Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp11062028imu; Thu, 6 Dec 2018 10:55:06 -0800 (PST) X-Google-Smtp-Source: AFSGD/WIO1fSaER2w2Dp643cAAUYvDfAg1U9u0I9M6tLJPKgxvBXYxOFP55tpHxBs9XSVK0UfmsI X-Received: by 2002:a63:e247:: with SMTP id y7mr23871025pgj.84.1544122506851; Thu, 06 Dec 2018 10:55:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544122506; cv=none; d=google.com; s=arc-20160816; b=Fs8jhlgRAbABuqG5mPsM5u0LekrKFUcnNYJ7+9z7kMFOLzoCJ9HPEnaho6zmDJzBUj hWLQtJix+wBWmhfsAgJ+dcfBgpSwV46oIi5luNUoX341kHGj2/hQzA3i1Oqc1s/5zQBV LdhV8gjLV2bCFZY2iACUWUZH/FXDSXUr76FAj+2EbgX0pqL4AX3CdfW8ip8K+D36MiKX oMppuTKeXHlFDzjVdylVLbPzYma2XBsjdwYc6ESooABt/5y67exhAVRu+gogZYTtuPyA QpgqN8WlRCdMrZy+smmp6WouFtmFc/zHuR9MWvqqolekP4khlRahF+htK5qORKUe0xWT fT/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=VKR5DJbzvkktlcv5EJEZckb2XKsMLl4iJb4RGROIzd8=; b=ickQRcSVSbOjA2/bl9qgBxCIdk8N2p2cSAw2aCg2fHVnu5yN8+p/2CngwGVVPPWzlI YFwcljIBz33MoowZQHkhtKBUCyFdbMq9tpnyicYc3R3yAiipskDJhFFmsaqlJ4RQMUUk psHI3MTBvprFxqutAN68JOkOPIs3itDcKesE3gkQAiPU16lqBYdpgz9qhmi2hOAVGiEB mdVS9z1bu9+Lrw2X6+uqo6j/LUw222cM4bt8hAT8NOorpZO/LMBFJ20aXX1kRIokMrRs VvcF/Vgk6wiMtIGDFb7xQWdrBy3Ylxz7SZSiqBRTI6dVYLBaiCQ4pwhzhqn7AwuDpB1R dWLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=hW6QITFW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c32si830706plj.38.2018.12.06.10.54.50; Thu, 06 Dec 2018 10:55:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=hW6QITFW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726013AbeLFSwc (ORCPT + 99 others); Thu, 6 Dec 2018 13:52:32 -0500 Received: from mail.kernel.org ([198.145.29.99]:59898 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725944AbeLFSwc (ORCPT ); Thu, 6 Dec 2018 13:52:32 -0500 Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 84E8F21527 for ; Thu, 6 Dec 2018 18:52:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1544122351; bh=oAgDX3wRJRoNdRE4dwh5IrKTPAbfj3Df+q4m08d44Gw=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=hW6QITFWMpM280ON9ldg4Unkt9T1OusqjhcMpJgc2BVk+BDS+QqK7F3x9tO5yfsF/ fdKiv9nE+tqDlngZLqw+eeK4H4KH+htpzxekPWKyLLYFX0gzTSecWsSUkDBXzYPrAi dSGDp9nSZYmEl66KLoah+MsjrFaAlL7putMmT50s= Received: by mail-wr1-f46.google.com with SMTP id r10so1503020wrs.10 for ; Thu, 06 Dec 2018 10:52:31 -0800 (PST) X-Gm-Message-State: AA+aEWZxaS22J9BDGW18+n2PzRb3TrV+IDtyXJHxdzaY1+A4+e6nRm+s HGtK5d+cJCnD9AfxdVcz2zUM164i4thFDrt0Lu4X1Q== X-Received: by 2002:a5d:5502:: with SMTP id b2mr27227151wrv.330.1544122349912; Thu, 06 Dec 2018 10:52:29 -0800 (PST) MIME-Version: 1.0 References: <20181205013408.47725-1-namit@vmware.com> <20181205013408.47725-14-namit@vmware.com> In-Reply-To: <20181205013408.47725-14-namit@vmware.com> From: Andy Lutomirski Date: Thu, 6 Dec 2018 10:52:18 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v7 13/14] module: Do not set nx for module memory before freeing To: Nadav Amit Cc: Ingo Molnar , LKML , X86 ML , "H. Peter Anvin" , Thomas Gleixner , Borislav Petkov , Andrew Lutomirski , Nadav Amit , Dave Hansen , Peter Zijlstra , linux_dti@icloud.com, linux-integrity , LSM List , Rick Edgecombe , Will Deacon Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Dec 5, 2018 at 12:52 AM Nadav Amit wrote: > > When module memory is about to be freed, there is no apparent reason to > make it (and its data) executable, but that's exactly what is done > today. This is not efficient and not secure. > > There are various theories why it was done, but none of them seem as > something that really require it today. nios2 uses kmalloc for module > memory, but anyhow it does not change the PTEs of the module memory. In > x86, changing vmalloc'd memory mappings also modifies the direct mapping > alias, but the NX-bit is not modified in such way. > > So let's remove it. Andy suggested that the changes of the PTEs can be > avoided (excluding the direct-mapping alias), which is true. However, > in x86 it requires some cleanup of the contiguous page allocator, which > is outside of the scope of this patch-set. > I'm okay with this, but I'd like to see Rick's stuff get rebased on top of it and clean it up for real.