Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp4554811ybi; Tue, 30 Jul 2019 04:09:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqwcWmuaFNL8181GKw1wk8SdXm+ys09dZa2UseTVgAtedCzD6Xc+VIrnVT3tKqS++sBCyvO1 X-Received: by 2002:a17:902:2d01:: with SMTP id o1mr117376898plb.105.1564484958550; Tue, 30 Jul 2019 04:09:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564484958; cv=none; d=google.com; s=arc-20160816; b=ONQfrSfa2u/zAfA5r6EeJ8QFGRwLs72L8s/6sg3QTk9L/cOzn+gTqJuvzahiEYd5bM YFB3G269/lmE8lCMIxJllHNCkhbV15feIA6OIecg8jm7PzCLMkmO2M5IObZNlNGEPuaR uDozn34OPavi+xpLka/R2gMQMp2KmJBT/2/o4OuCq30IllhEPnc2z1VJSm6LeVh8QqPa ebp/V75FYWkyuTubi9T5FaUt2k7rIcu1WYoM+tIqptYCZlbrcOOE66bX3YkEVl/Bkxhq oz/hbqDxbZWnhzk2e1Y9AoZb6dOZomV00tJ6UzW9m126Ld3ohgvpq3WogdPMRwxnlIl5 K8XA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=zK+7vJ/5diIei7ZOkTJcLSHR3AyrK5eUeqehyoPwYA4=; b=G+q1vsPQRlJnv6HGH8NlRdIApDcvEu9V6RKyZY6G4fMAeep0FblscgWvZyMNHhlhcp GUoI++8hjPu7Nm+9g6lFJd+CWGdPGQXu8sCrBgmKPc4BxYNN13LQOhRmax0AK42CvTtK r4FuxaHcQ0osswib3FBWER/40mMJsBeE3hjcRr17+HyBeSqW82Q4EHevoGxwalWjTcO9 4JNQkpz4RG8f9Nqpx+ImiW6pP0Bqq0eguVLEuQTY78cbUWzupWOdffsXQL9+1BOVawAE +94CO+IJEhsT2lXDluDbjIfu8hJ68oIY6ECvaG5z2WAqNwp8CH+tB0I5AtM/vyn9lvy9 bpJw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ZhAE4XiA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n12si7593164pgh.210.2019.07.30.04.09.04; Tue, 30 Jul 2019 04:09:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ZhAE4XiA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731012AbfG3Imq (ORCPT + 99 others); Tue, 30 Jul 2019 04:42:46 -0400 Received: from mail.kernel.org ([198.145.29.99]:44006 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726255AbfG3Imq (ORCPT ); Tue, 30 Jul 2019 04:42:46 -0400 Received: from linux-8ccs (unknown [92.117.234.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id BEA68206A2; Tue, 30 Jul 2019 08:42:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1564476165; bh=YK2IrKjOsWEiencRzwtkuliQzDg5iArYwQoLPINIRA8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=ZhAE4XiAR0lxtgqgtoYxN5SYyXm0adhMlJdrSkEJ6XXgah/SpUVb5UExJLe5pTPCr cbJXtlcPxXvaWI/EQk7jDxsMsploMkUqXkVi9o7f4RTfWKOUGQsDFjixpUghXXo1nZ 6mvX52uc1uXN9atQc5ejGExZkxF+9GEt7h4ESHMM= Date: Tue, 30 Jul 2019 10:42:39 +0200 From: Jessica Yu To: linux-kernel@vger.kernel.org Cc: Bartosz Golaszewski , Yang Yingliang , Jian Cheng , Nadav Amit , Sekhar Nori , Kevin Hilman , David Lechner , Adam Ford , Martin Kaiser Subject: Re: [PATCH] modules: always page-align module section allocations Message-ID: <20190730084239.GA19748@linux-8ccs> References: <20190724150156.28526-1-jeyu@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20190724150156.28526-1-jeyu@kernel.org> X-OS: Linux linux-8ccs 4.12.14-lp150.12.28-default x86_64 User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +++ Jessica Yu [24/07/19 17:01 +0200]: >Some arches (e.g., arm64, x86) have moved towards non-executable >module_alloc() allocations for security hardening reasons. That means >that the module loader will need to set the text section of a module to >executable, regardless of whether or not CONFIG_STRICT_MODULE_RWX is set. > >When CONFIG_STRICT_MODULE_RWX=y, module section allocations are always >page-aligned to handle memory rwx permissions. On some arches with >CONFIG_STRICT_MODULE_RWX=n however, when setting the module text to >executable, the BUG_ON() in frob_text() gets triggered since module >section allocations are not page-aligned when CONFIG_STRICT_MODULE_RWX=n. >Since the set_memory_* API works with pages, and since we need to call >set_memory_x() regardless of whether CONFIG_STRICT_MODULE_RWX is set, we >might as well page-align all module section allocations for ease of >managing rwx permissions of module sections (text, rodata, etc). > >Fixes: 2eef1399a866 ("modules: fix BUG when load module with rodata=n") >Reported-by: Martin Kaiser >Reported-by: Bartosz Golaszewski >Tested-by: David Lechner >Tested-by: Martin Kaiser >Signed-off-by: Jessica Yu Applied, thanks everyone for testing. > kernel/module.c | 7 +------ > 1 file changed, 1 insertion(+), 6 deletions(-) > >diff --git a/kernel/module.c b/kernel/module.c >index 5933395af9a0..cd8df516666d 100644 >--- a/kernel/module.c >+++ b/kernel/module.c >@@ -64,14 +64,9 @@ > > /* > * Modules' sections will be aligned on page boundaries >- * to ensure complete separation of code and data, but >- * only when CONFIG_STRICT_MODULE_RWX=y >+ * to ensure complete separation of code and data > */ >-#ifdef CONFIG_STRICT_MODULE_RWX > # define debug_align(X) ALIGN(X, PAGE_SIZE) >-#else >-# define debug_align(X) (X) >-#endif > > /* If this is set, the section belongs in the init part of the module */ > #define INIT_OFFSET_MASK (1UL << (BITS_PER_LONG-1)) >-- >2.16.4 >