2022-02-27 20:39:29

by Dr. David Alan Gilbert

[permalink] [raw]
Subject: [PATCH] x86/mm: Use strtobool for noexec parsing

Use strtobool to parse the 'noexec' parameter rather than open coding
it.
'disable_nx' is changed to a bool and flipped to 'enable_nx'
so it's meaning follows the command line option.

There's no change in behaviour for noexec=on/off.
noexec=junk will now warn
strtobool allows 0/1 and y/n (etc) as well as the on/off.

Signed-off-by: Dr. David Alan Gilbert <[email protected]>
---
arch/x86/mm/setup_nx.c | 16 +++++-----------
1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/arch/x86/mm/setup_nx.c b/arch/x86/mm/setup_nx.c
index ed5667f5169ff..77450b5889a0d 100644
--- a/arch/x86/mm/setup_nx.c
+++ b/arch/x86/mm/setup_nx.c
@@ -7,7 +7,7 @@
#include <asm/proto.h>
#include <asm/cpufeature.h>

-static int disable_nx;
+static bool enable_nx = true;

/*
* noexec = on|off
@@ -19,21 +19,15 @@ static int disable_nx;
*/
static int __init noexec_setup(char *str)
{
- if (!str)
- return -EINVAL;
- if (!strncmp(str, "on", 2)) {
- disable_nx = 0;
- } else if (!strncmp(str, "off", 3)) {
- disable_nx = 1;
- }
+ int ret = strtobool(str, &enable_nx);
x86_configure_nx();
- return 0;
+ return ret;
}
early_param("noexec", noexec_setup);

void x86_configure_nx(void)
{
- if (boot_cpu_has(X86_FEATURE_NX) && !disable_nx)
+ if (boot_cpu_has(X86_FEATURE_NX) && enable_nx)
__supported_pte_mask |= _PAGE_NX;
else
__supported_pte_mask &= ~_PAGE_NX;
@@ -46,7 +40,7 @@ void __init x86_report_nx(void)
"missing in CPU!\n");
} else {
#if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE)
- if (disable_nx) {
+ if (!enable_nx) {
printk(KERN_INFO "NX (Execute Disable) protection: "
"disabled by kernel command line option\n");
} else {
--
2.35.1


2022-03-02 22:01:10

by Borislav Petkov

[permalink] [raw]
Subject: Re: [PATCH] x86/mm: Use strtobool for noexec parsing

On Sun, Feb 27, 2022 at 08:13:56PM +0000, Dr. David Alan Gilbert wrote:
> Use strtobool to parse the 'noexec' parameter rather than open coding
> it.
> 'disable_nx' is changed to a bool and flipped to 'enable_nx'
> so it's meaning follows the command line option.
>
> There's no change in behaviour for noexec=on/off.
> noexec=junk will now warn
> strtobool allows 0/1 and y/n (etc) as well as the on/off.
>
> Signed-off-by: Dr. David Alan Gilbert <[email protected]>
> ---
> arch/x86/mm/setup_nx.c | 16 +++++-----------
> 1 file changed, 5 insertions(+), 11 deletions(-)

https://lkml.kernel.org/r/[email protected]

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

2022-03-03 00:08:56

by Dr. David Alan Gilbert

[permalink] [raw]
Subject: Re: [PATCH] x86/mm: Use strtobool for noexec parsing

* Borislav Petkov ([email protected]) wrote:
> On Sun, Feb 27, 2022 at 08:13:56PM +0000, Dr. David Alan Gilbert wrote:
> > Use strtobool to parse the 'noexec' parameter rather than open coding
> > it.
> > 'disable_nx' is changed to a bool and flipped to 'enable_nx'
> > so it's meaning follows the command line option.
> >
> > There's no change in behaviour for noexec=on/off.
> > noexec=junk will now warn
> > strtobool allows 0/1 and y/n (etc) as well as the on/off.
> >
> > Signed-off-by: Dr. David Alan Gilbert <[email protected]>
> > ---
> > arch/x86/mm/setup_nx.c | 16 +++++-----------
> > 1 file changed, 5 insertions(+), 11 deletions(-)
>
> https://lkml.kernel.org/r/[email protected]

Oh well; good.

Thanks for the pointer.

Dave

> --
> Regards/Gruss,
> Boris.
>
> https://people.kernel.org/tglx/notes-about-netiquette
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux | Happy \
\ dave @ treblig.org | | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/