The main purpose of this patch series is changing the kernel mapping permission
, make sure that code is not writeable, data is not executable, and read-only
data is neither writable nor executable.
This patch series also supports the relevant implementations such as
ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP,
ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX.
Changes in v5:
- Add lockdep_assert_held and more comments for text_mutex.
Changes in v4:
- Use NOKPROBE_SYMBOL instead of __kprobe annotation
- Use text_mutex instead of patch_lock
- Remove 'riscv_' prefix of function name
Changes in v3:
- Fix build error on nommu configuration. We already support nommu on
RISC-V, so we should consider nommu case and test not only rv32/64,
but also nommu.
Changes in v2:
- Use _data to specify the start of data section with write permission.
- Change ftrace patch text implementaion.
- Separate DEBUG_WX patch to another patchset.
Zong Li (9):
riscv: add macro to get instruction length
riscv: introduce interfaces to patch kernel code
riscv: patch code by fixmap mapping
riscv: add ARCH_HAS_SET_MEMORY support
riscv: add ARCH_HAS_SET_DIRECT_MAP support
riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support
riscv: move exception table immediately after RO_DATA
riscv: add alignment for text, rodata and data sections
riscv: add STRICT_KERNEL_RWX support
arch/riscv/Kconfig | 6 +
arch/riscv/include/asm/bug.h | 8 ++
arch/riscv/include/asm/fixmap.h | 2 +
arch/riscv/include/asm/patch.h | 12 ++
arch/riscv/include/asm/set_memory.h | 48 +++++++
arch/riscv/kernel/Makefile | 4 +-
arch/riscv/kernel/ftrace.c | 26 ++--
arch/riscv/kernel/patch.c | 128 +++++++++++++++++++
arch/riscv/kernel/traps.c | 3 +-
arch/riscv/kernel/vmlinux.lds.S | 11 +-
arch/riscv/mm/Makefile | 2 +-
arch/riscv/mm/init.c | 44 +++++++
arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++
13 files changed, 466 insertions(+), 15 deletions(-)
create mode 100644 arch/riscv/include/asm/patch.h
create mode 100644 arch/riscv/include/asm/set_memory.h
create mode 100644 arch/riscv/kernel/patch.c
create mode 100644 arch/riscv/mm/pageattr.c
--
2.26.0
Add set_direct_map_*() functions for setting the direct map alias for
the page to its default permissions and to an invalid state that cannot
be cached in a TLB. (See d253ca0c ("x86/mm/cpa: Add set_direct_map_*()
functions")) Add a similar implementation for RISC-V.
Signed-off-by: Zong Li <[email protected]>
Reviewed-by: Palmer Dabbelt <[email protected]>
---
arch/riscv/Kconfig | 1 +
arch/riscv/include/asm/set_memory.h | 3 +++
arch/riscv/mm/pageattr.c | 24 ++++++++++++++++++++++++
3 files changed, 28 insertions(+)
diff --git a/arch/riscv/Kconfig b/arch/riscv/Kconfig
index 9044e0dd95ea..a94d0f064d9c 100644
--- a/arch/riscv/Kconfig
+++ b/arch/riscv/Kconfig
@@ -59,6 +59,7 @@ config RISCV
select HAVE_EBPF_JIT if 64BIT
select EDAC_SUPPORT
select ARCH_HAS_GIGANTIC_PAGE
+ select ARCH_HAS_SET_DIRECT_MAP
select ARCH_HAS_SET_MEMORY
select ARCH_WANT_HUGE_PMD_SHARE if 64BIT
select SPARSEMEM_STATIC if 32BIT
diff --git a/arch/riscv/include/asm/set_memory.h b/arch/riscv/include/asm/set_memory.h
index 79a810f0f38b..620d81c372d9 100644
--- a/arch/riscv/include/asm/set_memory.h
+++ b/arch/riscv/include/asm/set_memory.h
@@ -21,4 +21,7 @@ static inline int set_memory_x(unsigned long addr, int numpages) { return 0; }
static inline int set_memory_nx(unsigned long addr, int numpages) { return 0; }
#endif
+int set_direct_map_invalid_noflush(struct page *page);
+int set_direct_map_default_noflush(struct page *page);
+
#endif /* _ASM_RISCV_SET_MEMORY_H */
diff --git a/arch/riscv/mm/pageattr.c b/arch/riscv/mm/pageattr.c
index fcd59ef2835b..7be6cd67e2ef 100644
--- a/arch/riscv/mm/pageattr.c
+++ b/arch/riscv/mm/pageattr.c
@@ -148,3 +148,27 @@ int set_memory_nx(unsigned long addr, int numpages)
{
return __set_memory(addr, numpages, __pgprot(0), __pgprot(_PAGE_EXEC));
}
+
+int set_direct_map_invalid_noflush(struct page *page)
+{
+ unsigned long start = (unsigned long)page_address(page);
+ unsigned long end = start + PAGE_SIZE;
+ struct pageattr_masks masks = {
+ .set_mask = __pgprot(0),
+ .clear_mask = __pgprot(_PAGE_PRESENT)
+ };
+
+ return walk_page_range(&init_mm, start, end, &pageattr_ops, &masks);
+}
+
+int set_direct_map_default_noflush(struct page *page)
+{
+ unsigned long start = (unsigned long)page_address(page);
+ unsigned long end = start + PAGE_SIZE;
+ struct pageattr_masks masks = {
+ .set_mask = PAGE_KERNEL,
+ .clear_mask = __pgprot(0)
+ };
+
+ return walk_page_range(&init_mm, start, end, &pageattr_ops, &masks);
+}
--
2.26.0
On Wed, 08 Apr 2020 00:56:55 PDT (-0700), [email protected] wrote:
> The main purpose of this patch series is changing the kernel mapping permission
> , make sure that code is not writeable, data is not executable, and read-only
> data is neither writable nor executable.
>
> This patch series also supports the relevant implementations such as
> ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP,
> ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX.
>
> Changes in v5:
> - Add lockdep_assert_held and more comments for text_mutex.
>
> Changes in v4:
> - Use NOKPROBE_SYMBOL instead of __kprobe annotation
> - Use text_mutex instead of patch_lock
> - Remove 'riscv_' prefix of function name
>
> Changes in v3:
> - Fix build error on nommu configuration. We already support nommu on
> RISC-V, so we should consider nommu case and test not only rv32/64,
> but also nommu.
>
> Changes in v2:
> - Use _data to specify the start of data section with write permission.
> - Change ftrace patch text implementaion.
> - Separate DEBUG_WX patch to another patchset.
>
> Zong Li (9):
> riscv: add macro to get instruction length
> riscv: introduce interfaces to patch kernel code
> riscv: patch code by fixmap mapping
> riscv: add ARCH_HAS_SET_MEMORY support
> riscv: add ARCH_HAS_SET_DIRECT_MAP support
> riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support
> riscv: move exception table immediately after RO_DATA
> riscv: add alignment for text, rodata and data sections
> riscv: add STRICT_KERNEL_RWX support
>
> arch/riscv/Kconfig | 6 +
> arch/riscv/include/asm/bug.h | 8 ++
> arch/riscv/include/asm/fixmap.h | 2 +
> arch/riscv/include/asm/patch.h | 12 ++
> arch/riscv/include/asm/set_memory.h | 48 +++++++
> arch/riscv/kernel/Makefile | 4 +-
> arch/riscv/kernel/ftrace.c | 26 ++--
> arch/riscv/kernel/patch.c | 128 +++++++++++++++++++
> arch/riscv/kernel/traps.c | 3 +-
> arch/riscv/kernel/vmlinux.lds.S | 11 +-
> arch/riscv/mm/Makefile | 2 +-
> arch/riscv/mm/init.c | 44 +++++++
> arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++
> 13 files changed, 466 insertions(+), 15 deletions(-)
> create mode 100644 arch/riscv/include/asm/patch.h
> create mode 100644 arch/riscv/include/asm/set_memory.h
> create mode 100644 arch/riscv/kernel/patch.c
> create mode 100644 arch/riscv/mm/pageattr.c
Looks like there are quite a few conflicts here. Do you mind re-spinning the
patch set for me? It's a bit early to spin off for-next right now so there
might be some more conflicts, but hopefully not too many.
Thanks!
Palmer Dabbelt <[email protected]> 於 2020年4月21日 週二 上午2:27寫道:
>
> On Wed, 08 Apr 2020 00:56:55 PDT (-0700), [email protected] wrote:
> > The main purpose of this patch series is changing the kernel mapping permission
> > , make sure that code is not writeable, data is not executable, and read-only
> > data is neither writable nor executable.
> >
> > This patch series also supports the relevant implementations such as
> > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP,
> > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX.
> >
> > Changes in v5:
> > - Add lockdep_assert_held and more comments for text_mutex.
> >
> > Changes in v4:
> > - Use NOKPROBE_SYMBOL instead of __kprobe annotation
> > - Use text_mutex instead of patch_lock
> > - Remove 'riscv_' prefix of function name
> >
> > Changes in v3:
> > - Fix build error on nommu configuration. We already support nommu on
> > RISC-V, so we should consider nommu case and test not only rv32/64,
> > but also nommu.
> >
> > Changes in v2:
> > - Use _data to specify the start of data section with write permission.
> > - Change ftrace patch text implementaion.
> > - Separate DEBUG_WX patch to another patchset.
> >
> > Zong Li (9):
> > riscv: add macro to get instruction length
> > riscv: introduce interfaces to patch kernel code
> > riscv: patch code by fixmap mapping
> > riscv: add ARCH_HAS_SET_MEMORY support
> > riscv: add ARCH_HAS_SET_DIRECT_MAP support
> > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support
> > riscv: move exception table immediately after RO_DATA
> > riscv: add alignment for text, rodata and data sections
> > riscv: add STRICT_KERNEL_RWX support
> >
> > arch/riscv/Kconfig | 6 +
> > arch/riscv/include/asm/bug.h | 8 ++
> > arch/riscv/include/asm/fixmap.h | 2 +
> > arch/riscv/include/asm/patch.h | 12 ++
> > arch/riscv/include/asm/set_memory.h | 48 +++++++
> > arch/riscv/kernel/Makefile | 4 +-
> > arch/riscv/kernel/ftrace.c | 26 ++--
> > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++
> > arch/riscv/kernel/traps.c | 3 +-
> > arch/riscv/kernel/vmlinux.lds.S | 11 +-
> > arch/riscv/mm/Makefile | 2 +-
> > arch/riscv/mm/init.c | 44 +++++++
> > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++
> > 13 files changed, 466 insertions(+), 15 deletions(-)
> > create mode 100644 arch/riscv/include/asm/patch.h
> > create mode 100644 arch/riscv/include/asm/set_memory.h
> > create mode 100644 arch/riscv/kernel/patch.c
> > create mode 100644 arch/riscv/mm/pageattr.c
>
> Looks like there are quite a few conflicts here. Do you mind re-spinning the
> patch set for me? It's a bit early to spin off for-next right now so there
> might be some more conflicts, but hopefully not too many.
>
Sure, let me rebase it and send the next version. Thanks.
> Thanks!
>
On Tue, Apr 21, 2020 at 11:06 AM Zong Li <[email protected]> wrote:
>
> Palmer Dabbelt <[email protected]> 於 2020年4月21日 週二 上午2:27寫道:
> >
> > On Wed, 08 Apr 2020 00:56:55 PDT (-0700), [email protected] wrote:
> > > The main purpose of this patch series is changing the kernel mapping permission
> > > , make sure that code is not writeable, data is not executable, and read-only
> > > data is neither writable nor executable.
> > >
> > > This patch series also supports the relevant implementations such as
> > > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP,
> > > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX.
> > >
> > > Changes in v5:
> > > - Add lockdep_assert_held and more comments for text_mutex.
> > >
> > > Changes in v4:
> > > - Use NOKPROBE_SYMBOL instead of __kprobe annotation
> > > - Use text_mutex instead of patch_lock
> > > - Remove 'riscv_' prefix of function name
> > >
> > > Changes in v3:
> > > - Fix build error on nommu configuration. We already support nommu on
> > > RISC-V, so we should consider nommu case and test not only rv32/64,
> > > but also nommu.
> > >
> > > Changes in v2:
> > > - Use _data to specify the start of data section with write permission.
> > > - Change ftrace patch text implementaion.
> > > - Separate DEBUG_WX patch to another patchset.
> > >
> > > Zong Li (9):
> > > riscv: add macro to get instruction length
> > > riscv: introduce interfaces to patch kernel code
> > > riscv: patch code by fixmap mapping
> > > riscv: add ARCH_HAS_SET_MEMORY support
> > > riscv: add ARCH_HAS_SET_DIRECT_MAP support
> > > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support
> > > riscv: move exception table immediately after RO_DATA
> > > riscv: add alignment for text, rodata and data sections
> > > riscv: add STRICT_KERNEL_RWX support
> > >
> > > arch/riscv/Kconfig | 6 +
> > > arch/riscv/include/asm/bug.h | 8 ++
> > > arch/riscv/include/asm/fixmap.h | 2 +
> > > arch/riscv/include/asm/patch.h | 12 ++
> > > arch/riscv/include/asm/set_memory.h | 48 +++++++
> > > arch/riscv/kernel/Makefile | 4 +-
> > > arch/riscv/kernel/ftrace.c | 26 ++--
> > > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++
> > > arch/riscv/kernel/traps.c | 3 +-
> > > arch/riscv/kernel/vmlinux.lds.S | 11 +-
> > > arch/riscv/mm/Makefile | 2 +-
> > > arch/riscv/mm/init.c | 44 +++++++
> > > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++
> > > 13 files changed, 466 insertions(+), 15 deletions(-)
> > > create mode 100644 arch/riscv/include/asm/patch.h
> > > create mode 100644 arch/riscv/include/asm/set_memory.h
> > > create mode 100644 arch/riscv/kernel/patch.c
> > > create mode 100644 arch/riscv/mm/pageattr.c
> >
> > Looks like there are quite a few conflicts here. Do you mind re-spinning the
> > patch set for me? It's a bit early to spin off for-next right now so there
> > might be some more conflicts, but hopefully not too many.
> >
>
> Sure, let me rebase it and send the next version. Thanks.
This series is already merged in Linux kernel and it is available
in Linux-5.7-rc2.
I don't see the point in rebasing this series or commenting on
this series.
If you have fixes then send as separate patches based on
latest Linux-5.7-rcX release.
Regards,
Anup
On Tue, Apr 21, 2020 at 2:20 PM Anup Patel <[email protected]> wrote:
>
> On Tue, Apr 21, 2020 at 11:06 AM Zong Li <[email protected]> wrote:
> >
> > Palmer Dabbelt <[email protected]> 於 2020年4月21日 週二 上午2:27寫道:
> > >
> > > On Wed, 08 Apr 2020 00:56:55 PDT (-0700), [email protected] wrote:
> > > > The main purpose of this patch series is changing the kernel mapping permission
> > > > , make sure that code is not writeable, data is not executable, and read-only
> > > > data is neither writable nor executable.
> > > >
> > > > This patch series also supports the relevant implementations such as
> > > > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP,
> > > > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX.
> > > >
> > > > Changes in v5:
> > > > - Add lockdep_assert_held and more comments for text_mutex.
> > > >
> > > > Changes in v4:
> > > > - Use NOKPROBE_SYMBOL instead of __kprobe annotation
> > > > - Use text_mutex instead of patch_lock
> > > > - Remove 'riscv_' prefix of function name
> > > >
> > > > Changes in v3:
> > > > - Fix build error on nommu configuration. We already support nommu on
> > > > RISC-V, so we should consider nommu case and test not only rv32/64,
> > > > but also nommu.
> > > >
> > > > Changes in v2:
> > > > - Use _data to specify the start of data section with write permission.
> > > > - Change ftrace patch text implementaion.
> > > > - Separate DEBUG_WX patch to another patchset.
> > > >
> > > > Zong Li (9):
> > > > riscv: add macro to get instruction length
> > > > riscv: introduce interfaces to patch kernel code
> > > > riscv: patch code by fixmap mapping
> > > > riscv: add ARCH_HAS_SET_MEMORY support
> > > > riscv: add ARCH_HAS_SET_DIRECT_MAP support
> > > > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support
> > > > riscv: move exception table immediately after RO_DATA
> > > > riscv: add alignment for text, rodata and data sections
> > > > riscv: add STRICT_KERNEL_RWX support
> > > >
> > > > arch/riscv/Kconfig | 6 +
> > > > arch/riscv/include/asm/bug.h | 8 ++
> > > > arch/riscv/include/asm/fixmap.h | 2 +
> > > > arch/riscv/include/asm/patch.h | 12 ++
> > > > arch/riscv/include/asm/set_memory.h | 48 +++++++
> > > > arch/riscv/kernel/Makefile | 4 +-
> > > > arch/riscv/kernel/ftrace.c | 26 ++--
> > > > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++
> > > > arch/riscv/kernel/traps.c | 3 +-
> > > > arch/riscv/kernel/vmlinux.lds.S | 11 +-
> > > > arch/riscv/mm/Makefile | 2 +-
> > > > arch/riscv/mm/init.c | 44 +++++++
> > > > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++
> > > > 13 files changed, 466 insertions(+), 15 deletions(-)
> > > > create mode 100644 arch/riscv/include/asm/patch.h
> > > > create mode 100644 arch/riscv/include/asm/set_memory.h
> > > > create mode 100644 arch/riscv/kernel/patch.c
> > > > create mode 100644 arch/riscv/mm/pageattr.c
> > >
> > > Looks like there are quite a few conflicts here. Do you mind re-spinning the
> > > patch set for me? It's a bit early to spin off for-next right now so there
> > > might be some more conflicts, but hopefully not too many.
> > >
> >
> > Sure, let me rebase it and send the next version. Thanks.
>
> This series is already merged in Linux kernel and it is available
> in Linux-5.7-rc2.
>
> I don't see the point in rebasing this series or commenting on
> this series.
>
> If you have fixes then send as separate patches based on
> latest Linux-5.7-rcX release.
>
Yes, I would send the separate patches for the difference from the
merged version. Thanks.
> Regards,
> Anup