Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp4003293imm; Mon, 8 Oct 2018 13:09:43 -0700 (PDT) X-Google-Smtp-Source: ACcGV60PfwiizU0orVSxqBtEyQm2kCasAVCwLfTqm8bXaaKHfd79TLeBoZGtebSn2PixW9XVjAxK X-Received: by 2002:a62:f909:: with SMTP id o9-v6mr26866468pfh.160.1539029383849; Mon, 08 Oct 2018 13:09:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539029383; cv=none; d=google.com; s=arc-20160816; b=stQibYxdshWhYoOsT3T9WswtEZkJsBzce7BfmWCZr/olIto/qisBFeXRLfBro29fir jSeQ3fJRtt4MoMppK61bqneVbwpu8Ad8eSysXzsFdZl4vj6d7HCfkNT5FzzuIXv+H8AI 1sHjoTCw9uQg/hp/DlYl/W5Sf18vG9zhtDAF5D9GlWnQ1pFqDQX9w+Q/34agzZI8lKoy GcjjpBEGZTl67/q+8AwFP5HD+YE4smiS26KvPPcoVLyHtKsDaCe6RxrW1F+jGUg+VVu3 j7klch9TNlxn5Cd6RF0JNaBjJAaSn37kEMmXaaEEJk9TeaqM3MdawVdDxESwZOj8j5s6 1Amw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=02BobGl2NubJwR7sYXPC0Sv+CHJnX0j0cpnGfuOoTdU=; b=bWkBr/AEwpBSbUy3+uUiYSLOO9odGO7XTsvhhrBQz1B5JlXkxZISSnHVLqp4mhy2FZ m60n3D5QfqB+/TwFGIhGWYcFEiCJb5F3YIS2zpES9FBVfwjOl4QbCSv/9wjsyFRnyIkt bfzpsBQkoW9rjh7jA/jHD3JI1jH74MJFi/bdBxdjYIxYPx/0Ohwe1/XibCfzgXe4qcZS oKB0vtrkrAnhtuvAY6jwz4uIEtUOIlwewMd0pmfGRP0z3slEbAtuCiKWhCJRXUu0V5a4 aoBR3pMKlVsRfHe+ETY9PwuhVxoR9VjCyRdW4dFdxnJH9lTMxhcFCym8MTlIYG2nhZk4 0/HA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Ks1JZ3jK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 9-v6si17655775pgn.512.2018.10.08.13.09.26; Mon, 08 Oct 2018 13:09:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=Ks1JZ3jK; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726822AbeJIDWL (ORCPT + 99 others); Mon, 8 Oct 2018 23:22:11 -0400 Received: from mail-wm1-f50.google.com ([209.85.128.50]:52019 "EHLO mail-wm1-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726393AbeJIDWL (ORCPT ); Mon, 8 Oct 2018 23:22:11 -0400 Received: by mail-wm1-f50.google.com with SMTP id 143-v6so9248228wmf.1 for ; Mon, 08 Oct 2018 13:08:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=02BobGl2NubJwR7sYXPC0Sv+CHJnX0j0cpnGfuOoTdU=; b=Ks1JZ3jK26QNhn1nXaZdlisHYyZlNspIhzRUZTzw2Hm5qelzeKbOV5U46ixLaRq/bf WoWK7h3nJdbqCyqc0iL3Tjwmw9c5SgJiG2IhjUH+6URqjsuzgOxrnkh3wBgsRwKZ5fvF Cd7rhkLAdNrXRi54yYHmcP/XWw5cQjCwN1IIVPziaNTgKYod1s4+X7bmi/9ltcOrNOh3 d3nyZ4ugeYQtYiTEBxlznoNBOj4gmRof2s/EVNuxWrQ9O4SePdaYRCMvvcxRPQYUQvNZ wrbK4h14Gsa31jJiYr9BiV8l5FOvKrH1sVQusY9nFq9d57MTgTJhcC7d9HgfTwwXYMll Y2RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=02BobGl2NubJwR7sYXPC0Sv+CHJnX0j0cpnGfuOoTdU=; b=dREFsGZABF4eNbihq6vHRYbGZLgFQsSnzgy8NpATKnGFJVIgG2aF+gw0pE0wm+X6Te LdEOaFQC1xCTAcEU0Sjat8oqZfwFBhZLFzxhqWzXywTS6/sIMSv90XcfpLieuHhtTmp0 8NX/juEDATLT9HKslrZh4sa2D8SeJ4EtsPtM6dkr2Kqcgen5BfQrAuPlvqdocXFHWPAh Te1w4EOSlX7XdfhGgrQyvqj+rIA2oeHwOeFNkcW7gXVj2faeqfPs2nJVnIXQxjAVfOr1 furvMnLo6K27FIUwAGrnUO4tnjsTd2yDBATWB2Wjp/p39Syg3KPese1GQtsyPRxYUAic llKQ== X-Gm-Message-State: ABuFfogu/YTqKb9cveeQaSiNeFEP588SPfSwxuvF2/WisPQtBjRZHFf1 zS6qtkK/imMXbkdpPwS0P8bvRouw5OfiTZyMg/Af X-Received: by 2002:a1c:88cd:: with SMTP id k196-v6mr15732774wmd.17.1539029322145; Mon, 08 Oct 2018 13:08:42 -0700 (PDT) MIME-Version: 1.0 References: <0922cc1b-ed51-06e9-df81-57fd5aa8e7de@molgen.mpg.de> <20181003212255.GB28361@zn.tnic> <20181004080321.GA3630@8bytes.org> <74dededa-3754-058b-2291-a349b9f3673e@molgen.mpg.de> In-Reply-To: From: Bjorn Helgaas Date: Mon, 8 Oct 2018 15:08:30 -0500 Message-ID: Subject: Re: x86/mm: Found insecure W+X mapping at address (ptrval)/0xc00a0000 To: Thomas Gleixner Cc: pmenzel@molgen.mpg.de, Joerg Roedel , Borislav Petkov , linux-mm@kvack.org, x86@kernel.org, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 8, 2018 at 2:37 PM Thomas Gleixner wrote: > > Paul, > > On Fri, 5 Oct 2018, Paul Menzel wrote: > > On 10/05/18 11:27, Thomas Gleixner wrote: > > > If pcibios is enabled and used, need to look at the gory details of that > > > first, then the W+X check has to exclude that region. We can't do much > > > about that. > > > > That would also explain, why it only happens with the SeaBIOS payload, > > which sets up legacy BIOS calls. Using GRUB directly as payload, no BIOS > > calls are set up. > > > > Reading the Kconfig description of the PCI access mode, the BIOS should > > only be used last. > > Correct. And looking at the dmesg you provided it is initialized: > > [ 0.441062] PCI: PCI BIOS area is rw and x. Use pci=nobios if you want it NX. > [ 0.441062] PCI: PCI BIOS revision 2.10 entry at 0xffa40, last bus=3 > > Though I assume it's not really required, but this PCI BIOS thing is not > really well documented and there are some obsure usage sites involved. > > Bjorn, do you have any insight or did you flush those memories long ago? No, I don't. I was never really involved with PCIBIOS.