Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp2380164ybn; Thu, 26 Sep 2019 11:01:14 -0700 (PDT) X-Google-Smtp-Source: APXvYqxZqzTDTLw8/F8/wxecULPvOpuMyvlU+V+TxTBXB7KR887ydOQQcp74UrgU5iUmctIjoS6X X-Received: by 2002:a1c:3182:: with SMTP id x124mr4348158wmx.168.1569520874194; Thu, 26 Sep 2019 11:01:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569520874; cv=none; d=google.com; s=arc-20160816; b=c3rZ8Rm8lzePQhIzBlmgDErmCNnUPHi5Zvsb6REDEUc4XK2ggrIcuvuqgMbhUpq3dL 9u3dSTdBdyZxOL6ocCWce06fPRApWa15DZOgP5Rla4AUXhhxxjvBTb8XJn4vXttZ0DAW TRhzaeNPPxn4pkgFcbkxgyAM+pg5BuJEiqKJmxlr18Z61HshuIlmR1n2ajq24o078y8b aaxRg5RMkLIINtBBXfv+DTh9gn8yS6ptWBoqB/t7jAQzMw44hQycf5SNnn8QaWiKQJTL FiAeeLlPf8E9vaIQEPe9K2WNYGgdbjPAXgAB+2c31IQpKDu46JCHX8jPKK9yFM2k76st Yr4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature; bh=QEG/EaNbne2aV7OKhHfoYngDByBBcJ0cppuY/pozywQ=; b=E34glgsfJKEGYYqT0+T4HXGOwym1AiFEsjtIYZ2y44dGMhDBNN4bgk7R7vcdQtsZ00 2ISqE1KvV8yKzwPGAUZej8nuqbCRuE1d1Ht8wa0vnHk/+6goX0P+V6SAM0MawP4RD/bM +2j40uDYCqIHD7cPiim2ZdJuNNGCHcgovbuq9EjBk+gtZ0U3TlgD4AzCEKgPs5W1geVt GK0EZr56QfbfV1e2w+EkiQxKqdDRH97Tl1Km3nr4HH1S9nOiBHLZkhxNgdtHws8SiC3Q UpV+uzZjFxRnK0rLuS1izH1Z2EUC3YQWEKZS+66H4pSgTvB8iyMnqYkK36HF2MIsfvIM bCUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=C+3Ew31N; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g24si1556285ejo.355.2019.09.26.11.00.49; Thu, 26 Sep 2019 11:01:14 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=C+3Ew31N; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728466AbfIZR56 (ORCPT + 99 others); Thu, 26 Sep 2019 13:57:58 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:44092 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728003AbfIZR4W (ORCPT ); Thu, 26 Sep 2019 13:56:22 -0400 Received: by mail-pf1-f194.google.com with SMTP id q21so2232462pfn.11 for ; Thu, 26 Sep 2019 10:56:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id; bh=QEG/EaNbne2aV7OKhHfoYngDByBBcJ0cppuY/pozywQ=; b=C+3Ew31NmGJo/s34rbNfqjLTRqvYTUPk4Fzn1v6DxaCv0bUz5Itel2G7bPEbzOO7la fZED90J+wL+qVcUlkffN4PYCPS/j/nBCQCnH3CopXImwLAl74lL+UhVoxl4VitCgKmD2 8kak6FLso8A712fVwjhhMVHLwKEZrzvyynFis= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=QEG/EaNbne2aV7OKhHfoYngDByBBcJ0cppuY/pozywQ=; b=RMUzc4CErgcQ62HkBSeYn2KRd5qPPwOUV5EXsXFk+BtjprhtaGoLEjiauRDZoE9OOO xhvF2UxAfcxfndc/mYmAf73d4+YF4EGo2CLWHbZXa7rFtI4pVA1gpbu3PgHw0WGPeQan 3UxguazlZL2sy8ON2IZgEIXkCBzrEzjxMgKkJwNuzYLs0vNH3LRj6YfxciyG4O9pwa3q CCx1BHZzNuNrSw2kCyWKPEmrV6iaZBJDKBy1spsUXNjBTxkcNdKgQuXH9GCviHxEfXr2 0cjl6B/CYYnTgoXAON88/h6ma0XTUG6bi5WHHfkUPevwn/8RXSI7/rX22vl3tYknJs5O 2VNg== X-Gm-Message-State: APjAAAVy3iXwUTF5aD4O0h3K79UR1C0Bvc9fF5xgs0JT717B9LnRXs05 TwVMiMC7mQCn8BxwRLf5yN0J7Q== X-Received: by 2002:a63:355:: with SMTP id 82mr4552661pgd.81.1569520580971; Thu, 26 Sep 2019 10:56:20 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id q3sm2995021pgj.54.2019.09.26.10.56.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Sep 2019 10:56:17 -0700 (PDT) From: Kees Cook To: Thomas Gleixner Cc: Kees Cook , Rick Edgecombe , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , Dave Hansen , Andy Lutomirski , Arnd Bergmann , linux-arch@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-alpha@vger.kernel.org, linux-ia64@vger.kernel.org, linux-s390@vger.kernel.org, linux-c6x-dev@linux-c6x.org, Yoshinori Sato , Michal Simek , linux-parisc@vger.kernel.org, linux-xtensa@linux-xtensa.org, x86@kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 00/29] vmlinux.lds.h: Refactor EXCEPTION_TABLE and NOTES Date: Thu, 26 Sep 2019 10:55:33 -0700 Message-Id: <20190926175602.33098-1-keescook@chromium.org> X-Mailer: git-send-email 2.17.1 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This series works to move the linker sections for NOTES and EXCEPTION_TABLE into the RO_DATA area, where they belong on most (all?) architectures. The problem being addressed was the discovery by Rick Edgecombe that the exception table was accidentally marked executable while he was developing his execute-only-memory series. When permissions were flipped from readable-and-executable to only-executable, the exception table became unreadable, causing things to explode rather badly. :) Roughly speaking, the steps are: - regularize the linker names for PT_NOTE and PT_LOAD program headers (to "note" and "text" respectively) - regularize restoration of linker section to program header assignment (when PT_NOTE exists) - move NOTES into RO_DATA - finish macro naming conversions for RO_DATA and RW_DATA - move EXCEPTION_TABLE into RO_DATA on architectures where this is clear - clean up some x86-specific reporting of kernel memory resources - switch x86 linker fill byte from x90 (NOP) to 0xcc (INT3), just because I finally realized what that trailing ": 0x9090" meant -- and we should trap, not slide, if execution lands in section padding Since these changes are treewide, I'd love to get architecture-maintainer Acks and either have this live in x86 -tip or in my own tree, however people think it should go. Thanks! -Kees Kees Cook (29): powerpc: Rename "notes" PT_NOTE to "note" powerpc: Remove PT_NOTE workaround powerpc: Rename PT_LOAD identifier "kernel" to "text" alpha: Rename PT_LOAD identifier "kernel" to "text" ia64: Rename PT_LOAD identifier "code" to "text" s390: Move RO_DATA into "text" PT_LOAD Program Header x86: Restore "text" Program Header with dummy section vmlinux.lds.h: Provide EMIT_PT_NOTE to indicate export of .notes vmlinux.lds.h: Move Program Header restoration into NOTES macro vmlinux.lds.h: Move NOTES into RO_DATA vmlinux.lds.h: Replace RODATA with RO_DATA vmlinux.lds.h: Replace RO_DATA_SECTION with RO_DATA vmlinux.lds.h: Replace RW_DATA_SECTION with RW_DATA vmlinux.lds.h: Allow EXCEPTION_TABLE to live in RO_DATA x86: Actually use _etext for end of text segment x86: Move EXCEPTION_TABLE to RO_DATA segment alpha: Move EXCEPTION_TABLE to RO_DATA segment arm64: Move EXCEPTION_TABLE to RO_DATA segment c6x: Move EXCEPTION_TABLE to RO_DATA segment h8300: Move EXCEPTION_TABLE to RO_DATA segment ia64: Move EXCEPTION_TABLE to RO_DATA segment microblaze: Move EXCEPTION_TABLE to RO_DATA segment parisc: Move EXCEPTION_TABLE to RO_DATA segment powerpc: Move EXCEPTION_TABLE to RO_DATA segment xtensa: Move EXCEPTION_TABLE to RO_DATA segment x86/mm: Remove redundant &s on addresses x86/mm: Report which part of kernel image is freed x86/mm: Report actual image regions in /proc/iomem x86: Use INT3 instead of NOP for linker fill bytes arch/alpha/kernel/vmlinux.lds.S | 18 +++++----- arch/arc/kernel/vmlinux.lds.S | 6 ++-- arch/arm/kernel/vmlinux-xip.lds.S | 4 +-- arch/arm/kernel/vmlinux.lds.S | 4 +-- arch/arm64/kernel/vmlinux.lds.S | 9 ++--- arch/c6x/kernel/vmlinux.lds.S | 8 ++--- arch/csky/kernel/vmlinux.lds.S | 5 ++- arch/h8300/kernel/vmlinux.lds.S | 9 ++--- arch/hexagon/kernel/vmlinux.lds.S | 5 ++- arch/ia64/kernel/vmlinux.lds.S | 20 +++++------ arch/m68k/kernel/vmlinux-nommu.lds | 4 +-- arch/m68k/kernel/vmlinux-std.lds | 2 +- arch/m68k/kernel/vmlinux-sun3.lds | 2 +- arch/microblaze/kernel/vmlinux.lds.S | 8 ++--- arch/mips/kernel/vmlinux.lds.S | 15 ++++---- arch/nds32/kernel/vmlinux.lds.S | 5 ++- arch/nios2/kernel/vmlinux.lds.S | 5 ++- arch/openrisc/kernel/vmlinux.lds.S | 7 ++-- arch/parisc/kernel/vmlinux.lds.S | 11 +++--- arch/powerpc/kernel/vmlinux.lds.S | 37 ++++--------------- arch/riscv/kernel/vmlinux.lds.S | 5 ++- arch/s390/kernel/vmlinux.lds.S | 12 +++---- arch/sh/kernel/vmlinux.lds.S | 3 +- arch/sparc/kernel/vmlinux.lds.S | 3 +- arch/um/include/asm/common.lds.S | 3 +- arch/unicore32/kernel/vmlinux.lds.S | 5 ++- arch/x86/include/asm/processor.h | 2 +- arch/x86/include/asm/sections.h | 1 - arch/x86/kernel/setup.c | 12 ++++++- arch/x86/kernel/vmlinux.lds.S | 16 ++++----- arch/x86/mm/init.c | 8 ++--- arch/x86/mm/init_64.c | 16 +++++---- arch/x86/mm/pti.c | 2 +- arch/xtensa/kernel/vmlinux.lds.S | 8 ++--- include/asm-generic/vmlinux.lds.h | 53 ++++++++++++++++++++-------- 35 files changed, 159 insertions(+), 174 deletions(-) -- 2.17.1