* [PATCH v2] ARM: mm: fix location of _etext
@ 2016-06-15 20:24 Kees Cook
2016-06-16 12:04 ` Ard Biesheuvel
0 siblings, 1 reply; 3+ messages in thread
From: Kees Cook @ 2016-06-15 20:24 UTC (permalink / raw)
To: Russell King
Cc: linux-kernel, Ard Biesheuvel, Matt Fleming, Pratyush Anand,
Nicolas Pitre, Vladimir Murzin, Toshi Kani, Stephen Boyd,
Chris Brandt, Alexander Potapenko, Marc Zyngier, Arnd Bergmann,
linux-arm-kernel
The _etext position is defined to be the end of the kernel text code,
and should not include any part of the data segments. This interferes
with things that might check memory ranges and expect executable code
up to _etext. Just to be conservative, leave the kernel resource as
it was, using __init_begin instead of _etext as the end mark.
Signed-off-by: Kees Cook <keescook@chromium.org>
---
v2:
- Switched resource tracker to using __init_begin, rmk
---
arch/arm/kernel/setup.c | 2 +-
arch/arm/kernel/vmlinux.lds.S | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c
index 7b5350060612..dd84f03dc2d4 100644
--- a/arch/arm/kernel/setup.c
+++ b/arch/arm/kernel/setup.c
@@ -844,7 +844,7 @@ static void __init request_standard_resources(const struct machine_desc *mdesc)
struct resource *res;
kernel_code.start = virt_to_phys(_text);
- kernel_code.end = virt_to_phys(_etext - 1);
+ kernel_code.end = virt_to_phys(__init_begin - 1);
kernel_data.start = virt_to_phys(_sdata);
kernel_data.end = virt_to_phys(_end - 1);
diff --git a/arch/arm/kernel/vmlinux.lds.S b/arch/arm/kernel/vmlinux.lds.S
index e2c6da096cef..99420fc1f066 100644
--- a/arch/arm/kernel/vmlinux.lds.S
+++ b/arch/arm/kernel/vmlinux.lds.S
@@ -125,6 +125,8 @@ SECTIONS
#ifdef CONFIG_DEBUG_ALIGN_RODATA
. = ALIGN(1<<SECTION_SHIFT);
#endif
+ _etext = .; /* End of text section */
+
RO_DATA(PAGE_SIZE)
. = ALIGN(4);
@@ -155,8 +157,6 @@ SECTIONS
NOTES
- _etext = .; /* End of text and rodata section */
-
#ifdef CONFIG_DEBUG_RODATA
. = ALIGN(1<<SECTION_SHIFT);
#else
--
2.7.4
--
Kees Cook
Chrome OS & Brillo Security
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2] ARM: mm: fix location of _etext
2016-06-15 20:24 [PATCH v2] ARM: mm: fix location of _etext Kees Cook
@ 2016-06-16 12:04 ` Ard Biesheuvel
2016-06-16 17:08 ` Kees Cook
0 siblings, 1 reply; 3+ messages in thread
From: Ard Biesheuvel @ 2016-06-16 12:04 UTC (permalink / raw)
To: Kees Cook
Cc: Russell King, linux-kernel, Matt Fleming, Pratyush Anand,
Nicolas Pitre, Vladimir Murzin, Toshi Kani, Stephen Boyd,
Chris Brandt, Alexander Potapenko, Marc Zyngier, Arnd Bergmann,
linux-arm-kernel
On 15 June 2016 at 22:24, Kees Cook <keescook@chromium.org> wrote:
> The _etext position is defined to be the end of the kernel text code,
> and should not include any part of the data segments. This interferes
> with things that might check memory ranges and expect executable code
> up to _etext. Just to be conservative, leave the kernel resource as
> it was, using __init_begin instead of _etext as the end mark.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
> v2:
> - Switched resource tracker to using __init_begin, rmk
Actually, Linus removed the x86 /proc/iomem resources for kernel segments in
c4004b02f8e5 ("x86: remove the kernel code/data/bss resources from /proc/iomem")
so I wonder if we should not just do the same for ARM and arm64?
> ---
> arch/arm/kernel/setup.c | 2 +-
> arch/arm/kernel/vmlinux.lds.S | 4 ++--
> 2 files changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/arch/arm/kernel/setup.c b/arch/arm/kernel/setup.c
> index 7b5350060612..dd84f03dc2d4 100644
> --- a/arch/arm/kernel/setup.c
> +++ b/arch/arm/kernel/setup.c
> @@ -844,7 +844,7 @@ static void __init request_standard_resources(const struct machine_desc *mdesc)
> struct resource *res;
>
> kernel_code.start = virt_to_phys(_text);
> - kernel_code.end = virt_to_phys(_etext - 1);
> + kernel_code.end = virt_to_phys(__init_begin - 1);
> kernel_data.start = virt_to_phys(_sdata);
> kernel_data.end = virt_to_phys(_end - 1);
>
> diff --git a/arch/arm/kernel/vmlinux.lds.S b/arch/arm/kernel/vmlinux.lds.S
> index e2c6da096cef..99420fc1f066 100644
> --- a/arch/arm/kernel/vmlinux.lds.S
> +++ b/arch/arm/kernel/vmlinux.lds.S
> @@ -125,6 +125,8 @@ SECTIONS
> #ifdef CONFIG_DEBUG_ALIGN_RODATA
> . = ALIGN(1<<SECTION_SHIFT);
> #endif
> + _etext = .; /* End of text section */
> +
> RO_DATA(PAGE_SIZE)
>
> . = ALIGN(4);
> @@ -155,8 +157,6 @@ SECTIONS
>
> NOTES
>
> - _etext = .; /* End of text and rodata section */
> -
> #ifdef CONFIG_DEBUG_RODATA
> . = ALIGN(1<<SECTION_SHIFT);
> #else
> --
> 2.7.4
>
>
> --
> Kees Cook
> Chrome OS & Brillo Security
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v2] ARM: mm: fix location of _etext
2016-06-16 12:04 ` Ard Biesheuvel
@ 2016-06-16 17:08 ` Kees Cook
0 siblings, 0 replies; 3+ messages in thread
From: Kees Cook @ 2016-06-16 17:08 UTC (permalink / raw)
To: Ard Biesheuvel
Cc: Russell King, linux-kernel, Matt Fleming, Pratyush Anand,
Nicolas Pitre, Vladimir Murzin, Toshi Kani, Stephen Boyd,
Chris Brandt, Alexander Potapenko, Marc Zyngier, Arnd Bergmann,
linux-arm-kernel
On Thu, Jun 16, 2016 at 5:04 AM, Ard Biesheuvel
<ard.biesheuvel@linaro.org> wrote:
> On 15 June 2016 at 22:24, Kees Cook <keescook@chromium.org> wrote:
>> The _etext position is defined to be the end of the kernel text code,
>> and should not include any part of the data segments. This interferes
>> with things that might check memory ranges and expect executable code
>> up to _etext. Just to be conservative, leave the kernel resource as
>> it was, using __init_begin instead of _etext as the end mark.
>>
>> Signed-off-by: Kees Cook <keescook@chromium.org>
>> ---
>> v2:
>> - Switched resource tracker to using __init_begin, rmk
>
> Actually, Linus removed the x86 /proc/iomem resources for kernel segments in
>
> c4004b02f8e5 ("x86: remove the kernel code/data/bss resources from /proc/iomem")
>
> so I wonder if we should not just do the same for ARM and arm64?
Nope, that got reverted. Removing it breaks things.
4046d6e81f33b7ef50d6668b78076d54c5e066b6
-Kees
--
Kees Cook
Chrome OS & Brillo Security
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-06-16 17:08 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-06-15 20:24 [PATCH v2] ARM: mm: fix location of _etext Kees Cook
2016-06-16 12:04 ` Ard Biesheuvel
2016-06-16 17:08 ` Kees Cook
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).