Received: by 2002:a25:c593:0:0:0:0:0 with SMTP id v141csp6906733ybe; Wed, 18 Sep 2019 11:00:27 -0700 (PDT) X-Google-Smtp-Source: APXvYqwWi09BRQ+N1T4onZGEL4Baa1I7ewuiIr2kRFZOvk6UFtPOf0jkHCvLXBYb7GfqMrDuocZc X-Received: by 2002:a17:906:5957:: with SMTP id g23mr10507094ejr.312.1568829627074; Wed, 18 Sep 2019 11:00:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568829627; cv=none; d=google.com; s=arc-20160816; b=t3SYfITLYkI9rROr//VfepR1xtSJltNQg9kK8PoCDWfwhFWcuEqOSJqNdyu43fxn6A OD8X2eNqxZNVi8/nFciNJoKS7eIkQBXJI86FCMal7s3D2UkOM2tJGp8eTNsVVgfaRsB8 ifJIFxj18WB1MUJW8+Hpo+Z/q8C4yn5Ao3vIBYVXvCNs/5DHlzcTMOcr5xRrwiC/kuob buWw5qjIZcGAzJB/9qM2v338I49QdGWXpjz1rFcwGDg82JFynO1lsP2eeSlp/Y/i0LG0 tEkvT0kz27myPQXdxCTbB827bQ9KnMQVVIoTulnkPjcPDoZwaDFoXGk6pHzxua4Ks2ja VdBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=CKPEblYmiNWRiv20ieEmPxQMSPG3ROjEN5oXXUa4NGI=; b=dF9j5AI6xjGjv90w2ADVZI9BmCgnIfjwb9tred05sHtElUPRfRsYwZVIGwbhC4Olke bnGTEHOHpUqBCIyaaWok5Tt9veiRzQzVUi7an3ZXJIuBNfQWTaHtpx1aaoy9Id+q9bzP u4LsxrXFM2fqsoX+wxvbY6KoMGSYmJ5LfnyR9JgvR6vYg34daOCYa9JCz8IYeWIhctYc +dXdxY1o1D6Ww8VGJ7yVWdpkpFUjj1xOA2CtzlPh6wJGvQkj4NhPD2BnKX0AdMYvJqnN i2SVI/PSGeYN6yOMjrkwg2bWmM/6vTsJBMDai7iEiLDFkLBIE1t/NLB3sB7uEKSmzY8D fiOQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=dCH0MbSm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o32si3962675edc.94.2019.09.18.11.00.02; Wed, 18 Sep 2019 11:00:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=dCH0MbSm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730677AbfIRRyP (ORCPT + 99 others); Wed, 18 Sep 2019 13:54:15 -0400 Received: from mail-lf1-f67.google.com ([209.85.167.67]:36039 "EHLO mail-lf1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725899AbfIRRyO (ORCPT ); Wed, 18 Sep 2019 13:54:14 -0400 Received: by mail-lf1-f67.google.com with SMTP id x80so334228lff.3 for ; Wed, 18 Sep 2019 10:54:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CKPEblYmiNWRiv20ieEmPxQMSPG3ROjEN5oXXUa4NGI=; b=dCH0MbSm99XKssdMsOkoLpiwx4MDo8pFEsngrU0Z/OMvbuihc7aYnWe7t8BBAd+ttJ Uu0Ju8g0bM2omm07tKD+EqqWeJSWbzm8neDVGBp7Mr89tT2SS4rfcSbcrdLMYaqDX9Ch cLSicD9c3odh1fkwx2ih0er4rVz2IoV58s0/k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CKPEblYmiNWRiv20ieEmPxQMSPG3ROjEN5oXXUa4NGI=; b=atoLxh+bPQO599Kafm/ZT1yJz6s1DIXP9ML8v79WcJ4qI13T332jzjyInuhpApSooN x7hKC4f7PyUEOu7XQ9pCSX1XYRzfF15eBVsfyBOKRir/oPc6SJOM6XzbESS/kcGfkwUW nPJXwO80DiT1Ml8VMVgUh+C/LG4rqsooRgQjMhglvO9/m8q0qlEanYYoE0FVeC+zx2+2 87k7A/ZyHDa3e9WtTddXzmOurdGb6j3BUOkKH+g+OgVZIiGhD69/zjNeykSUQ/UU4W/c rV10DLnczv9/+xYnELV+d0XAokUFlFE5rztBRDC+fcQXikqGt3xs7sgYeTIfs1RDJXGM Eo/Q== X-Gm-Message-State: APjAAAUErX6kXHGKRD0xfbkffQ8Gb/lOjqfT/tRhl9l5/pdf4kP06MM2 wssrYNs0pd+837Tw8z2rXDCaSXiPj0o= X-Received: by 2002:a19:8a0b:: with SMTP id m11mr2771847lfd.4.1568829252541; Wed, 18 Sep 2019 10:54:12 -0700 (PDT) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com. [209.85.167.51]) by smtp.gmail.com with ESMTPSA id 207sm1271211lfn.0.2019.09.18.10.54.11 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 18 Sep 2019 10:54:11 -0700 (PDT) Received: by mail-lf1-f51.google.com with SMTP id c195so308199lfg.9 for ; Wed, 18 Sep 2019 10:54:11 -0700 (PDT) X-Received: by 2002:ac2:50cb:: with SMTP id h11mr2762148lfm.170.1568829251126; Wed, 18 Sep 2019 10:54:11 -0700 (PDT) MIME-Version: 1.0 References: <20190918164121.30006-1-Larry.Finger@lwfinger.net> <20190918164518.GA19222@lst.de> In-Reply-To: From: Linus Torvalds Date: Wed, 18 Sep 2019 10:53:54 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] x86/mm: Remove set_pages_x() and set_pages_nx() To: Larry Finger Cc: Christoph Hellwig , Linux List Kernel Mailing , Peter Zijlstra , Ingo Molnar , Greg Kroah-Hartman Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Sep 18, 2019 at 10:50 AM Larry Finger wrote: > > Is there approved way for pages to be set to be executable by an external module > that would not be a security issue? Point to what external module and why. Honestly, the likely answer is simply "no". Why would an external module ever need to make something executable that isn't read-only code? That's pretty fundamental. Marking data executable is fairly questionable these days. Instead, what might work is to have some higher-level concept that we actually trust, and that isn't about making data executable, but about doing something reasonable. See the difference? Making things executable is not ok, but perhaps a "alternative runtime code sequence" is ok. Linus