Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp4126029pxb; Tue, 2 Nov 2021 04:41:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJydVOCi7GreP3AD59cl1Yr6jMM+8hmB8D63m2H+DaEfMb7CGwhCIz7hUIbU9eXR9cosP4CU X-Received: by 2002:a05:6402:4389:: with SMTP id o9mr18536074edc.57.1635853305496; Tue, 02 Nov 2021 04:41:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635853305; cv=none; d=google.com; s=arc-20160816; b=asqapON/4SVtxdXjmzP/TESGZKJDvx+ywGOcvMjj0hGyM+hWaV8IERgIXZwveiksgC E1RPW7oP2UZ2GuYW0nuViW8vnHYUjUb+cQhNDcKatRvL226Yq/ghO1eG7rEXjAh9nCbq 24RTHbOOhu9N9j7C+u3ApEAcaFhleibpqDDY1n0HTEqZududCpjLjEprKUOgAkRVxYAb 5wi8IOKTongKFN1XQO4sUK+4NQ3d9Vy2BhWLoKWHMxj0ouVUtc7VGqfxdfZCeNy+IU17 RFFELyW3IUge/vHNfOwqT18qCuF5e4WmYiRCypbz+sEqplMfTG4bYstpbnOYPlhwOF8l rHcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version:date :message-id:subject:references:in-reply-to:cc:to:from; bh=X/9l9sN26pNsqYwJdCmE4fXk8MRx7Y/26Ea/8qkCO+g=; b=l9sIbbM1kIVc0OXAqqehYIoLVxYW0sUY4pVLMtDIeRnzSJjPvq/BuPW6uEUm81wFp/ RBR391k4yiAyzFqELjKlyGtIFmFWuX9d0yhHjXhg9w3hDSBfc5S6MHwmhbGC+Ni+xma5 CSLZlfnMKRq2pFzQ5YjphuJIAxc7Ha22zalH83Zor5iJwsB222gOKNann3gQaVlBKMts E5jnMJXmj79pXTUeivOqH7sWxTkQIg0px4yzfNZPQ/zHxmaN0XV/VEps0j9MmCN7huCd HARypPsosmY4Z0gPJCad9hlkRqOHHqhiVXhLiBJocbfzy8ycSwkiiXpjJGFiIe5vl95k wu/w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gb40si4583339ejc.602.2021.11.02.04.41.21; Tue, 02 Nov 2021 04:41:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231817AbhKBLlR (ORCPT + 99 others); Tue, 2 Nov 2021 07:41:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59192 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231451AbhKBLlG (ORCPT ); Tue, 2 Nov 2021 07:41:06 -0400 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [IPv6:2404:9400:2:0:216:3eff:fee2:21ea]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8F2A4C061714 for ; Tue, 2 Nov 2021 04:38:31 -0700 (PDT) Received: from authenticated.ozlabs.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail.ozlabs.org (Postfix) with ESMTPSA id 4Hk7Ff1ZQ4z4xcr; Tue, 2 Nov 2021 22:38:30 +1100 (AEDT) From: Michael Ellerman To: Paul Mackerras , Michael Ellerman , Christophe Leroy , Benjamin Herrenschmidt Cc: linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org In-Reply-To: <3cd40b682fb6f75bb40947b55ca0bac20cb3f995.1634136222.git.christophe.leroy@csgroup.eu> References: <3cd40b682fb6f75bb40947b55ca0bac20cb3f995.1634136222.git.christophe.leroy@csgroup.eu> Subject: Re: [PATCH] powerpc: Mark .opd section read-only Message-Id: <163584789099.1845480.12874546703415674660.b4-ty@ellerman.id.au> Date: Tue, 02 Nov 2021 21:11:30 +1100 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 13 Oct 2021 16:43:54 +0200, Christophe Leroy wrote: > .opd section contains function descriptors used to locate > functions in the kernel. If someone is able to modify a > function descriptor he will be able to run arbitrary > kernel function instead of another. > > To avoid that, move .opd section inside read-only memory. > > [...] Applied to powerpc/next. [1/1] powerpc: Mark .opd section read-only https://git.kernel.org/powerpc/c/3091f5fc5f1df7741ddf326561384e0997eca2a1 cheers