Arnd Bergmann, Andrey Ryabinin, Alexander Potapenko,
	Dmitry Vyukov, linux-doc, linux-riscv,
	linux-kernel@vger.kernel.org List, kasan-dev, linux-arch,
	Linux Memory Management List

On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@ghiti.fr> wrote:
>
> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different permissions
> to the kernel data and text sections, so make sure it is defined before
> trying to protect the kernel linear mapping.
>
> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>

Maybe you should add "Fixes:" tag in commit tag ?

Otherwise it looks good.

Reviewed-by: Anup Patel <anup@brainfault.org>

Regards,
Anup

> ---
>  arch/riscv/kernel/setup.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
> index 626003bb5fca..ab394d173cd4 100644
> --- a/arch/riscv/kernel/setup.c
> +++ b/arch/riscv/kernel/setup.c
> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>
>         sbi_init();
>
> -       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
> +       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>                 protect_kernel_text_data();
> -
> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
> -       protect_kernel_linear_mapping_text_rodata();
> +#ifdef CONFIG_64BIT
> +               protect_kernel_linear_mapping_text_rodata();
>  #endif
> +       }
>
>  #ifdef CONFIG_SWIOTLB
>         swiotlb_init(1);
> --
> 2.20.1
>

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
  2021-04-16 10:41 ` Anup Patel
@ 2021-04-16 10:47   ` Alex Ghiti
  2021-04-16 16:33     ` Palmer Dabbelt
  0 siblings, 1 reply; 6+ messages in thread
From: Alex Ghiti @ 2021-04-16 10:47 UTC (permalink / raw)
  To: Anup Patel
  Cc: Jonathan Corbet, Paul Walmsley, Palmer Dabbelt, Albert Ou,
	Arnd Bergmann, Andrey Ryabinin, Alexander Potapenko,
	Dmitry Vyukov, linux-doc, linux-riscv,
	linux-kernel@vger.kernel.org List, kasan-dev, linux-arch,
	Linux Memory Management List

Hi Anup,

Le 4/16/21 à 6:41 AM, Anup Patel a écrit :
> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@ghiti.fr> wrote:
>>
>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different permissions
>> to the kernel data and text sections, so make sure it is defined before
>> trying to protect the kernel linear mapping.
>>
>> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
> 
> Maybe you should add "Fixes:" tag in commit tag ?

Yes you're right I should have done that. Maybe Palmer will squash it as 
it just entered for-next?

> 
> Otherwise it looks good.
> 
> Reviewed-by: Anup Patel <anup@brainfault.org>

Thank you!

Alex

> 
> Regards,
> Anup
> 
>> ---
>>   arch/riscv/kernel/setup.c | 8 ++++----
>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
>> index 626003bb5fca..ab394d173cd4 100644
>> --- a/arch/riscv/kernel/setup.c
>> +++ b/arch/riscv/kernel/setup.c
>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>>
>>          sbi_init();
>>
>> -       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
>> +       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>>                  protect_kernel_text_data();
>> -
>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
>> -       protect_kernel_linear_mapping_text_rodata();
>> +#ifdef CONFIG_64BIT
>> +               protect_kernel_linear_mapping_text_rodata();
>>   #endif
>> +       }
>>
>>   #ifdef CONFIG_SWIOTLB
>>          swiotlb_init(1);
>> --
>> 2.20.1
>>
> 
> _______________________________________________
> linux-riscv mailing list
> linux-riscv@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-riscv
> 

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
  2021-04-16 10:47   ` Alex Ghiti
@ 2021-04-16 16:33     ` Palmer Dabbelt
  2021-04-17 17:26       ` Alex Ghiti
  0 siblings, 1 reply; 6+ messages in thread
From: Palmer Dabbelt @ 2021-04-16 16:33 UTC (permalink / raw)
  To: alex
  Cc: anup, corbet, Paul Walmsley, aou, Arnd Bergmann, aryabinin,
	glider, dvyukov, linux-doc, linux-riscv, linux-kernel, kasan-dev,
	linux-arch, linux-mm

On Fri, 16 Apr 2021 03:47:19 PDT (-0700), alex@ghiti.fr wrote:
> Hi Anup,
>
> Le 4/16/21 à 6:41 AM, Anup Patel a écrit :
>> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@ghiti.fr> wrote:
>>>
>>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different permissions
>>> to the kernel data and text sections, so make sure it is defined before
>>> trying to protect the kernel linear mapping.
>>>
>>> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
>>
>> Maybe you should add "Fixes:" tag in commit tag ?
>
> Yes you're right I should have done that. Maybe Palmer will squash it as
> it just entered for-next?

Ya, I'll do it.  My testing box was just tied up last night for the rc8 
PR, so I threw this on for-next to get the buildbots to take a look.  
It's a bit too late to take something for this week, as I try to be 
pretty conservative this late in the cycle.  There's another kprobes fix 
on the list so if we end up with an rc8 I might send this along with 
that, otherwise this'll just go onto for-next before the linear map 
changes that exercise the bug.

You're more than welcome to just dig up the fixes tag and reply, my 
scripts pull all tags from replies (just like Revieweb-by).  Otherwise 
I'll do it myself, most people don't really post Fixes tags that 
accurately so I go through it for pretty much everything anyway.

Thanks for sorting this out so quickly!

>
>>
>> Otherwise it looks good.
>>
>> Reviewed-by: Anup Patel <anup@brainfault.org>
>
> Thank you!
>
> Alex
>
>>
>> Regards,
>> Anup
>>
>>> ---
>>>   arch/riscv/kernel/setup.c | 8 ++++----
>>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
>>> index 626003bb5fca..ab394d173cd4 100644
>>> --- a/arch/riscv/kernel/setup.c
>>> +++ b/arch/riscv/kernel/setup.c
>>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>>>
>>>          sbi_init();
>>>
>>> -       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
>>> +       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>>>                  protect_kernel_text_data();
>>> -
>>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
>>> -       protect_kernel_linear_mapping_text_rodata();
>>> +#ifdef CONFIG_64BIT
>>> +               protect_kernel_linear_mapping_text_rodata();
>>>   #endif
>>> +       }
>>>
>>>   #ifdef CONFIG_SWIOTLB
>>>          swiotlb_init(1);
>>> --
>>> 2.20.1
>>>
>>
>> _______________________________________________
>> linux-riscv mailing list
>> linux-riscv@lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/linux-riscv
>>

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
  2021-04-16 16:33     ` Palmer Dabbelt
@ 2021-04-17 17:26       ` Alex Ghiti
  2021-04-23  1:34         ` Palmer Dabbelt
  0 siblings, 1 reply; 6+ messages in thread
From: Alex Ghiti @ 2021-04-17 17:26 UTC (permalink / raw)
  To: Palmer Dabbelt
  Cc: anup, corbet, Paul Walmsley, aou, Arnd Bergmann, aryabinin,
	glider, dvyukov, linux-doc, linux-riscv, linux-kernel, kasan-dev,
	linux-arch, linux-mm

Le 4/16/21 à 12:33 PM, Palmer Dabbelt a écrit :
> On Fri, 16 Apr 2021 03:47:19 PDT (-0700), alex@ghiti.fr wrote:
>> Hi Anup,
>>
>> Le 4/16/21 à 6:41 AM, Anup Patel a écrit :
>>> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@ghiti.fr> wrote:
>>>>
>>>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different 
>>>> permissions
>>>> to the kernel data and text sections, so make sure it is defined before
>>>> trying to protect the kernel linear mapping.
>>>>
>>>> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
>>>
>>> Maybe you should add "Fixes:" tag in commit tag ?
>>
>> Yes you're right I should have done that. Maybe Palmer will squash it as
>> it just entered for-next?
> 
> Ya, I'll do it.  My testing box was just tied up last night for the rc8 
> PR, so I threw this on for-next to get the buildbots to take a look. 
> It's a bit too late to take something for this week, as I try to be 
> pretty conservative this late in the cycle.  There's another kprobes fix 
> on the list so if we end up with an rc8 I might send this along with 
> that, otherwise this'll just go onto for-next before the linear map 
> changes that exercise the bug.
> 
> You're more than welcome to just dig up the fixes tag and reply, my 
> scripts pull all tags from replies (just like Revieweb-by).  Otherwise 
> I'll do it myself, most people don't really post Fixes tags that 
> accurately so I go through it for pretty much everything anyway.

Here it is:

Fixes: 4b67f48da707 ("riscv: Move kernel mapping outside of linear mapping")

Thanks,

> 
> Thanks for sorting this out so quickly!
> 
>>
>>>
>>> Otherwise it looks good.
>>>
>>> Reviewed-by: Anup Patel <anup@brainfault.org>
>>
>> Thank you!
>>
>> Alex
>>
>>>
>>> Regards,
>>> Anup
>>>
>>>> ---
>>>>   arch/riscv/kernel/setup.c | 8 ++++----
>>>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>>>
>>>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
>>>> index 626003bb5fca..ab394d173cd4 100644
>>>> --- a/arch/riscv/kernel/setup.c
>>>> +++ b/arch/riscv/kernel/setup.c
>>>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>>>>
>>>>          sbi_init();
>>>>
>>>> -       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
>>>> +       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>>>>                  protect_kernel_text_data();
>>>> -
>>>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
>>>> -       protect_kernel_linear_mapping_text_rodata();
>>>> +#ifdef CONFIG_64BIT
>>>> +               protect_kernel_linear_mapping_text_rodata();
>>>>   #endif
>>>> +       }
>>>>
>>>>   #ifdef CONFIG_SWIOTLB
>>>>          swiotlb_init(1);
>>>> -- 
>>>> 2.20.1
>>>>
>>>
>>> _______________________________________________
>>> linux-riscv mailing list
>>> linux-riscv@lists.infradead.org
>>> http://lists.infradead.org/mailman/listinfo/linux-riscv
>>>
> 
> _______________________________________________
> linux-riscv mailing list
> linux-riscv@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-riscv

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set
  2021-04-17 17:26       ` Alex Ghiti
@ 2021-04-23  1:34         ` Palmer Dabbelt
  0 siblings, 0 replies; 6+ messages in thread
From: Palmer Dabbelt @ 2021-04-23  1:34 UTC (permalink / raw)
  To: alex
  Cc: anup, corbet, Paul Walmsley, aou, Arnd Bergmann, aryabinin,
	glider, dvyukov, linux-doc, linux-riscv, linux-kernel, kasan-dev,
	linux-arch, linux-mm

On Sat, 17 Apr 2021 10:26:36 PDT (-0700), alex@ghiti.fr wrote:
> Le 4/16/21 à 12:33 PM, Palmer Dabbelt a écrit :
>> On Fri, 16 Apr 2021 03:47:19 PDT (-0700), alex@ghiti.fr wrote:
>>> Hi Anup,
>>>
>>> Le 4/16/21 à 6:41 AM, Anup Patel a écrit :
>>>> On Thu, Apr 15, 2021 at 4:34 PM Alexandre Ghiti <alex@ghiti.fr> wrote:
>>>>>
>>>>> If CONFIG_STRICT_KERNEL_RWX is not set, we cannot set different
>>>>> permissions
>>>>> to the kernel data and text sections, so make sure it is defined before
>>>>> trying to protect the kernel linear mapping.
>>>>>
>>>>> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
>>>>
>>>> Maybe you should add "Fixes:" tag in commit tag ?
>>>
>>> Yes you're right I should have done that. Maybe Palmer will squash it as
>>> it just entered for-next?
>>
>> Ya, I'll do it.  My testing box was just tied up last night for the rc8
>> PR, so I threw this on for-next to get the buildbots to take a look.
>> It's a bit too late to take something for this week, as I try to be
>> pretty conservative this late in the cycle.  There's another kprobes fix
>> on the list so if we end up with an rc8 I might send this along with
>> that, otherwise this'll just go onto for-next before the linear map
>> changes that exercise the bug.
>>
>> You're more than welcome to just dig up the fixes tag and reply, my
>> scripts pull all tags from replies (just like Revieweb-by).  Otherwise
>> I'll do it myself, most people don't really post Fixes tags that
>> accurately so I go through it for pretty much everything anyway.
>
> Here it is:
>
> Fixes: 4b67f48da707 ("riscv: Move kernel mapping outside of linear mapping")

Thanks.  I just squashed it, though, as I had to rewrite this anyway.

>
> Thanks,
>
>>
>> Thanks for sorting this out so quickly!
>>
>>>
>>>>
>>>> Otherwise it looks good.
>>>>
>>>> Reviewed-by: Anup Patel <anup@brainfault.org>
>>>
>>> Thank you!
>>>
>>> Alex
>>>
>>>>
>>>> Regards,
>>>> Anup
>>>>
>>>>> ---
>>>>>   arch/riscv/kernel/setup.c | 8 ++++----
>>>>>   1 file changed, 4 insertions(+), 4 deletions(-)
>>>>>
>>>>> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
>>>>> index 626003bb5fca..ab394d173cd4 100644
>>>>> --- a/arch/riscv/kernel/setup.c
>>>>> +++ b/arch/riscv/kernel/setup.c
>>>>> @@ -264,12 +264,12 @@ void __init setup_arch(char **cmdline_p)
>>>>>
>>>>>          sbi_init();
>>>>>
>>>>> -       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
>>>>> +       if (IS_ENABLED(CONFIG_STRICT_KERNEL_RWX)) {
>>>>>                  protect_kernel_text_data();
>>>>> -
>>>>> -#if defined(CONFIG_64BIT) && defined(CONFIG_MMU)
>>>>> -       protect_kernel_linear_mapping_text_rodata();
>>>>> +#ifdef CONFIG_64BIT
>>>>> +               protect_kernel_linear_mapping_text_rodata();
>>>>>   #endif
>>>>> +       }
>>>>>
>>>>>   #ifdef CONFIG_SWIOTLB
>>>>>          swiotlb_init(1);
>>>>> --
>>>>> 2.20.1
>>>>>
>>>>
>>>> _______________________________________________
>>>> linux-riscv mailing list
>>>> linux-riscv@lists.infradead.org
>>>> http://lists.infradead.org/mailman/listinfo/linux-riscv
>>>>
>>
>> _______________________________________________
>> linux-riscv mailing list
>> linux-riscv@lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/linux-riscv

_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-15 11:04 [PATCH] riscv: Protect kernel linear mapping only if CONFIG_STRICT_KERNEL_RWX is set Alexandre Ghiti
2021-04-16 10:41 ` Anup Patel
2021-04-16 10:47   ` Alex Ghiti
2021-04-16 16:33     ` Palmer Dabbelt
2021-04-17 17:26       ` Alex Ghiti
2021-04-23  1:34         ` Palmer Dabbelt

Linux-RISC-V Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-riscv/0 linux-riscv/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-riscv linux-riscv/ https://lore.kernel.org/linux-riscv \
		linux-riscv@lists.infradead.org
	public-inbox-index linux-riscv

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.infradead.lists.linux-riscv


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git