Received: by 2002:a05:6358:bb9e:b0:b9:5105:a5b4 with SMTP id df30csp4172566rwb;
        Tue, 6 Sep 2022 03:49:49 -0700 (PDT)
X-Google-Smtp-Source: AA6agR67Io15lphcizmp6oUSHd8/dXvr6cYAqF2E/77uh79EZtY+2AHzKdvSMlwcwh6R6YLHfYec
X-Received: by 2002:a17:902:ef45:b0:174:3ad8:7aec with SMTP id e5-20020a170902ef4500b001743ad87aecmr54333216plx.128.1662461389727;
        Tue, 06 Sep 2022 03:49:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1662461389; cv=none;
        d=google.com; s=arc-20160816;
        b=NFCtclvnFKOUoeQz1c7Ne3GR5Y/dwBTIXuiK505su7BFrmG1wS7/GWXny90NydkbxT
         UzRETx7u1oJF548rtALeTSEnc7tNPSe5fkpKi0r5rSlfMm7cZtA0UnuxjeiGnHBzMKyb
         8e0ToSDKHUYQ/YAw//40ew2BQtvuB2SsGVXulw7pmD0QEjBFHviqb4+tQtsLJvb/mwdJ
         +DtTFoxfNavBRDGtrtvJM9xcn3RbKBMaosP/x9j9gqNDAYK96TSUgtFdhK9Kd7dgdPuQ
         ZCAczdsM/7V1GB2+0u7rhow/6bHZVxjZwjpMutIbfWvWEqu1b5VYpDKG55l6H6/4jjw/
         7eJg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=c1zOHnFb3R8I9JNLdUnum7yB+wVl6BsPhvpNFf4a1WY=;
        b=PYRuMCU8YFPKKS6WzaCoXEWid4YzzJC0S3xB/v/pjE5E7AJclELg1DZIstTWM/XWDh
         7uPi3AMza7WWHyrPUJ8EZk+f26I5osSYg13D9jSkareK94yEkqiIRZf/VyEVT9ckm58D
         uSn3NG9/VKxK6b3MZhpfwHZbzA3KZLprOCTOjRNdLGmQYVeZkJH1ffurjL2lioeS3aVM
         ORsNyotqoEdgasUwSeE2oYlEtrc/Lj48mrJLbuEQB03lyS4wXAC4PGqlip52l9zJ3eHf
         iaiXMi/T1gmH7Sk4LoMh3bOPR2LksIO27MNesoJkAts7J8rQkLxBEiXXKk4fVWQxemKt
         2o/A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id n4-20020a634004000000b00414de676c21si13028340pga.649.2022.09.06.03.49.38;
        Tue, 06 Sep 2022 03:49:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S239279AbiIFKmB (ORCPT <rfc822;android.linux@gmail.com>
        + 99 others); Tue, 6 Sep 2022 06:42:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56742 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234031AbiIFKlp (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 6 Sep 2022 06:41:45 -0400
Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDF145F9A9;
        Tue,  6 Sep 2022 03:41:43 -0700 (PDT)
Received: from localhost.localdomain (unknown [83.149.199.65])
        by mail.ispras.ru (Postfix) with ESMTPSA id 51A69407624F;
        Tue,  6 Sep 2022 10:41:38 +0000 (UTC)
From:   Evgeniy Baskov <baskov@ispras.ru>
To:     Ard Biesheuvel <ardb@kernel.org>
Cc:     Evgeniy Baskov <baskov@ispras.ru>, Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Ingo Molnar <mingo@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Alexey Khoroshilov <khoroshilov@ispras.ru>,
        lvc-project@linuxtesting.org, x86@kernel.org,
        linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org,
        linux-hardening@vger.kernel.org
Subject: [PATCH 02/16] x86/build: Remove RWX sections and align on 4KB
Date:   Tue,  6 Sep 2022 13:41:06 +0300
Message-Id: <aac3ce7c5aa706269d468fbe16129ee383deac2e.1662459668.git.baskov@ispras.ru>
X-Mailer: git-send-email 2.35.1
In-Reply-To: <cover.1662459668.git.baskov@ispras.ru>
References: <cover.1662459668.git.baskov@ispras.ru>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
        SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Avoid creating sections with maximal privileges to prepare for W^X
implementation. Align sections on page size (4KB) to allow protecting
them in page table.

Signed-off-by: Evgeniy Baskov <baskov@ispras.ru>
---
 arch/x86/kernel/vmlinux.lds.S | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 15f29053cec4..6587e0201b50 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -102,12 +102,11 @@ jiffies = jiffies_64;
 PHDRS {
 	text PT_LOAD FLAGS(5);          /* R_E */
 	data PT_LOAD FLAGS(6);          /* RW_ */
-#ifdef CONFIG_X86_64
-#ifdef CONFIG_SMP
+#if defined(CONFIG_X86_64) && defined(CONFIG_SMP)
 	percpu PT_LOAD FLAGS(6);        /* RW_ */
 #endif
-	init PT_LOAD FLAGS(7);          /* RWE */
-#endif
+	inittext PT_LOAD FLAGS(5);      /* R_E */
+	init PT_LOAD FLAGS(6);          /* RW_ */
 	note PT_NOTE FLAGS(0);          /* ___ */
 }
 
@@ -226,9 +225,10 @@ SECTIONS
 #endif
 
 	INIT_TEXT_SECTION(PAGE_SIZE)
-#ifdef CONFIG_X86_64
-	:init
-#endif
+	:inittext
+
+	. = ALIGN(PAGE_SIZE);
+
 
 	/*
 	 * Section for code used exclusively before alternatives are run. All
@@ -240,6 +240,7 @@ SECTIONS
 	.altinstr_aux : AT(ADDR(.altinstr_aux) - LOAD_OFFSET) {
 		*(.altinstr_aux)
 	}
+	:init
 
 	INIT_DATA_SECTION(16)
 
-- 
2.35.1