linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: tip-bot for Yinghai Lu <yinghai@kernel.org>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, hpa@zytor.com, mingo@kernel.org,
	yinghai@kernel.org, tglx@linutronix.de, hpa@linux.intel.com
Subject: [tip:x86/mm2] x86, 64bit, mm: Mark data/bss/brk to nx
Date: Tue, 29 Jan 2013 17:53:45 -0800	[thread overview]
Message-ID: <tip-d27807b9bfd6315a93a051e4e6d9961d6e4467d3@git.kernel.org> (raw)
In-Reply-To: <1359058816-7615-33-git-send-email-yinghai@kernel.org>

Commit-ID:  d27807b9bfd6315a93a051e4e6d9961d6e4467d3
Gitweb:     http://git.kernel.org/tip/d27807b9bfd6315a93a051e4e6d9961d6e4467d3
Author:     Yinghai Lu <yinghai@kernel.org>
AuthorDate: Thu, 24 Jan 2013 12:20:13 -0800
Committer:  H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Tue, 29 Jan 2013 15:34:36 -0800

x86, 64bit, mm: Mark data/bss/brk to nx

HPA said, we should not have RW and +x set at the time.

for kernel layout:
[    0.000000] Kernel Layout:
[    0.000000]   .text: [0x01000000-0x021434f8]
[    0.000000] .rodata: [0x02200000-0x02a13fff]
[    0.000000]   .data: [0x02c00000-0x02dc763f]
[    0.000000]   .init: [0x02dc9000-0x0312cfff]
[    0.000000]    .bss: [0x0313b000-0x03dd6fff]
[    0.000000]    .brk: [0x03dd7000-0x03dfffff]

before the patch, we have
---[ High Kernel Mapping ]---
0xffffffff80000000-0xffffffff81000000          16M                           pmd
0xffffffff81000000-0xffffffff82200000          18M     ro         PSE GLB x  pmd
0xffffffff82200000-0xffffffff82c00000          10M     ro         PSE GLB NX pmd
0xffffffff82c00000-0xffffffff82dc9000        1828K     RW             GLB x  pte
0xffffffff82dc9000-0xffffffff82e00000         220K     RW             GLB NX pte
0xffffffff82e00000-0xffffffff83000000           2M     RW         PSE GLB NX pmd
0xffffffff83000000-0xffffffff8313a000        1256K     RW             GLB NX pte
0xffffffff8313a000-0xffffffff83200000         792K     RW             GLB x  pte
0xffffffff83200000-0xffffffff83e00000          12M     RW         PSE GLB x  pmd
0xffffffff83e00000-0xffffffffa0000000         450M                           pmd

after patch,, we get
---[ High Kernel Mapping ]---
0xffffffff80000000-0xffffffff81000000          16M                           pmd
0xffffffff81000000-0xffffffff82200000          18M     ro         PSE GLB x  pmd
0xffffffff82200000-0xffffffff82c00000          10M     ro         PSE GLB NX pmd
0xffffffff82c00000-0xffffffff82e00000           2M     RW             GLB NX pte
0xffffffff82e00000-0xffffffff83000000           2M     RW         PSE GLB NX pmd
0xffffffff83000000-0xffffffff83200000           2M     RW             GLB NX pte
0xffffffff83200000-0xffffffff83e00000          12M     RW         PSE GLB NX pmd
0xffffffff83e00000-0xffffffffa0000000         450M                           pmd

so data, bss, brk get NX ...

Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Link: http://lkml.kernel.org/r/1359058816-7615-33-git-send-email-yinghai@kernel.org
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
---
 arch/x86/mm/init_64.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index dc67337..e2fcbc3 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -810,6 +810,7 @@ void mark_rodata_ro(void)
 	unsigned long text_end = PAGE_ALIGN((unsigned long) &__stop___ex_table);
 	unsigned long rodata_end = PAGE_ALIGN((unsigned long) &__end_rodata);
 	unsigned long data_start = (unsigned long) &_sdata;
+	unsigned long all_end = PFN_ALIGN(&_end);
 
 	printk(KERN_INFO "Write protecting the kernel read-only data: %luk\n",
 	       (end - start) >> 10);
@@ -818,10 +819,10 @@ void mark_rodata_ro(void)
 	kernel_set_to_readonly = 1;
 
 	/*
-	 * The rodata section (but not the kernel text!) should also be
-	 * not-executable.
+	 * The rodata/data/bss/brk section (but not the kernel text!)
+	 * should also be not-executable.
 	 */
-	set_memory_nx(rodata_start, (end - rodata_start) >> PAGE_SHIFT);
+	set_memory_nx(rodata_start, (all_end - rodata_start) >> PAGE_SHIFT);
 
 	rodata_test();
 

  reply	other threads:[~2013-01-30  1:53 UTC|newest]

Thread overview: 89+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-01-24 20:19 [PATCH 00/35] x86, boot, 64bit: Add support for loading ramdisk and bzImage above 4G Yinghai Lu
2013-01-24 20:19 ` [PATCH 01/35] x86, mm: Fix page table early allocation offset checking Yinghai Lu
2013-01-30  1:20   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 02/35] x86: Handle multiple exactmaps and out of order exactmap Yinghai Lu
2013-01-24 20:19 ` [PATCH 03/35] x86, mm: Introduce memmap=reserveram Yinghai Lu
2013-01-24 20:19 ` [PATCH 04/35] x86: Clean up e820 add kernel range Yinghai Lu
2013-01-24 23:21   ` Jacob Shin
2013-01-30  1:21   ` [tip:x86/mm2] x86: Factor out e820_add_kernel_range() tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 05/35] x86, 64bit, mm: Make pgd next calculation consistent with pud/pmd Yinghai Lu
2013-01-30  1:22   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 06/35] x86, realmode: Set real_mode permissions early Yinghai Lu
2013-01-30  1:23   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 07/35] x86, 64bit, mm: Add generic kernel/ident mapping helper Yinghai Lu
2013-01-30  1:24   ` [tip:x86/mm2] x86, 64bit, mm: Add generic kernel/ ident " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 08/35] x86, 64bit: Copy zero-page early Yinghai Lu
2013-01-30  1:25   ` [tip:x86/mm2] x86, 64bit: Copy struct boot_params early tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 09/35] x86, 64bit, realmode: Use init_level4_pgt to set trapmoline_pgd directly Yinghai Lu
2013-01-30  1:27   ` [tip:x86/mm2] x86, 64bit, realmode: Use init_level4_pgt to set trampoline_pgd directly tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 10/35] x86, realmode: Separate real_mode reserve and setup Yinghai Lu
2013-01-30  1:28   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 11/35] x86, 64bit: early #PF handler set page table Yinghai Lu
2013-01-30  1:29   ` [tip:x86/mm2] x86, 64bit: Use a #PF handler to materialize early mappings on demand tip-bot for H. Peter Anvin
2013-01-24 20:19 ` [PATCH 12/35] x86, 64bit: #PF handler set page to cover only 2M per #PF Yinghai Lu
2013-01-30  1:30   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 13/35] x86, 64bit: Don't set max_pfn_mapped wrong value early on native path Yinghai Lu
2013-01-30  1:31   ` [tip:x86/mm2] x86, 64bit: Don' t " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 14/35] x86: Merge early_reserve_initrd for 32bit and 64bit Yinghai Lu
2013-01-30  1:32   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 15/35] x86: Add get_ramdisk_image/size() Yinghai Lu
2013-01-30  1:34   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 16/35] x86, boot: Add get_cmd_line_ptr() Yinghai Lu
2013-01-30  1:35   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 17/35] x86, boot: Move checking of cmd_line_ptr out of common path Yinghai Lu
2013-01-30  1:36   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:19 ` [PATCH 18/35] x86, boot: Pass cmd_line_ptr with unsigned long instead Yinghai Lu
2013-01-30  1:37   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 19/35] x86, boot: Move verify_cpu.S and no_longmode down Yinghai Lu
2013-01-30  1:38   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 20/35] x86, boot: Move lldt/ltr out of 64bit code section Yinghai Lu
2013-01-30  1:39   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 21/35] x86, kexec: Remove 1024G limitation for kexec buffer on 64bit Yinghai Lu
2013-01-30  1:40   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 22/35] x86, kexec: Set ident mapping for kernel that is above max_pfn Yinghai Lu
2013-01-30  1:42   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 23/35] x86, kexec: Replace ident_mapping_init and init_level4_page Yinghai Lu
2013-01-30  1:43   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 24/35] x86, kexec, 64bit: Only set ident mapping for ram Yinghai Lu
2013-01-30  1:44   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 25/35] x86, boot: Add fields to support load bzImage and ramdisk above 4G Yinghai Lu
2013-01-28  0:07   ` [tip:x86/boot] x86, boot: Define the 2.12 bzImage boot protocol tip-bot for H. Peter Anvin
2013-01-29  9:48   ` [tip:x86/boot] x86, boot: Sanitize boot_params if not zeroed on creation tip-bot for H. Peter Anvin
2013-01-30  1:45   ` [tip:x86/mm2] x86, boot: enable support load bzImage and ramdisk above 4G tip-bot for Yinghai Lu
2013-01-30  1:54     ` Yinghai Lu
2013-01-30  2:18       ` H. Peter Anvin
2013-01-30  3:47   ` [tip:x86/mm2] x86, boot: Support loading bzImage, boot_params " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 26/35] x86, boot: Update comments about entries for 64bit image Yinghai Lu
2013-01-30  1:46   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:48   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 27/35] x86, boot: Not need to check setup_header version for setup_data Yinghai Lu
2013-01-30  1:47   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:49   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 28/35] memblock: Add memblock_mem_size() Yinghai Lu
2013-01-30  1:49   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:50   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 29/35] x86, kdump: Remove crashkernel range find limit for 64bit Yinghai Lu
2013-01-30  1:50   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:51   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 30/35] x86: Add Crash kernel low reservation Yinghai Lu
2013-01-30  1:51   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-02-07  5:14     ` Rob Landley
2013-02-07  6:39       ` Yinghai Lu
2013-01-30  3:52   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 31/35] x86: Merge early kernel reserve for 32bit and 64bit Yinghai Lu
2013-01-30  1:52   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:53   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 32/35] x86, 64bit, mm: Mark data/bss/brk to nx Yinghai Lu
2013-01-30  1:53   ` tip-bot for Yinghai Lu [this message]
2013-01-30  3:55   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 33/35] x86, 64bit, mm: hibernate use generic mapping_init Yinghai Lu
2013-01-24 22:50   ` Rafael J. Wysocki
2013-01-30  1:54   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:56   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 34/35] mm: Add alloc_bootmem_low_pages_nopanic() Yinghai Lu
2013-01-30  1:56   ` [tip:x86/mm2] " tip-bot for Yinghai Lu
2013-01-30  3:57   ` tip-bot for Yinghai Lu
2013-01-24 20:20 ` [PATCH 35/35] x86: Don't panic if can not alloc buffer for swiotlb Yinghai Lu
2013-01-25 16:47   ` Konrad Rzeszutek Wilk
2013-01-30  1:57   ` [tip:x86/mm2] x86: Don' t " tip-bot for Yinghai Lu
2013-01-30  3:58   ` tip-bot for Yinghai Lu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=tip-d27807b9bfd6315a93a051e4e6d9961d6e4467d3@git.kernel.org \
    --to=yinghai@kernel.org \
    --cc=hpa@linux.intel.com \
    --cc=hpa@zytor.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-tip-commits@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=tglx@linutronix.de \
    --subject='Re: [tip:x86/mm2] x86, 64bit, mm: Mark data/bss/brk to nx' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
on how to clone and mirror all data and code used for this inbox