From: Nadav Amit <namit@vmware.com>
To: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
Cc: "luto@kernel.org" <luto@kernel.org>,
"jeyu@kernel.org" <jeyu@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"linux-integrity@vger.kernel.org"
<linux-integrity@vger.kernel.org>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
"x86@kernel.org" <x86@kernel.org>,
"hpa@zytor.com" <hpa@zytor.com>,
"mingo@redhat.com" <mingo@redhat.com>,
"linux_dti@icloud.com" <linux_dti@icloud.com>,
"will.deacon@arm.com" <will.deacon@arm.com>,
"bp@alien8.de" <bp@alien8.de>
Subject: Re: [PATCH v7 13/14] module: Do not set nx for module memory before freeing
Date: Thu, 6 Dec 2018 20:29:37 +0000 [thread overview]
Message-ID: <1B1C066C-04B2-4DD0-A28B-71BA7CDDD658@vmware.com> (raw)
In-Reply-To: <55a4fb61164d7ecf5950e29d1fa2aea52a1b958f.camel@intel.com>
> On Dec 6, 2018, at 12:21 PM, Edgecombe, Rick P <rick.p.edgecombe@intel.com> wrote:
>
> On Thu, 2018-12-06 at 10:52 -0800, Andy Lutomirski wrote:
>> On Wed, Dec 5, 2018 at 12:52 AM Nadav Amit <namit@vmware.com> wrote:
>>> When module memory is about to be freed, there is no apparent reason to
>>> make it (and its data) executable, but that's exactly what is done
>>> today. This is not efficient and not secure.
>>>
>>> There are various theories why it was done, but none of them seem as
>>> something that really require it today. nios2 uses kmalloc for module
>>> memory, but anyhow it does not change the PTEs of the module memory. In
>>> x86, changing vmalloc'd memory mappings also modifies the direct mapping
>>> alias, but the NX-bit is not modified in such way.
>>>
>>> So let's remove it. Andy suggested that the changes of the PTEs can be
>>> avoided (excluding the direct-mapping alias), which is true. However,
>>> in x86 it requires some cleanup of the contiguous page allocator, which
>>> is outside of the scope of this patch-set.
>>
>>
>> I'm okay with this, but I'd like to see Rick's stuff get rebased on
>> top of it and clean it up for real.
>
> Nadav,
>
> Hmm, since you are trying to move things forward and not close all cases in one
> swoop, would it make sense to split the modules W^X mission from this patchset?
That’s what I tried to “hint”. Tglx asked for the module stuff in one of the
previous versions.
next prev parent reply other threads:[~2018-12-06 20:29 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-05 1:33 [PATCH v7 00/14] x86/alternative: text_poke() enhancements Nadav Amit
2018-12-05 1:33 ` [PATCH v7 01/14] Fix "x86/alternatives: Lockdep-enforce text_mutex in text_poke*()" Nadav Amit
2018-12-05 1:33 ` [PATCH v7 02/14] x86/jump_label: Use text_poke_early() during early init Nadav Amit
2018-12-05 1:33 ` [PATCH v7 03/14] x86/mm: temporary mm struct Nadav Amit
2018-12-05 1:33 ` [PATCH v7 04/14] fork: provide a function for copying init_mm Nadav Amit
2018-12-05 1:33 ` [PATCH v7 05/14] x86/alternative: initializing temporary mm for patching Nadav Amit
2018-12-05 1:34 ` [PATCH v7 06/14] x86/alternative: use temporary mm for text poking Nadav Amit
2018-12-05 1:34 ` [PATCH v7 07/14] x86/kgdb: avoid redundant comparison of patched code Nadav Amit
2018-12-05 1:34 ` [PATCH v7 08/14] x86/ftrace: Use text_poke_*() infrastructure Nadav Amit
2018-12-06 0:06 ` Nadav Amit
2018-12-06 16:28 ` Ingo Molnar
2018-12-05 1:34 ` [PATCH v7 09/14] x86/kprobes: Instruction pages initialization enhancements Nadav Amit
2018-12-06 13:09 ` Masami Hiramatsu
2018-12-05 1:34 ` [PATCH v7 10/14] x86: avoid W^X being broken during modules loading Nadav Amit
2018-12-05 1:34 ` [PATCH v7 11/14] x86/jump-label: remove support for custom poker Nadav Amit
2018-12-05 1:34 ` [PATCH v7 12/14] x86/alternative: Remove the return value of text_poke_*() Nadav Amit
2018-12-05 1:34 ` [PATCH v7 13/14] module: Do not set nx for module memory before freeing Nadav Amit
2018-12-06 9:57 ` Peter Zijlstra
2018-12-06 17:28 ` Nadav Amit
2018-12-06 11:13 ` Andrea Parri
2018-12-06 18:52 ` Andy Lutomirski
2018-12-06 18:56 ` Nadav Amit
2018-12-06 20:21 ` Edgecombe, Rick P
2018-12-06 20:29 ` Nadav Amit [this message]
2018-12-13 14:10 ` Jessica Yu
2018-12-13 17:25 ` Nadav Amit
2018-12-05 1:34 ` [PATCH v7 14/14] module: Prevent module removal racing with text_poke() Nadav Amit
2018-12-06 10:01 ` Peter Zijlstra
2018-12-06 10:03 ` [PATCH v7 00/14] x86/alternative: text_poke() enhancements Peter Zijlstra
2018-12-10 1:06 ` Nadav Amit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1B1C066C-04B2-4DD0-A28B-71BA7CDDD658@vmware.com \
--to=namit@vmware.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=jeyu@kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux_dti@icloud.com \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).