MIME-Version: 1.0
In-Reply-To: <20151215094015.GA3677@amd>
References: <20151115070022.GA15417@amd>
	<20151214080403.GA3708@amd>
	<20151214085803.GA10520@pd.tnic>
	<20151214090726.GA6472@amd>
	<CA+55aFwivS6pnNKqy6aFrh4H5HC2izW_Rw0GL1hV9EdbV+HhkA@mail.gmail.com>
	<20151214202627.GA15104@amd>
	<CALCETrX6DrW2AJz=WGjMW+nNTsq08+Cte0m=CF_Q9+uzsuR1vA@mail.gmail.com>
	<566F3378.8070009@linux.intel.com>
	<CALCETrW60DfZs-v_W46sYFUmBXspa3BXWY-=dpuSF9iMaeLGFQ@mail.gmail.com>
	<20151215094015.GA3677@amd>
Date: Tue, 15 Dec 2015 09:45:40 -0800
Message-ID: <CA+55aFyp91uoxPV=NTNpWOLWkfV9QB=0WKZBtF2cdBNC8Q6LSA@mail.gmail.com>
Subject: Re: 4.4-rc5: ugly warn on: 5 W+X pages found
From: Linus Torvalds <torvalds@linux-foundation.org>
To: Pavel Machek <pavel@ucw.cz>
Cc: Andy Lutomirski <luto@amacapital.net>,
        Arjan van de Ven <arjan@linux.intel.com>,
        Borislav Petkov <bp@alien8.de>,
        kernel list <linux-kernel@vger.kernel.org>,
        Stephen Smalley <sds@tycho.nsa.gov>, Brian Gerst <brgerst@gmail.com>,
        Denys Vlasenko <dvlasenk@redhat.com>, Peter Anvin <hpa@zytor.com>,
        Mike Galbraith <efault@gmx.de>, Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1847
Lines: 57

On Tue, Dec 15, 2015 at 1:40 AM, Pavel Machek <pavel@ucw.cz> wrote:
>
> I tried applying:
>
> [PATCH 1/2] x86_32/mm: Set NX in __supported_pte_mask before enabling
> paging
>
> but I still get
>
> [    2.691897] x86/mm: Found insecure W+X mapping at address ffe69000/0xffe69000

This may be an insane suggestion, but how about we try to detect when
that entry gets set, rather than after the fact.

Something really brute-force like

  diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
  index 6ec0c8b2e9df..538c9bb239b9 100644
  --- a/arch/x86/include/asm/pgtable.h
  +++ b/arch/x86/include/asm/pgtable.h
  @@ -337,6 +337,13 @@ static inline pmd_t pmd_clear_soft_dirty(pmd_t pmd)

   #endif /* CONFIG_HAVE_ARCH_SOFT_DIRTY */

  +static inline int kernel_write_execute_prot(pgprotval_t protval)
  +{
  +       return !(protval & _PAGE_USER) &&
  +               !(protval & _PAGE_NX) &&
  +               (protval & _PAGE_RW);
  +}
  +
   /*
    * Mask out unsupported bits in a present pgprot.  Non-present pgprots
    * can use those bits for other purposes, so leave them be.
  @@ -345,8 +352,10 @@ static inline pgprotval_t massage_pgprot(pgprot_t pgprot)
   {
          pgprotval_t protval = pgprot_val(pgprot);

  -       if (protval & _PAGE_PRESENT)
  +       if (protval & _PAGE_PRESENT) {
                  protval &= __supported_pte_mask;
  +               WARN_ON_ONCE(kernel_write_execute_prot(protval));
  +       }

          return protval;
   }

or similar?

The above is entirely untested. Maybe it doesn't compile. Or boot. Or work.

                 Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/