diff mbox series

x86: Disable EXECMEM_ROX support

Message ID 20250113112934.GA8385@noisy.programming.kicks-ass.net (mailing list archive)
State New
Headers show
Series x86: Disable EXECMEM_ROX support | expand

Checks

Context Check Description
mcgrof/vmtest-modules-next-PR fail PR summary
mcgrof/vmtest-modules-next-VM_Test-0 success Logs for Run CI tests
mcgrof/vmtest-modules-next-VM_Test-2 success Logs for setup / Setup kdevops environment
mcgrof/vmtest-modules-next-VM_Test-1 success Logs for cleanup / Archive results and cleanup

Commit Message

Peter Zijlstra Jan. 13, 2025, 11:29 a.m. UTC
On Mon, Jan 13, 2025 at 12:11:16PM +0100, Peter Zijlstra wrote:

> There's definiltely breakage with that module_writable_address()
> nonsense in alternative.c that will not be fixed by that patch.
> 
> The very simplest thing at this point is to remove:
> 
>      select ARCH_HAS_EXECMEM_ROX             if X86_64
> 
> and try again next cycle.

Boris asked I send it as a proper patch, so here goes. Perhaps next time
let x86 merge x86 code :/

---
Subject: x86: Disable EXECMEM_ROX support

The whole module_writable_address() nonsense made a giant mess of
alternative.c, not to mention it still contains bugs -- notable some of the CFI
variants crash and burn.

Mike has been working on patches to clean all this up again, but given the
current state of things, this stuff just isn't ready.

Disable for now, lets try again next cycle.

Fixes: 5185e7f9f3bd ("x86/module: enable ROX caches for module text on 64 bit")
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
---
 arch/x86/Kconfig | 1 -
 1 file changed, 1 deletion(-)

Comments

Borislav Petkov Jan. 13, 2025, 11:51 a.m. UTC | #1
On Mon, Jan 13, 2025 at 12:29:34PM +0100, Peter Zijlstra wrote:
> On Mon, Jan 13, 2025 at 12:11:16PM +0100, Peter Zijlstra wrote:
> 
> > There's definiltely breakage with that module_writable_address()
> > nonsense in alternative.c that will not be fixed by that patch.
> > 
> > The very simplest thing at this point is to remove:
> > 
> >      select ARCH_HAS_EXECMEM_ROX             if X86_64
> > 
> > and try again next cycle.
> 
> Boris asked I send it as a proper patch, so here goes. Perhaps next time
> let x86 merge x86 code :/

I just love it how this went in without a single x86 maintainer Ack, it broke
a bunch of things and then it is still there instead of getting reverted.

Let's not do this again please.
Ville Syrjälä Jan. 13, 2025, 3:47 p.m. UTC | #2
On Mon, Jan 13, 2025 at 12:29:34PM +0100, Peter Zijlstra wrote:
> On Mon, Jan 13, 2025 at 12:11:16PM +0100, Peter Zijlstra wrote:
> 
> > There's definiltely breakage with that module_writable_address()
> > nonsense in alternative.c that will not be fixed by that patch.
> > 
> > The very simplest thing at this point is to remove:
> > 
> >      select ARCH_HAS_EXECMEM_ROX             if X86_64
> > 
> > and try again next cycle.
> 
> Boris asked I send it as a proper patch, so here goes. Perhaps next time
> let x86 merge x86 code :/
> 
> ---
> Subject: x86: Disable EXECMEM_ROX support
> 
> The whole module_writable_address() nonsense made a giant mess of
> alternative.c, not to mention it still contains bugs -- notable some of the CFI
> variants crash and burn.
> 
> Mike has been working on patches to clean all this up again, but given the
> current state of things, this stuff just isn't ready.
> 
> Disable for now, lets try again next cycle.
> 
> Fixes: 5185e7f9f3bd ("x86/module: enable ROX caches for module text on 64 bit")
> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
> ---
>  arch/x86/Kconfig | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 9d7bd0ae48c4..ef6cfea9df73 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -83,7 +83,6 @@ config X86
>  	select ARCH_HAS_DMA_OPS			if GART_IOMMU || XEN
>  	select ARCH_HAS_EARLY_DEBUG		if KGDB
>  	select ARCH_HAS_ELF_RANDOMIZE
> -	select ARCH_HAS_EXECMEM_ROX		if X86_64
>  	select ARCH_HAS_FAST_MULTIPLIER
>  	select ARCH_HAS_FORTIFY_SOURCE
>  	select ARCH_HAS_GCOV_PROFILE_ALL

This one works for my hibernate woes.

In case you want it:
Tested-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
diff mbox series

Patch

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 9d7bd0ae48c4..ef6cfea9df73 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -83,7 +83,6 @@  config X86
 	select ARCH_HAS_DMA_OPS			if GART_IOMMU || XEN
 	select ARCH_HAS_EARLY_DEBUG		if KGDB
 	select ARCH_HAS_ELF_RANDOMIZE
-	select ARCH_HAS_EXECMEM_ROX		if X86_64
 	select ARCH_HAS_FAST_MULTIPLIER
 	select ARCH_HAS_FORTIFY_SOURCE
 	select ARCH_HAS_GCOV_PROFILE_ALL