From patchwork Fri Oct 4 07:50:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Russell Currey X-Patchwork-Id: 1171598 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46l2KF5p1gz9sPq for ; Fri, 4 Oct 2019 17:57:21 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="WmvP+8v0"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="mFPAc+GO"; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46l2KF4nG1zDqcF for ; Fri, 4 Oct 2019 17:57:21 +1000 (AEST) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=russell.cc (client-ip=64.147.123.24; helo=wout1-smtp.messagingengine.com; envelope-from=ruscur@russell.cc; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="WmvP+8v0"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="mFPAc+GO"; dkim-atps=neutral Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46l2BZ6TsPzDqbk for ; Fri, 4 Oct 2019 17:51:28 +1000 (AEST) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 00FCA51D; Fri, 4 Oct 2019 03:51:25 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Fri, 04 Oct 2019 03:51:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm3; bh=2+HlUQKeP5NUw AG28BrzwAWEjn5cqHZMQi5EL+7gFgI=; b=WmvP+8v0jgZcuNaAlcJ6vUahsqOck MhIQq74GDHHI7SQX1b7KQs0zuqXg/q7mdAq4glTHM99tGdtRk048KRC8UyP3YwjK IOWySHExsPmJN53eGgEEOCYfTSp2XMliZyzKXIsysOkE5TvYduu959rDFF4FffIR 0BQcP2qSMwOkF+sE8qd/x2BjBX2p2nlkEB+cPdYvuJMUnVGdeVTHOsChSk1d2n46 2q9N7EsF/5yGMBr1B74vDNOyuNktYlpYmVM5YRLAg9mxN3gc4/NfPVY0CvD0RwVJ YbsS6LNHN+aMUCGSWgfYWZuJYTM9jA8FsILKXxEcfhKSUbtBDCPGAaMyA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=2+HlUQKeP5NUwAG28BrzwAWEjn5cqHZMQi5EL+7gFgI=; b=mFPAc+GO xU/bI5PvCOwzRDoAtnv8dV+B6WhaXKj9Z9cDY5qqRVJ/G7bnHtwm8hCVA842u38+ L1WqY3ARCLxh3SWwrckfp17W/z11cQkfD+HBC6JHMXzEARKmZcB625VqYfjoW4sP DV8E82bK9oOxRwWn52J75jY+BYMJZURqfKTHe5SC1Z0Gk/1Dikpg4JcGzWwSo6Po ZvRfhJUPGz/l7g40sjaA4B7FASlORMIIv7Xhm8gjPROd+8fRte07Mq140rnQ2xwk 0HCyQ8frSgJzCZcv5/phqwmKnD7eMPJq6Fy5FeP5WiIWmegHkl2vFucXbTUf8v19 ipfvQWqPRS1NLA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrhedtgdehlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdeftddmnecujfgurhephffvuf ffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpeftuhhsshgvlhhlucevuhhrrhgv hicuoehruhhstghurhesrhhushhsvghllhdrtggtqeenucfkphepuddvvddrleelrdekvd druddtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvghllhdr tggtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from crackle.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 776BE80061; Fri, 4 Oct 2019 03:51:22 -0400 (EDT) From: Russell Currey To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v3 1/4] powerpc/mm: Implement set_memory() routines Date: Fri, 4 Oct 2019 17:50:47 +1000 Message-Id: <20191004075050.73327-2-ruscur@russell.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191004075050.73327-1-ruscur@russell.cc> References: <20191004075050.73327-1-ruscur@russell.cc> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, npiggin@gmail.com, joel@jms.id.au, Russell Currey , rashmica.g@gmail.com, dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" The set_memory_{ro/rw/nx/x}() functions are required for STRICT_MODULE_RWX, and are generally useful primitives to have. This implementation is designed to be completely generic across powerpc's many MMUs. It's possible that this could be optimised to be faster for specific MMUs, but the focus is on having a generic and safe implementation for now. Signed-off-by: Russell Currey --- arch/powerpc/Kconfig | 1 + arch/powerpc/include/asm/set_memory.h | 32 ++++++++++++++ arch/powerpc/mm/Makefile | 1 + arch/powerpc/mm/pageattr.c | 60 +++++++++++++++++++++++++++ 4 files changed, 94 insertions(+) create mode 100644 arch/powerpc/include/asm/set_memory.h create mode 100644 arch/powerpc/mm/pageattr.c diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 3e56c9c2f16e..8f7005f0d097 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -133,6 +133,7 @@ config PPC select ARCH_HAS_PTE_SPECIAL select ARCH_HAS_MEMBARRIER_CALLBACKS select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 + select ARCH_HAS_SET_MEMORY select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !RELOCATABLE && !HIBERNATION) select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST select ARCH_HAS_UACCESS_FLUSHCACHE diff --git a/arch/powerpc/include/asm/set_memory.h b/arch/powerpc/include/asm/set_memory.h new file mode 100644 index 000000000000..5230ddb2fefd --- /dev/null +++ b/arch/powerpc/include/asm/set_memory.h @@ -0,0 +1,32 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_POWERPC_SET_MEMORY_H +#define _ASM_POWERPC_SET_MEMORY_H + +#define SET_MEMORY_RO 1 +#define SET_MEMORY_RW 2 +#define SET_MEMORY_NX 3 +#define SET_MEMORY_X 4 + +int change_memory_attr(unsigned long addr, int numpages, int action); + +static inline int set_memory_ro(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_RO); +} + +static inline int set_memory_rw(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_RW); +} + +static inline int set_memory_nx(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_NX); +} + +static inline int set_memory_x(unsigned long addr, int numpages) +{ + return change_memory_attr(addr, numpages, SET_MEMORY_X); +} + +#endif diff --git a/arch/powerpc/mm/Makefile b/arch/powerpc/mm/Makefile index 5e147986400d..d0a0bcbc9289 100644 --- a/arch/powerpc/mm/Makefile +++ b/arch/powerpc/mm/Makefile @@ -20,3 +20,4 @@ obj-$(CONFIG_HIGHMEM) += highmem.o obj-$(CONFIG_PPC_COPRO_BASE) += copro_fault.o obj-$(CONFIG_PPC_PTDUMP) += ptdump/ obj-$(CONFIG_KASAN) += kasan/ +obj-$(CONFIG_ARCH_HAS_SET_MEMORY) += pageattr.o diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c new file mode 100644 index 000000000000..fe3ecbfb8e10 --- /dev/null +++ b/arch/powerpc/mm/pageattr.c @@ -0,0 +1,60 @@ +// SPDX-License-Identifier: GPL-2.0 + +/* + * MMU-generic set_memory implementation for powerpc + * + * Author: Russell Currey + * + * Copyright 2019, IBM Corporation. + */ + +#include +#include + +#include +#include +#include + +static int change_page_attr(pte_t *ptep, unsigned long addr, void *data) +{ + int action = *((int *)data); + pte_t pte_val; + + // invalidate the PTE so it's safe to modify + pte_val = ptep_get_and_clear(&init_mm, addr, ptep); + flush_tlb_kernel_range(addr, addr + PAGE_SIZE); + + // modify the PTE bits as desired, then apply + switch (action) { + case SET_MEMORY_RO: + pte_val = pte_wrprotect(pte_val); + break; + case SET_MEMORY_RW: + pte_val = pte_mkwrite(pte_val); + break; + case SET_MEMORY_NX: + pte_val = pte_exprotect(pte_val); + break; + case SET_MEMORY_X: + pte_val = pte_mkexec(pte_val); + break; + default: + WARN_ON(true); + return -EINVAL; + } + + set_pte_at(&init_mm, addr, ptep, pte_val); + + return 0; +} + +int change_memory_attr(unsigned long addr, int numpages, int action) +{ + unsigned long start = ALIGN_DOWN(addr, PAGE_SIZE); + unsigned long size = numpages * PAGE_SIZE; + + if (!numpages) + return 0; + + return apply_to_page_range(&init_mm, start, size, change_page_attr, &action); +} From patchwork Fri Oct 4 07:50:48 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Russell Currey X-Patchwork-Id: 1171597 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46l2Gx2m40z9sPw for ; Fri, 4 Oct 2019 17:55:21 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="Gt4jIzSc"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="XxRBTMbV"; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46l2Gw2BRJzDqXV for ; Fri, 4 Oct 2019 17:55:20 +1000 (AEST) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=russell.cc (client-ip=64.147.123.24; helo=wout1-smtp.messagingengine.com; envelope-from=ruscur@russell.cc; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="Gt4jIzSc"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="XxRBTMbV"; dkim-atps=neutral Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46l2Bb3FJHzDqbm for ; Fri, 4 Oct 2019 17:51:32 +1000 (AEST) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 92613527; Fri, 4 Oct 2019 03:51:29 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Fri, 04 Oct 2019 03:51:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm3; bh=84GAe97wSSrJ+ RLtJE/uwAKdBCLCrrIFVnAIva0xZlw=; b=Gt4jIzSceMH89g7CK4vVme7Pn+wv8 Y8y1VZxjQ89NGMI2qAPx5orArDtPfYBEibxKQKkgN/VYlT8fbEI1wzUOJmcbvKFu 6j06uco9gA2dCdvhvMO/iQof2hmsz4SQ/k3TGmjK4qqaWAgMinwRlTaCZzxO2JIL 5OGM0bEqMtmdlGo8VHvlJlZQHN8cTLUePeXO9bxKqi1d3/UWeu+RueQTuluK283X 0hZFSrrVXBum0nKgAt3uRhKYJFHx+1pIyB/mn9UynlZVeixRk9UgW7I/5NLeHOvs lCSGA3c0Xy9oj5XnsY3AmIHqo9VTwV7SNXzmfpQrxro4KAbikdWMJAl+w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=84GAe97wSSrJ+RLtJE/uwAKdBCLCrrIFVnAIva0xZlw=; b=XxRBTMbV KYeFcOPaQ25G/uC7wnMlGtjT0Zzwhsgi3VNX/7NjUSKk1tMJ2guYB2UmNMllvqsE 526/Jf8CbZbu5umNIh0VfO2d/YT6V0O1CkisQQrxMXATsKfbbNgthNlPZ2LQELT4 rzASmncGSWyRupOcNZ5Gjg+b0pwez97bJeYtOw11bXM7BQaJzlk19C4EnNxyXmO4 uTe7wiWEM+CJnereLzdJjGt75wucKlvIrf1ioWpw0kNwfYHoeYfS8wkKIcaB6SDH d5QkkzXNpJBE1GjRn8PKzzqm9TqQLEVz5gn8P/3tqB5lfOpwL/3prHnal3BBQgXD +DDPmP2iYVut5w== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrhedtgdehlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdeftddmnecujfgurhephffvuf ffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpeftuhhsshgvlhhlucevuhhrrhgv hicuoehruhhstghurhesrhhushhsvghllhdrtggtqeenucfkphepuddvvddrleelrdekvd druddtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvghllhdr tggtnecuvehluhhsthgvrhfuihiivgepud X-ME-Proxy: Received: from crackle.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 17A5E80064; Fri, 4 Oct 2019 03:51:25 -0400 (EDT) From: Russell Currey To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v3 2/4] powerpc/kprobes: Mark newly allocated probes as RO Date: Fri, 4 Oct 2019 17:50:48 +1000 Message-Id: <20191004075050.73327-3-ruscur@russell.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191004075050.73327-1-ruscur@russell.cc> References: <20191004075050.73327-1-ruscur@russell.cc> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, npiggin@gmail.com, joel@jms.id.au, Russell Currey , rashmica.g@gmail.com, dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" With CONFIG_STRICT_KERNEL_RWX=y and CONFIG_KPROBES=y, there will be one W+X page at boot by default. This can be tested with CONFIG_PPC_PTDUMP=y and CONFIG_PPC_DEBUG_WX=y set, and checking the kernel log during boot. powerpc doesn't implement its own alloc() for kprobes like other architectures do, but we couldn't immediately mark RO anyway since we do a memcpy to the page we allocate later. After that, nothing should be allowed to modify the page, and write permissions are removed well before the kprobe is armed. Signed-off-by: Russell Currey --- arch/powerpc/kernel/kprobes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/powerpc/kernel/kprobes.c b/arch/powerpc/kernel/kprobes.c index 2d27ec4feee4..2610496de7c7 100644 --- a/arch/powerpc/kernel/kprobes.c +++ b/arch/powerpc/kernel/kprobes.c @@ -24,6 +24,7 @@ #include #include #include +#include DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL; DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk); @@ -131,6 +132,8 @@ int arch_prepare_kprobe(struct kprobe *p) (unsigned long)p->ainsn.insn + sizeof(kprobe_opcode_t)); } + set_memory_ro((unsigned long)p->ainsn.insn, 1); + p->ainsn.boostable = 0; return ret; } From patchwork Fri Oct 4 07:50:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Russell Currey X-Patchwork-Id: 1171596 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46l2DX40q0z9sPq for ; Fri, 4 Oct 2019 17:53:16 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="cPFMyuF6"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="OXRlT0pj"; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46l2DX2Y91zDqby for ; Fri, 4 Oct 2019 17:53:16 +1000 (AEST) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=russell.cc (client-ip=64.147.123.24; helo=wout1-smtp.messagingengine.com; envelope-from=ruscur@russell.cc; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="cPFMyuF6"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="OXRlT0pj"; dkim-atps=neutral Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46l2Bb4DBJzDqbq for ; Fri, 4 Oct 2019 17:51:35 +1000 (AEST) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id EBECD528; Fri, 4 Oct 2019 03:51:32 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Fri, 04 Oct 2019 03:51:33 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm3; bh=g9XZdQcihsL+T J0g40gPwfSRXv7Xn33lm7ZkFfhvlr8=; b=cPFMyuF6x1Gt5X1r0XiOrLe1sDKXQ mZiDQcjAK2je2Qa8WOEpQv7HP7wZe7ancmiXBjKp0NzoHbeDvQ77pxnyW2oLvM2l J/ktGQkDJa1Mt+pD2ZFwBC0kXfc76iL6w8I0LVaFhxnfTDkqdXCKrbi3BnahuADB vb8RG+QVm4G9McgLlNYVlaOh3jj7qcS2uP3EayM3nktigmqrsHLpmm8Rj3xFG7ts s14ZgQswBOpZXSlJwiIACrCtZpMXY4RNxL286JGV6jhaM2roWjfeXTrxj0elLKhX njMbzbtHAYun/bLeTBTFyJ4EfFu6+EOj/Kwgwmn1PLeV+JMCtpKW/XiCg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=g9XZdQcihsL+TJ0g40gPwfSRXv7Xn33lm7ZkFfhvlr8=; b=OXRlT0pj vjznrR0DQSNO5ZvEiUhM/c3A189OFEF4+XbTbePzR4Hp1dBFsEcW632wZj+xVXiA Hzd3VeAx67sPZruYkDy+kyH3c6tG4UKynugi0LLk4CDToQLSdXcPBbj7pQPN+jJS 4fNzvWXXquZZiuy2ykLJA+vMmWDRXiCSpmJzVLPvDM5aFm90LhS+fFC04IkSor6I IWKANxtHUpK3rjmAmX1qLenoWiQ8LUAa7bkONqibpQzgGeASFKwtwp70NG998CLc VEWO/QHZ0Bklrk+w+4N1WCFZhDtUcYxpZgKJ1XGQq1F8+LTD0bknXg0nYdbIXQ4V NIN4fxZAuQaGQw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrhedtgdehlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdeftddmnecujfgurhephffvuf ffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpeftuhhsshgvlhhlucevuhhrrhgv hicuoehruhhstghurhesrhhushhsvghllhdrtggtqeenucfkphepuddvvddrleelrdekvd druddtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvghllhdr tggtnecuvehluhhsthgvrhfuihiivgepud X-ME-Proxy: Received: from crackle.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id 71CB88005C; Fri, 4 Oct 2019 03:51:29 -0400 (EDT) From: Russell Currey To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v3 3/4] powerpc/mm/ptdump: debugfs handler for W+X checks at runtime Date: Fri, 4 Oct 2019 17:50:49 +1000 Message-Id: <20191004075050.73327-4-ruscur@russell.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191004075050.73327-1-ruscur@russell.cc> References: <20191004075050.73327-1-ruscur@russell.cc> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, npiggin@gmail.com, joel@jms.id.au, Russell Currey , rashmica.g@gmail.com, dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Very rudimentary, just echo 1 > [debugfs]/check_wx_pages and check the kernel log. Useful for testing strict module RWX. Also fixed a typo. Signed-off-by: Russell Currey --- arch/powerpc/mm/ptdump/ptdump.c | 31 +++++++++++++++++++++++++------ 1 file changed, 25 insertions(+), 6 deletions(-) diff --git a/arch/powerpc/mm/ptdump/ptdump.c b/arch/powerpc/mm/ptdump/ptdump.c index 2f9ddc29c535..0547cd9f264e 100644 --- a/arch/powerpc/mm/ptdump/ptdump.c +++ b/arch/powerpc/mm/ptdump/ptdump.c @@ -4,7 +4,7 @@ * * This traverses the kernel pagetables and dumps the * information about the used sections of memory to - * /sys/kernel/debug/kernel_pagetables. + * /sys/kernel/debug/kernel_page_tables. * * Derived from the arm64 implementation: * Copyright (c) 2014, The Linux Foundation, Laura Abbott. @@ -409,16 +409,35 @@ void ptdump_check_wx(void) else pr_info("Checked W+X mappings: passed, no W+X pages found\n"); } + +static int check_wx_debugfs_set(void *data, u64 val) +{ + if (val != 1ULL) + return -EINVAL; + + ptdump_check_wx(); + + return 0; +} + +DEFINE_SIMPLE_ATTRIBUTE(check_wx_fops, NULL, check_wx_debugfs_set, "%llu\n"); #endif static int ptdump_init(void) { - struct dentry *debugfs_file; - populate_markers(); build_pgtable_complete_mask(); - debugfs_file = debugfs_create_file("kernel_page_tables", 0400, NULL, - NULL, &ptdump_fops); - return debugfs_file ? 0 : -ENOMEM; + + if (!debugfs_create_file("kernel_page_tables", 0400, NULL, + NULL, &ptdump_fops)) + return -ENOMEM; + +#ifdef CONFIG_PPC_DEBUG_WX + if (!debugfs_create_file("check_wx_pages", 0200, NULL, + NULL, &check_wx_fops)) + return -ENOMEM; +#endif + + return 0; } device_initcall(ptdump_init); From patchwork Fri Oct 4 07:50:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Russell Currey X-Patchwork-Id: 1171602 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 46l2Pz5l2sz9sPw for ; Fri, 4 Oct 2019 18:01:27 +1000 (AEST) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="Dg9Djbf/"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="hLaaM5jx"; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 46l2Pz4h8WzDqcj for ; Fri, 4 Oct 2019 18:01:27 +1000 (AEST) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=russell.cc (client-ip=64.147.123.24; helo=wout1-smtp.messagingengine.com; envelope-from=ruscur@russell.cc; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=russell.cc Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=russell.cc header.i=@russell.cc header.b="Dg9Djbf/"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="hLaaM5jx"; dkim-atps=neutral Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 46l2Bf72rQzDqbk for ; Fri, 4 Oct 2019 17:51:38 +1000 (AEST) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 51C8E52D; Fri, 4 Oct 2019 03:51:36 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Fri, 04 Oct 2019 03:51:36 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm3; bh=zIJvcs+zIUjZ8 LxbvoggHqZjSIKDAr2YAIXC3G/ShgU=; b=Dg9Djbf/Fus47p4nx2rhh06INfmTI TWa2D6hz+BWWFqIQDUVTCVUWM2odDh0fJP9egSox4Pm0+4FXQ7HJ8v21Ig8ngo4x 7OCx20U5NPwro6841X5n46GmEQrQVSbwnGQM3q2Ns5zDauqaGxif1i65QJzoCnYD 51RyFRp7euoPZcEjf8m+zVUJAobOZbCN3zHG/0xARmukZ1LtSyIC1/4cGw5ChfxE zG8KLgsq3OXp02Sjmt0+B0a9XChH5hLhjHTMplCXbSm1aKifUOku5U1B7NqeJc2p qbsBnrUmblXttEEx8jLUGzfjwlukYqp3DpkrqMSptqzhznfmI8hLDF0Nw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=zIJvcs+zIUjZ8LxbvoggHqZjSIKDAr2YAIXC3G/ShgU=; b=hLaaM5jx LqIhTTr0IG4s73qB/CjM2cDiJN0aLeBGl7OVv2vdccyjF60SOq4LKkl8aSJP3ygq Mn2dn0CPmZo0I/2jKNSRlLjlESuIChxMiCq2w5lwrwyFydDlwHX3x4dTl1AcbQJs Pe/Q7N1UmIlnSuouVXysPZm1Z5YILivhjZ2xV4bkz1NZQ70u08Enyd8/QtJYYEdm wKMXkmdr3DrAomqpHaxxJXFxlytJ/nGflpzTFlQlTwaONwSQwBhaL7s/3S16Rmz8 gXqW2MfCdOiuuWhXnyD9Fd5RLfaMcTYY5vb/0Rzq7atqcEItrcECJYg+lNk8/CFx 8kjplprZnn8ALw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrhedtgdehlecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecufghrlhcuvffnffculdeftddmnecujfgurhephffvuf ffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpeftuhhsshgvlhhlucevuhhrrhgv hicuoehruhhstghurhesrhhushhsvghllhdrtggtqeenucfkphepuddvvddrleelrdekvd druddtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvghllhdr tggtnecuvehluhhsthgvrhfuihiivgepfe X-ME-Proxy: Received: from crackle.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id CC11D80061; Fri, 4 Oct 2019 03:51:32 -0400 (EDT) From: Russell Currey To: linuxppc-dev@lists.ozlabs.org Subject: [PATCH v3 4/4] powerpc: Enable STRICT_MODULE_RWX Date: Fri, 4 Oct 2019 17:50:50 +1000 Message-Id: <20191004075050.73327-5-ruscur@russell.cc> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20191004075050.73327-1-ruscur@russell.cc> References: <20191004075050.73327-1-ruscur@russell.cc> MIME-Version: 1.0 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: ajd@linux.ibm.com, npiggin@gmail.com, joel@jms.id.au, Russell Currey , rashmica.g@gmail.com, dja@axtens.net Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Whether STRICT_MODULE_RWX is enabled by default depends on powerpc platform - in arch/Kconfig, STRICT_MODULE_RWX depends on ARCH_OPTIONAL_KERNEL_RWX, which in arch/powerpc/Kconfig is selected if ARCH_HAS_STRICT_KERNEL_RWX is selected, which is only true with CONFIG_RELOCATABLE *disabled*. defconfigs like skiroot_defconfig which turn STRICT_KERNEL_RWX on when it is not already on by default also do NOT enable STRICT_MODULE_RWX automatically, so it is explicitly enabled there in this patch. Thus, on by default for ppc32 only. Module RWX doesn't provide a whole lot of value with Kernel RWX off, but it doesn't hurt, either. The next step is to make STRICT_KERNEL_RWX compatible with RELOCATABLE so it can be on by default. Signed-off-by: Russell Currey Tested-by: Daniel Axtens # e6500 --- arch/powerpc/Kconfig | 1 + arch/powerpc/configs/skiroot_defconfig | 1 + 2 files changed, 2 insertions(+) diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 8f7005f0d097..212c4d02be40 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -135,6 +135,7 @@ config PPC select ARCH_HAS_SCALED_CPUTIME if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64 select ARCH_HAS_SET_MEMORY select ARCH_HAS_STRICT_KERNEL_RWX if ((PPC_BOOK3S_64 || PPC32) && !RELOCATABLE && !HIBERNATION) + select ARCH_HAS_STRICT_MODULE_RWX select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST select ARCH_HAS_UACCESS_FLUSHCACHE select ARCH_HAS_UACCESS_MCSAFE if PPC64 diff --git a/arch/powerpc/configs/skiroot_defconfig b/arch/powerpc/configs/skiroot_defconfig index 1253482a67c0..719d899081b3 100644 --- a/arch/powerpc/configs/skiroot_defconfig +++ b/arch/powerpc/configs/skiroot_defconfig @@ -31,6 +31,7 @@ CONFIG_PERF_EVENTS=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_JUMP_LABEL=y CONFIG_STRICT_KERNEL_RWX=y +CONFIG_STRICT_MODULE_RWX=y CONFIG_MODULES=y CONFIG_MODULE_UNLOAD=y CONFIG_MODULE_SIG=y