| Message ID | cover.1586332296.git.zong.li@sifive.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Support strict kernel memory permissions for security | expand |
On Wed, 08 Apr 2020 00:56:55 PDT (-0700), zong.li@sifive.com wrote: > The main purpose of this patch series is changing the kernel mapping permission > , make sure that code is not writeable, data is not executable, and read-only > data is neither writable nor executable. > > This patch series also supports the relevant implementations such as > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP, > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX. > > Changes in v5: > - Add lockdep_assert_held and more comments for text_mutex. > > Changes in v4: > - Use NOKPROBE_SYMBOL instead of __kprobe annotation > - Use text_mutex instead of patch_lock > - Remove 'riscv_' prefix of function name > > Changes in v3: > - Fix build error on nommu configuration. We already support nommu on > RISC-V, so we should consider nommu case and test not only rv32/64, > but also nommu. > > Changes in v2: > - Use _data to specify the start of data section with write permission. > - Change ftrace patch text implementaion. > - Separate DEBUG_WX patch to another patchset. > > Zong Li (9): > riscv: add macro to get instruction length > riscv: introduce interfaces to patch kernel code > riscv: patch code by fixmap mapping > riscv: add ARCH_HAS_SET_MEMORY support > riscv: add ARCH_HAS_SET_DIRECT_MAP support > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support > riscv: move exception table immediately after RO_DATA > riscv: add alignment for text, rodata and data sections > riscv: add STRICT_KERNEL_RWX support > > arch/riscv/Kconfig | 6 + > arch/riscv/include/asm/bug.h | 8 ++ > arch/riscv/include/asm/fixmap.h | 2 + > arch/riscv/include/asm/patch.h | 12 ++ > arch/riscv/include/asm/set_memory.h | 48 +++++++ > arch/riscv/kernel/Makefile | 4 +- > arch/riscv/kernel/ftrace.c | 26 ++-- > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++ > arch/riscv/kernel/traps.c | 3 +- > arch/riscv/kernel/vmlinux.lds.S | 11 +- > arch/riscv/mm/Makefile | 2 +- > arch/riscv/mm/init.c | 44 +++++++ > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++ > 13 files changed, 466 insertions(+), 15 deletions(-) > create mode 100644 arch/riscv/include/asm/patch.h > create mode 100644 arch/riscv/include/asm/set_memory.h > create mode 100644 arch/riscv/kernel/patch.c > create mode 100644 arch/riscv/mm/pageattr.c Looks like there are quite a few conflicts here. Do you mind re-spinning the patch set for me? It's a bit early to spin off for-next right now so there might be some more conflicts, but hopefully not too many. Thanks!
Palmer Dabbelt <palmer@dabbelt.com> 於 2020年4月21日 週二 上午2:27寫道: > > On Wed, 08 Apr 2020 00:56:55 PDT (-0700), zong.li@sifive.com wrote: > > The main purpose of this patch series is changing the kernel mapping permission > > , make sure that code is not writeable, data is not executable, and read-only > > data is neither writable nor executable. > > > > This patch series also supports the relevant implementations such as > > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP, > > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX. > > > > Changes in v5: > > - Add lockdep_assert_held and more comments for text_mutex. > > > > Changes in v4: > > - Use NOKPROBE_SYMBOL instead of __kprobe annotation > > - Use text_mutex instead of patch_lock > > - Remove 'riscv_' prefix of function name > > > > Changes in v3: > > - Fix build error on nommu configuration. We already support nommu on > > RISC-V, so we should consider nommu case and test not only rv32/64, > > but also nommu. > > > > Changes in v2: > > - Use _data to specify the start of data section with write permission. > > - Change ftrace patch text implementaion. > > - Separate DEBUG_WX patch to another patchset. > > > > Zong Li (9): > > riscv: add macro to get instruction length > > riscv: introduce interfaces to patch kernel code > > riscv: patch code by fixmap mapping > > riscv: add ARCH_HAS_SET_MEMORY support > > riscv: add ARCH_HAS_SET_DIRECT_MAP support > > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support > > riscv: move exception table immediately after RO_DATA > > riscv: add alignment for text, rodata and data sections > > riscv: add STRICT_KERNEL_RWX support > > > > arch/riscv/Kconfig | 6 + > > arch/riscv/include/asm/bug.h | 8 ++ > > arch/riscv/include/asm/fixmap.h | 2 + > > arch/riscv/include/asm/patch.h | 12 ++ > > arch/riscv/include/asm/set_memory.h | 48 +++++++ > > arch/riscv/kernel/Makefile | 4 +- > > arch/riscv/kernel/ftrace.c | 26 ++-- > > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++ > > arch/riscv/kernel/traps.c | 3 +- > > arch/riscv/kernel/vmlinux.lds.S | 11 +- > > arch/riscv/mm/Makefile | 2 +- > > arch/riscv/mm/init.c | 44 +++++++ > > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++ > > 13 files changed, 466 insertions(+), 15 deletions(-) > > create mode 100644 arch/riscv/include/asm/patch.h > > create mode 100644 arch/riscv/include/asm/set_memory.h > > create mode 100644 arch/riscv/kernel/patch.c > > create mode 100644 arch/riscv/mm/pageattr.c > > Looks like there are quite a few conflicts here. Do you mind re-spinning the > patch set for me? It's a bit early to spin off for-next right now so there > might be some more conflicts, but hopefully not too many. > Sure, let me rebase it and send the next version. Thanks. > Thanks! >
On Tue, Apr 21, 2020 at 11:06 AM Zong Li <zongbox@gmail.com> wrote: > > Palmer Dabbelt <palmer@dabbelt.com> 於 2020年4月21日 週二 上午2:27寫道: > > > > On Wed, 08 Apr 2020 00:56:55 PDT (-0700), zong.li@sifive.com wrote: > > > The main purpose of this patch series is changing the kernel mapping permission > > > , make sure that code is not writeable, data is not executable, and read-only > > > data is neither writable nor executable. > > > > > > This patch series also supports the relevant implementations such as > > > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP, > > > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX. > > > > > > Changes in v5: > > > - Add lockdep_assert_held and more comments for text_mutex. > > > > > > Changes in v4: > > > - Use NOKPROBE_SYMBOL instead of __kprobe annotation > > > - Use text_mutex instead of patch_lock > > > - Remove 'riscv_' prefix of function name > > > > > > Changes in v3: > > > - Fix build error on nommu configuration. We already support nommu on > > > RISC-V, so we should consider nommu case and test not only rv32/64, > > > but also nommu. > > > > > > Changes in v2: > > > - Use _data to specify the start of data section with write permission. > > > - Change ftrace patch text implementaion. > > > - Separate DEBUG_WX patch to another patchset. > > > > > > Zong Li (9): > > > riscv: add macro to get instruction length > > > riscv: introduce interfaces to patch kernel code > > > riscv: patch code by fixmap mapping > > > riscv: add ARCH_HAS_SET_MEMORY support > > > riscv: add ARCH_HAS_SET_DIRECT_MAP support > > > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support > > > riscv: move exception table immediately after RO_DATA > > > riscv: add alignment for text, rodata and data sections > > > riscv: add STRICT_KERNEL_RWX support > > > > > > arch/riscv/Kconfig | 6 + > > > arch/riscv/include/asm/bug.h | 8 ++ > > > arch/riscv/include/asm/fixmap.h | 2 + > > > arch/riscv/include/asm/patch.h | 12 ++ > > > arch/riscv/include/asm/set_memory.h | 48 +++++++ > > > arch/riscv/kernel/Makefile | 4 +- > > > arch/riscv/kernel/ftrace.c | 26 ++-- > > > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++ > > > arch/riscv/kernel/traps.c | 3 +- > > > arch/riscv/kernel/vmlinux.lds.S | 11 +- > > > arch/riscv/mm/Makefile | 2 +- > > > arch/riscv/mm/init.c | 44 +++++++ > > > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++ > > > 13 files changed, 466 insertions(+), 15 deletions(-) > > > create mode 100644 arch/riscv/include/asm/patch.h > > > create mode 100644 arch/riscv/include/asm/set_memory.h > > > create mode 100644 arch/riscv/kernel/patch.c > > > create mode 100644 arch/riscv/mm/pageattr.c > > > > Looks like there are quite a few conflicts here. Do you mind re-spinning the > > patch set for me? It's a bit early to spin off for-next right now so there > > might be some more conflicts, but hopefully not too many. > > > > Sure, let me rebase it and send the next version. Thanks. This series is already merged in Linux kernel and it is available in Linux-5.7-rc2. I don't see the point in rebasing this series or commenting on this series. If you have fixes then send as separate patches based on latest Linux-5.7-rcX release. Regards, Anup
On Tue, Apr 21, 2020 at 2:20 PM Anup Patel <anup@brainfault.org> wrote: > > On Tue, Apr 21, 2020 at 11:06 AM Zong Li <zongbox@gmail.com> wrote: > > > > Palmer Dabbelt <palmer@dabbelt.com> 於 2020年4月21日 週二 上午2:27寫道: > > > > > > On Wed, 08 Apr 2020 00:56:55 PDT (-0700), zong.li@sifive.com wrote: > > > > The main purpose of this patch series is changing the kernel mapping permission > > > > , make sure that code is not writeable, data is not executable, and read-only > > > > data is neither writable nor executable. > > > > > > > > This patch series also supports the relevant implementations such as > > > > ARCH_HAS_SET_MEMORY, ARCH_HAS_SET_DIRECT_MAP, > > > > ARCH_SUPPORTS_DEBUG_PAGEALLOC and DEBUG_WX. > > > > > > > > Changes in v5: > > > > - Add lockdep_assert_held and more comments for text_mutex. > > > > > > > > Changes in v4: > > > > - Use NOKPROBE_SYMBOL instead of __kprobe annotation > > > > - Use text_mutex instead of patch_lock > > > > - Remove 'riscv_' prefix of function name > > > > > > > > Changes in v3: > > > > - Fix build error on nommu configuration. We already support nommu on > > > > RISC-V, so we should consider nommu case and test not only rv32/64, > > > > but also nommu. > > > > > > > > Changes in v2: > > > > - Use _data to specify the start of data section with write permission. > > > > - Change ftrace patch text implementaion. > > > > - Separate DEBUG_WX patch to another patchset. > > > > > > > > Zong Li (9): > > > > riscv: add macro to get instruction length > > > > riscv: introduce interfaces to patch kernel code > > > > riscv: patch code by fixmap mapping > > > > riscv: add ARCH_HAS_SET_MEMORY support > > > > riscv: add ARCH_HAS_SET_DIRECT_MAP support > > > > riscv: add ARCH_SUPPORTS_DEBUG_PAGEALLOC support > > > > riscv: move exception table immediately after RO_DATA > > > > riscv: add alignment for text, rodata and data sections > > > > riscv: add STRICT_KERNEL_RWX support > > > > > > > > arch/riscv/Kconfig | 6 + > > > > arch/riscv/include/asm/bug.h | 8 ++ > > > > arch/riscv/include/asm/fixmap.h | 2 + > > > > arch/riscv/include/asm/patch.h | 12 ++ > > > > arch/riscv/include/asm/set_memory.h | 48 +++++++ > > > > arch/riscv/kernel/Makefile | 4 +- > > > > arch/riscv/kernel/ftrace.c | 26 ++-- > > > > arch/riscv/kernel/patch.c | 128 +++++++++++++++++++ > > > > arch/riscv/kernel/traps.c | 3 +- > > > > arch/riscv/kernel/vmlinux.lds.S | 11 +- > > > > arch/riscv/mm/Makefile | 2 +- > > > > arch/riscv/mm/init.c | 44 +++++++ > > > > arch/riscv/mm/pageattr.c | 187 ++++++++++++++++++++++++++++ > > > > 13 files changed, 466 insertions(+), 15 deletions(-) > > > > create mode 100644 arch/riscv/include/asm/patch.h > > > > create mode 100644 arch/riscv/include/asm/set_memory.h > > > > create mode 100644 arch/riscv/kernel/patch.c > > > > create mode 100644 arch/riscv/mm/pageattr.c > > > > > > Looks like there are quite a few conflicts here. Do you mind re-spinning the > > > patch set for me? It's a bit early to spin off for-next right now so there > > > might be some more conflicts, but hopefully not too many. > > > > > > > Sure, let me rebase it and send the next version. Thanks. > > This series is already merged in Linux kernel and it is available > in Linux-5.7-rc2. > > I don't see the point in rebasing this series or commenting on > this series. > > If you have fixes then send as separate patches based on > latest Linux-5.7-rcX release. > Yes, I would send the separate patches for the difference from the merged version. Thanks. > Regards, > Anup