Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp55253yba; Wed, 15 May 2019 18:50:16 -0700 (PDT) X-Google-Smtp-Source: APXvYqyYJZ/ssLTAxz+OIEhiBfwXhuveFG6o6YM358dOXKKrGRpSIWNS662GUkukF8RjuZfQ3fJw X-Received: by 2002:a63:7c55:: with SMTP id l21mr23154531pgn.121.1557971416037; Wed, 15 May 2019 18:50:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557971416; cv=none; d=google.com; s=arc-20160816; b=mY8YBDJumz908ZUImZIBGhe0ExyV2wrC/ZaI+i1S0+jnWefP/Mxisxj3qX7BlJPVq6 1Kr/vP/NUsxSwe9iOk4Ffo8G1XK32zAAEeyezKI7xWhnl/QjeNtWP9tbc9HirhSkMJZP 1k/fEdtqZtsrLlw9Eh5fritjx0uOez3pniH9aBcgTuLReyMlCu0yZD1FuWOonl4JBlXu 0geIvM4u0VrG/hvkjD3cYTSUJkOJidWSdIOyji0tHzHMaYWhchTLg7rUES+zNRhVD6Fu 9jwAKmmR9Im1OZhxcgXdchkoysqa5fYK3neCRXAPF51erzRbHardM1fAQX3vxeO/134I fSOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature:dkim-signature; bh=nUOGfNEnELr84sH3+7udhSvC4Y5B7HeBJX0EF2z10NM=; b=arEzvtkZLvqLui5UJ8OP3kMDW9ptvdUOy3SlNgyg+cmgwBHQU6niMfHubVZiBJBnNe dL6+QCB1jFT1tk2elYadUtInW+7+/YluQBL9zMjavn5CSuQEsegthymLE6j2A0H8etZR c49CfUvjzb4+PTw3I42SvJlrZX7Rvkg+aQ86oC2ewjjlVhWlkwQAY/r16tSl8TpfWGG5 lxj9w2rKEFB3USj0hFqfAA2hKOfOU0qhw7f6Ttj/kjboS1Yx8Ei9c77MkXff2Lg88l3a A/U6oH6RXcADGy68pwVY+acKNAbDPEoXsp2EjO76qC44LJG/fTEc3V6GBD+EhiFfmVJK LfFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@russell.cc header.s=fm1 header.b=DH5hEGWu; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b="kxm/GIBH"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b188si3439764pga.223.2019.05.15.18.49.48; Wed, 15 May 2019 18:50:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@russell.cc header.s=fm1 header.b=DH5hEGWu; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b="kxm/GIBH"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727718AbfEPBrB (ORCPT + 99 others); Wed, 15 May 2019 21:47:01 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:34789 "EHLO out3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726834AbfEPAva (ORCPT ); Wed, 15 May 2019 20:51:30 -0400 Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 73D132594C; Wed, 15 May 2019 20:51:27 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Wed, 15 May 2019 20:51:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h= message-id:subject:from:to:cc:date:in-reply-to:references :content-type:mime-version:content-transfer-encoding; s=fm1; bh= nUOGfNEnELr84sH3+7udhSvC4Y5B7HeBJX0EF2z10NM=; b=DH5hEGWuH0jMg6U1 i0HbodrJ73e/pr2QYlw71DvEn+DTQ1G414t6ePtG4xKeV3SGYQnFRsK2EthVCp6g VV0HZe2ZwvUWMKT+mf5m7FH0LaFv7uN9FH/CrKnUK4GAAPUxV8UXL/ySWlfzBAv3 2NV96R+xAvMUlTd8FGu0ByIG6cgGUpbzMSf9J+zphP26TM8FSxJUBOgbUPARfXOz QazFE9Ql2vJ65iTPRFnwrjAk9fFWQFkCyVPxQtQa4F4idVz8FG8LiHwUyvUo7oqU bO/zZyRjybWANu3iPvhZsmiTHhP1mEW1Ouwe1KnUospcQZExrfUeCj0jaGYy5Mnq 0/oWLg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=nUOGfNEnELr84sH3+7udhSvC4Y5B7HeBJX0EF2z10 NM=; b=kxm/GIBHNoPzxvJKF8QX5U8RjAkX+c263J9E4knrwl1udQc2kGcHajExa dolzp1ILCvwPnLB6Mmfoco5p+XkcNlptKi8+VVZNgz+TqdYMXTbxYLc3Nn6O2lz8 AYboYsFMrH5o1W4rWiTcJypEqIariOrygRdk5yURm0i5vOoU9wlKKx1fARR3ZJbW KKz96JWWNY41F/gTq6jJkVEkns1lG5xMBluDMllWzI0nbGKFaMDszvRfqt1iBUd4 n0F/E6BnJDvF016BhG/igE4rjlffmYunh8HPwQm1Mxd3mHzf5MrD5dkAuPE9BPbD 5JcKQ6jpXRBA5bSsTeZQaxnlhVxiQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrleelgdefkecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenfg hrlhcuvffnffculdduhedmnecujfgurhepkffuhffvffgjfhgtfggggfesthejredttder jeenucfhrhhomheptfhushhsvghllhcuvehurhhrvgihuceorhhushgtuhhrsehruhhssh gvlhhlrdgttgeqnecukfhppeduvddvrdelledrkedvrddutdenucfrrghrrghmpehmrghi lhhfrhhomheprhhushgtuhhrsehruhhsshgvlhhlrdgttgenucevlhhushhtvghrufhiii gvpedt X-ME-Proxy: Received: from crackle.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 3524A80066; Wed, 15 May 2019 20:51:23 -0400 (EDT) Message-ID: <2467361d57af7b9322e91b885b048eb014a6fe2d.camel@russell.cc> Subject: Re: [RFC PATCH] powerpc/mm: Implement STRICT_MODULE_RWX From: Russell Currey To: Christophe Leroy , Benjamin Herrenschmidt , Paul Mackerras , Michael Ellerman Cc: linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org Date: Thu, 16 May 2019 10:51:20 +1000 In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.32.2 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 2019-05-15 at 06:20 +0000, Christophe Leroy wrote: > Strict module RWX is just like strict kernel RWX, but for modules - > so > loadable modules aren't marked both writable and executable at the > same > time. This is handled by the generic code in kernel/module.c, and > simply requires the architecture to implement the set_memory() set of > functions, declared with ARCH_HAS_SET_MEMORY. > > There's nothing other than these functions required to turn > ARCH_HAS_STRICT_MODULE_RWX on, so turn that on too. > > With STRICT_MODULE_RWX enabled, there are as many W+X pages at > runtime > as there are with CONFIG_MODULES=n (none), so in Russel's testing it > works > well on both Hash and Radix book3s64. > > There's a TODO in the code for also applying the page permission > changes > to the backing pages in the linear mapping: this is pretty simple for > Radix and (seemingly) a lot harder for Hash, so I've left it for now > since there's still a notable security benefit for the patch as-is. > > Technically can be enabled without STRICT_KERNEL_RWX, but > that doesn't gets you a whole lot, so we should leave it off by > default > until we can get STRICT_KERNEL_RWX to the point where it's enabled by > default. > > Signed-off-by: Russell Currey > Signed-off-by: Christophe Leroy > --- Thanks for this, I figured you'd know how to make this work on 32bit too. I'll test on my end today. Note that there are two Ls in my name! To quote the great Rusty, "This Russel disease must be stamped out before it becomes widespread".