Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp5362130ybi;
        Wed, 12 Jun 2019 00:59:12 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzz3DjMIbPZhRUSpkoF3bFRfRnfGnH+rlWTsTsS37L4VqfVXWsvjdNebRVgCPudifqeHGGP
X-Received: by 2002:a17:902:728a:: with SMTP id d10mr78773959pll.90.1560326352750;
        Wed, 12 Jun 2019 00:59:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560326352; cv=none;
        d=google.com; s=arc-20160816;
        b=jL/WO0S8QQfHJpCHKxj/YAGITwrPUFvPNlCP+8iQ+s1WwRH6++LO3FBK2xEfblNth2
         2JWm+sOJ04WomT+OCtFtLktExPOiy/3LjzDtZf52nLSv8DfYSIXrVekCe7uEISI0d2X8
         JV6Kynh/TTufP2Ti6FaVVc8c9C/CiBym1A5oZNNbTmD5L2xAyvjSrifdTaduhWkldTdz
         wUNHOUemPlxMU6P8g1y92M9SSj+/d9W3DfD8wKkLDxeXS8mR2jsI1IQJqMJ60crW8OPm
         Ap7TqyaeZ0em2dcxtqzB3MKoO/Sveid/Bx9gmDdCQ1ujeBBei9Yx2BJwwubOvq9dKjiO
         FY1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:date:message-id:subject:cc:from:to
         :in-reply-to;
        bh=OYU8k2zJDiy376qvd7sIvUOzwkEkWiI01kOTJIlJXoI=;
        b=mJM1siboXEPGqwZ3pbef5fg1LhaaCYlbQfci792uzekJa1k0tn9biJh+hTiKFQAxhf
         0dQ50Z0Tl//ieOxOXuo+MvmYilI0/qLnN/wkUKvjl92BFFQRywfrP+3mddVpfjm0rVom
         Epj29XggMwtQ1eZXpoLeaJsJMMwWaiRorwFJqN3WyF0zCk2Aqowb1sfNDNrKljlN5YlB
         ZmMo/iTKG2/SGV08Cctrlwowv2YauBGY2ACtZWIhuKRqR9d2TGThTHMRj1MHwBMveRgv
         p07vAD07aRV82Dq2reAC8VPcEjwBlMOuLBckCJmh16ToAf/yOM3/E5XjmaHvvmxKE7Pw
         OsXA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l6si4600282pjq.81.2019.06.12.00.58.56;
        Wed, 12 Jun 2019 00:59:12 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730414AbfFLE7M (ORCPT <rfc822;fezhang.suse@gmail.com>
        + 99 others); Wed, 12 Jun 2019 00:59:12 -0400
Received: from ozlabs.org ([203.11.71.1]:41249 "EHLO ozlabs.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725372AbfFLE7M (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 12 Jun 2019 00:59:12 -0400
Received: by ozlabs.org (Postfix, from userid 1034)
        id 45NvmG0rjTz9s9y; Wed, 12 Jun 2019 14:59:10 +1000 (AEST)
X-powerpc-patch-notification: thanks
X-powerpc-patch-commit: 6c284228eb356a1ec62a704b4d2329711831eaed
X-Patchwork-Hint: ignore
In-Reply-To: <56efc3b317622d5f607d1f7a35894b194c385492.1559549824.git.christophe.leroy@c-s.fr>
To:     Christophe Leroy <christophe.leroy@c-s.fr>,
        Benjamin Herrenschmidt <benh@kernel.crashing.org>,
        Paul Mackerras <paulus@samba.org>,
        Aaro Koskinen <aaro.koskinen@iki.fi>
From:   Michael Ellerman <patch-notifications@ellerman.id.au>
Cc:     linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3] powerpc: fix kexec failure on book3s/32
Message-Id: <45NvmG0rjTz9s9y@ozlabs.org>
Date:   Wed, 12 Jun 2019 14:59:10 +1000 (AEST)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 2019-06-03 at 08:20:28 UTC, Christophe Leroy wrote:
> In the old days, _PAGE_EXEC didn't exist on 6xx aka book3s/32.
> Therefore, allthough __mapin_ram_chunk() was already mapping kernel
> text with PAGE_KERNEL_TEXT and the rest with PAGE_KERNEL, the entire
> memory was executable. Part of the memory (first 512kbytes) was
> mapped with BATs instead of page table, but it was also entirely
> mapped as executable.
> 
> In commit 385e89d5b20f ("powerpc/mm: add exec protection on
> powerpc 603"), we started adding exec protection to some 6xx, namely
> the 603, for pages mapped via pagetables.
> 
> Then, in commit 63b2bc619565 ("powerpc/mm/32s: Use BATs for
> STRICT_KERNEL_RWX"), the exec protection was extended to BAT mapped
> memory, so that really only the kernel text could be executed.
> 
> The problem here is that kexec is based on copying some code into
> upper part of memory then executing it from there in order to install
> a fresh new kernel at its definitive location.
> 
> However, the code is position independant and first part of it is
> just there to deactivate the MMU and jump to the second part. So it
> is possible to run this first part inplace instead of running the
> copy. Once the MMU is off, there is no protection anymore and the
> second part of the code will just run as before.
> 
> Reported-by: Aaro Koskinen <aaro.koskinen@iki.fi>
> Fixes: 63b2bc619565 ("powerpc/mm/32s: Use BATs for STRICT_KERNEL_RWX")
> Cc: stable@vger.kernel.org
> Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
> Tested-by: Aaro Koskinen <aaro.koskinen@iki.fi>

Applied to powerpc fixes, thanks.

https://git.kernel.org/powerpc/c/6c284228eb356a1ec62a704b4d232971

cheers