From: Christophe Leroy <christophe.leroy@csgroup.eu>
To: Michael Ellerman <mpe@ellerman.id.au>,
Jordan Niethe <jniethe5@gmail.com>,
linuxppc-dev@lists.ozlabs.org
Cc: ajd@linux.ibm.com, npiggin@gmail.com, cmr@codefail.de,
naveen.n.rao@linux.ibm.com, dja@axtens.net
Subject: Re: [PATCH v10 01/10] powerpc/mm: Implement set_memory() routines
Date: Wed, 31 Mar 2021 14:03:23 +0200 [thread overview]
Message-ID: <17c3a18b-9bfb-15e6-fc09-63d6226f1879@csgroup.eu> (raw)
In-Reply-To: <87lfa37euw.fsf@mpe.ellerman.id.au>
Le 31/03/2021 à 13:16, Michael Ellerman a écrit :
> Hi Jordan,
>
> A few nits below ...
>
> Jordan Niethe <jniethe5@gmail.com> writes:
>> From: Russell Currey <ruscur@russell.cc>
>>
>> The set_memory_{ro/rw/nx/x}() functions are required for STRICT_MODULE_RWX,
>> and are generally useful primitives to have. This implementation is
>> designed to be completely generic across powerpc's many MMUs.
>>
>> It's possible that this could be optimised to be faster for specific
>> MMUs, but the focus is on having a generic and safe implementation for
>> now.
>>
>> This implementation does not handle cases where the caller is attempting
>> to change the mapping of the page it is executing from, or if another
>> CPU is concurrently using the page being altered. These cases likely
>> shouldn't happen, but a more complex implementation with MMU-specific code
>> could safely handle them, so that is left as a TODO for now.
>>
>> On hash the linear mapping is not kept in the linux pagetable, so this
>> will not change the protection if used on that range. Currently these
>> functions are not used on the linear map so just WARN for now.
>>
>> These functions do nothing if STRICT_KERNEL_RWX is not enabled.
>>
>> Reviewed-by: Daniel Axtens <dja@axtens.net>
>> Signed-off-by: Russell Currey <ruscur@russell.cc>
>> Signed-off-by: Christophe Leroy <christophe.leroy@csgroup.eu>
>> [jpn: -rebase on next plus "powerpc/mm/64s: Allow STRICT_KERNEL_RWX again"
>> - WARN on hash linear map]
>> Signed-off-by: Jordan Niethe <jniethe5@gmail.com>
>> ---
>> v10: WARN if trying to change the hash linear map
>> ---
>
> This ↓ should have a comment explaining what it's doing:
>
>> +#ifdef CONFIG_PPC_BOOK3S_64
>> + if (WARN_ON_ONCE(!radix_enabled() &&
>> + get_region_id(addr) == LINEAR_MAP_REGION_ID)) {
>> + return -1;
>> + }
>> +#endif
>
> Maybe:
>
> if (IS_ENABLED(CONFIG_PPC_BOOK3S_64) &&
> WARN_ON_ONCE(!radix_enabled() && get_region_id(addr) == LINEAR_MAP_REGION_ID)) {
> return -1;
> }
get_region_id() only exists for book3s/64 at the time being, and LINEAR_MAP_REGION_ID as well.
>
> But then Aneesh pointed out that we should also block VMEMMAP_REGION_ID.
>
> It might be better to just check for the permitted regions.
>
> if (IS_ENABLED(CONFIG_PPC_BOOK3S_64) && !radix_enabled()) {
> int region = get_region_id(addr);
>
> if (WARN_ON_ONCE(region != VMALLOC_REGION_ID && region != IO_REGION_ID))
> return -1;
> }
>
>> +
>> + return apply_to_existing_page_range(&init_mm, start, sz,
>> + change_page_attr, (void *)action);
>> +}
>
>
> cheers
>
next prev parent reply other threads:[~2021-03-31 12:04 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-30 4:51 [PATCH v10 00/10] powerpc: Further Strict RWX support Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 01/10] powerpc/mm: Implement set_memory() routines Jordan Niethe
2021-03-30 5:16 ` Christophe Leroy
2021-04-21 2:51 ` Jordan Niethe
2021-03-31 11:16 ` Michael Ellerman
2021-03-31 12:03 ` Christophe Leroy [this message]
2021-04-21 5:03 ` Jordan Niethe
2021-04-01 4:37 ` Aneesh Kumar K.V
2021-04-21 5:19 ` Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 02/10] powerpc/lib/code-patching: Set up Strict RWX patching earlier Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 03/10] powerpc: Always define MODULES_{VADDR,END} Jordan Niethe
2021-03-30 5:00 ` Christophe Leroy
2021-04-01 13:36 ` Christophe Leroy
2021-04-21 2:46 ` Jordan Niethe
2021-04-21 5:14 ` Christophe Leroy
2021-04-21 5:22 ` Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 04/10] powerpc/kprobes: Mark newly allocated probes as ROX Jordan Niethe
2021-03-30 5:05 ` Christophe Leroy
2021-04-21 2:39 ` Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 05/10] powerpc/bpf: Write protect JIT code Jordan Niethe
2021-03-31 10:37 ` Michael Ellerman
2021-03-31 10:39 ` Christophe Leroy
2021-04-21 2:35 ` Jordan Niethe
2021-04-21 6:51 ` Michael Ellerman
2021-03-30 4:51 ` [PATCH v10 06/10] powerpc/mm/ptdump: debugfs handler for W+X checks at runtime Jordan Niethe
2021-03-31 11:24 ` Michael Ellerman
2021-04-21 2:23 ` Jordan Niethe
2021-04-21 5:16 ` Christophe Leroy
2021-03-30 4:51 ` [PATCH v10 07/10] powerpc: Set ARCH_HAS_STRICT_MODULE_RWX Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 08/10] powerpc/configs: Enable STRICT_MODULE_RWX in skiroot_defconfig Jordan Niethe
2021-03-30 5:27 ` Christophe Leroy
2021-04-21 2:37 ` Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 09/10] powerpc/mm: implement set_memory_attr() Jordan Niethe
2021-03-30 4:51 ` [PATCH v10 10/10] powerpc/32: use set_memory_attr() Jordan Niethe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=17c3a18b-9bfb-15e6-fc09-63d6226f1879@csgroup.eu \
--to=christophe.leroy@csgroup.eu \
--cc=ajd@linux.ibm.com \
--cc=cmr@codefail.de \
--cc=dja@axtens.net \
--cc=jniethe5@gmail.com \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mpe@ellerman.id.au \
--cc=naveen.n.rao@linux.ibm.com \
--cc=npiggin@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).