From patchwork Wed Apr 13 13:49:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Catalin Marinas X-Patchwork-Id: 12812045 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 83E61C433EF for ; Wed, 13 Apr 2022 13:49:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E42276B0073; Wed, 13 Apr 2022 09:49:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DA3C26B0074; Wed, 13 Apr 2022 09:49:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BCF1B6B0075; Wed, 13 Apr 2022 09:49:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0089.hostedemail.com [216.40.44.89]) by kanga.kvack.org (Postfix) with ESMTP id ABE3D6B0073 for ; Wed, 13 Apr 2022 09:49:58 -0400 (EDT) Received: from smtpin28.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 513D18249980 for ; Wed, 13 Apr 2022 13:49:58 +0000 (UTC) X-FDA: 79351989276.28.AED6E7D Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by imf20.hostedemail.com (Postfix) with ESMTP id BF1421C0002 for ; Wed, 13 Apr 2022 13:49:57 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 67F4EB824CD; Wed, 13 Apr 2022 13:49:56 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1EDBAC385A6; Wed, 13 Apr 2022 13:49:51 +0000 (UTC) From: Catalin Marinas To: Andrew Morton , Christoph Hellwig , Lennart Poettering , =?utf-8?q?Zbigniew_J=C4=99drze?= =?utf-8?q?jewski-Szmek?= Cc: Will Deacon , Alexander Viro , Eric Biederman , Kees Cook , Szabolcs Nagy , Mark Brown , Jeremy Linton , Topi Miettinen , linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-abi-devel@lists.sourceforge.net Subject: [PATCH RFC 1/4] mm: Track previously writeable vma permission Date: Wed, 13 Apr 2022 14:49:43 +0100 Message-Id: <20220413134946.2732468-2-catalin.marinas@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220413134946.2732468-1-catalin.marinas@arm.com> References: <20220413134946.2732468-1-catalin.marinas@arm.com> MIME-Version: 1.0 X-Rspam-User: Authentication-Results: imf20.hostedemail.com; dkim=none; spf=pass (imf20.hostedemail.com: domain of cmarinas@kernel.org designates 145.40.68.75 as permitted sender) smtp.mailfrom=cmarinas@kernel.org; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=arm.com (policy=none) X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: BF1421C0002 X-Stat-Signature: 3mmek7zkdyy6d7ozmmhf681155bwwyng X-HE-Tag: 1649857797-165116 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: In order to support a memory-deny-write-execute policy for mprotect() and prevent a previously writeable mapping from being made executable, track the past VM_WRITE permission via a new VM_WAS_WRITE flag that is not cleared on permission change. VM_WAS_WRITE is a high VMA flag and since not all architectures may want this feature, only define it if CONFIG_ARCH_ENABLE_DENY_WRITE_EXEC is selected, otherwise it is VM_NONE (zero). Note that the new VM_WAS_WRITE flag would prevent merging of an always read-only vma with a previously writeable vma that was made read-only. I don't consider this a common case and even if we somehow allow such merging, it would be confusing for the user if a read-only vma inherits a VM_WAS_WRITE flag or the VM_WAS_WRITE flag is dropped. Signed-off-by: Catalin Marinas Cc: Andrew Morton --- include/linux/mm.h | 6 ++++++ include/linux/mman.h | 8 +++++++- mm/Kconfig | 4 ++++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/include/linux/mm.h b/include/linux/mm.h index e34edb775334..bec37abc0773 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -317,6 +317,12 @@ extern unsigned int kobjsize(const void *objp); #define VM_HIGH_ARCH_4 BIT(VM_HIGH_ARCH_BIT_4) #endif /* CONFIG_ARCH_USES_HIGH_VMA_FLAGS */ +#ifdef CONFIG_ARCH_ENABLE_DENY_WRITE_EXEC +#define VM_WAS_WRITE BIT(37) /* only with ARCH_USES_HIGH_VMA_FLAGS */ +#else +#define VM_WAS_WRITE VM_NONE +#endif + #ifdef CONFIG_ARCH_HAS_PKEYS # define VM_PKEY_SHIFT VM_HIGH_ARCH_BIT_0 # define VM_PKEY_BIT0 VM_HIGH_ARCH_0 /* A protection key is a 4-bit value */ diff --git a/include/linux/mman.h b/include/linux/mman.h index b66e91b8176c..2d841ddae2aa 100644 --- a/include/linux/mman.h +++ b/include/linux/mman.h @@ -141,10 +141,16 @@ static inline bool arch_validate_flags(unsigned long flags) static inline unsigned long calc_vm_prot_bits(unsigned long prot, unsigned long pkey) { - return _calc_vm_trans(prot, PROT_READ, VM_READ ) | + unsigned long vm_flags = + _calc_vm_trans(prot, PROT_READ, VM_READ ) | _calc_vm_trans(prot, PROT_WRITE, VM_WRITE) | _calc_vm_trans(prot, PROT_EXEC, VM_EXEC) | arch_calc_vm_prot_bits(prot, pkey); + + if (vm_flags & VM_WRITE) + vm_flags |= VM_WAS_WRITE; + + return vm_flags; } /* diff --git a/mm/Kconfig b/mm/Kconfig index 034d87953600..f140109f2a1e 100644 --- a/mm/Kconfig +++ b/mm/Kconfig @@ -822,6 +822,10 @@ config ARCH_USES_HIGH_VMA_FLAGS config ARCH_HAS_PKEYS bool +config ARCH_ENABLE_DENY_WRITE_EXEC + bool + depends on ARCH_USES_HIGH_VMA_FLAGS + config PERCPU_STATS bool "Collect percpu memory statistics" help From patchwork Wed Apr 13 13:49:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Catalin Marinas X-Patchwork-Id: 12812046 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 45F2AC433F5 for ; Wed, 13 Apr 2022 13:50:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CE2276B0074; Wed, 13 Apr 2022 09:50:02 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C6A6A6B0075; Wed, 13 Apr 2022 09:50:02 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AE4056B0078; Wed, 13 Apr 2022 09:50:02 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.27]) by kanga.kvack.org (Postfix) with ESMTP id 9BBF26B0074 for ; Wed, 13 Apr 2022 09:50:02 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 6E2EE60D36 for ; Wed, 13 Apr 2022 13:50:02 +0000 (UTC) X-FDA: 79351989444.18.19C35E3 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by imf24.hostedemail.com (Postfix) with ESMTP id B9902180003 for ; Wed, 13 Apr 2022 13:50:01 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 6432AB824E4; Wed, 13 Apr 2022 13:50:00 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6B4ADC385A3; Wed, 13 Apr 2022 13:49:55 +0000 (UTC) From: Catalin Marinas To: Andrew Morton , Christoph Hellwig , Lennart Poettering , =?utf-8?q?Zbigniew_J=C4=99drze?= =?utf-8?q?jewski-Szmek?= Cc: Will Deacon , Alexander Viro , Eric Biederman , Kees Cook , Szabolcs Nagy , Mark Brown , Jeremy Linton , Topi Miettinen , linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-abi-devel@lists.sourceforge.net Subject: [PATCH RFC 2/4] mm, personality: Implement memory-deny-write-execute as a personality flag Date: Wed, 13 Apr 2022 14:49:44 +0100 Message-Id: <20220413134946.2732468-3-catalin.marinas@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220413134946.2732468-1-catalin.marinas@arm.com> References: <20220413134946.2732468-1-catalin.marinas@arm.com> MIME-Version: 1.0 X-Stat-Signature: 41udpmibwyqxgimmbaqkupb4fecmnujs Authentication-Results: imf24.hostedemail.com; dkim=none; spf=pass (imf24.hostedemail.com: domain of cmarinas@kernel.org designates 145.40.68.75 as permitted sender) smtp.mailfrom=cmarinas@kernel.org; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=arm.com (policy=none) X-Rspam-User: X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: B9902180003 X-HE-Tag: 1649857801-297091 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: The aim of such policy is to prevent a user task from inadvertently creating an executable mapping that is or was writeable (and subsequently made read-only). An example of mmap() returning -EACCESS if the policy is enabled: mmap(0, size, PROT_READ | PROT_WRITE | PROT_EXEC, flags, 0, 0); Similarly, mprotect() would return -EACCESS below: addr = mmap(0, size, PROT_READ | PROT_EXEC, flags, 0, 0); mprotect(addr, size, PROT_READ | PROT_WRITE | PROT_EXEC); With the past vma writeable permission tracking, mprotect() below would also fail with -EACCESS: addr = mmap(0, size, PROT_READ | PROT_WRITE, flags, 0, 0); mprotect(addr, size, PROT_READ | PROT_EXEC); While the above could be achieved by checking PROT_WRITE & PROT_EXEC on mmap/mprotect and denying mprotect(PROT_EXEC) altogether (current systemd MDWE approach via SECCOMP BPF filters), we want the following scenario to succeed: addr = mmap(0, size, PROT_READ | PROT_EXEC, flags, 0, 0); mprotect(addr, size, PROT_READ | PROT_EXEC | PROT_BTI); where PROT_BTI enables branch tracking identification on arm64. The choice for a DENY_WRITE_EXEC personality flag, inherited on fork() and execve(), was made by analogy to READ_IMPLIES_EXEC. Note that it is sufficient to check for VM_WAS_WRITE in map_deny_write_exec() as this flag is always set on VM_WRITE mappings. Signed-off-by: Catalin Marinas Cc: Christoph Hellwig Cc: Andrew Morton --- include/linux/mman.h | 10 ++++++++++ include/uapi/linux/personality.h | 1 + mm/mmap.c | 3 +++ mm/mprotect.c | 5 +++++ 4 files changed, 19 insertions(+) diff --git a/include/linux/mman.h b/include/linux/mman.h index 2d841ddae2aa..17e91a1bdfb3 100644 --- a/include/linux/mman.h +++ b/include/linux/mman.h @@ -166,4 +166,14 @@ calc_vm_flag_bits(unsigned long flags) } unsigned long vm_commit_limit(void); + +static inline bool map_deny_write_exec(unsigned long vm_flags) +{ + if (IS_ENABLED(CONFIG_ARCH_ENABLE_DENY_WRITE_EXEC) && + (current->personality & DENY_WRITE_EXEC) && + (vm_flags & VM_EXEC) && (vm_flags & VM_WAS_WRITE)) + return true; + return false; +} + #endif /* _LINUX_MMAN_H */ diff --git a/include/uapi/linux/personality.h b/include/uapi/linux/personality.h index 49796b7756af..c8d924be3dcd 100644 --- a/include/uapi/linux/personality.h +++ b/include/uapi/linux/personality.h @@ -22,6 +22,7 @@ enum { WHOLE_SECONDS = 0x2000000, STICKY_TIMEOUTS = 0x4000000, ADDR_LIMIT_3GB = 0x8000000, + DENY_WRITE_EXEC = 0x10000000, }; /* diff --git a/mm/mmap.c b/mm/mmap.c index 3aa839f81e63..8e894270a80e 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1579,6 +1579,9 @@ unsigned long do_mmap(struct file *file, unsigned long addr, vm_flags |= VM_NORESERVE; } + if (map_deny_write_exec(vm_flags)) + return -EACCES; + addr = mmap_region(file, addr, len, vm_flags, pgoff, uf); if (!IS_ERR_VALUE(addr) && ((vm_flags & VM_LOCKED) || diff --git a/mm/mprotect.c b/mm/mprotect.c index b69ce7a7b2b7..ff0d13a4c1ed 100644 --- a/mm/mprotect.c +++ b/mm/mprotect.c @@ -627,6 +627,11 @@ static int do_mprotect_pkey(unsigned long start, size_t len, goto out; } + if (map_deny_write_exec(newflags)) { + error = -EACCES; + goto out; + } + /* Allow architectures to sanity-check the new flags */ if (!arch_validate_flags(newflags)) { error = -EINVAL; From patchwork Wed Apr 13 13:49:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Catalin Marinas X-Patchwork-Id: 12812047 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EC4ECC433EF for ; Wed, 13 Apr 2022 13:50:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 717106B0075; Wed, 13 Apr 2022 09:50:04 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 69F4F6B0078; Wed, 13 Apr 2022 09:50:04 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4CBF66B007B; Wed, 13 Apr 2022 09:50:04 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0129.hostedemail.com [216.40.44.129]) by kanga.kvack.org (Postfix) with ESMTP id 3AFD96B0075 for ; Wed, 13 Apr 2022 09:50:04 -0400 (EDT) Received: from smtpin26.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id EE930A5D4E for ; Wed, 13 Apr 2022 13:50:03 +0000 (UTC) X-FDA: 79351989486.26.41FF184 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf17.hostedemail.com (Postfix) with ESMTP id 5FD3C40006 for ; Wed, 13 Apr 2022 13:50:03 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 4391A61943; Wed, 13 Apr 2022 13:50:02 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BCBB5C385AF; Wed, 13 Apr 2022 13:49:58 +0000 (UTC) From: Catalin Marinas To: Andrew Morton , Christoph Hellwig , Lennart Poettering , =?utf-8?q?Zbigniew_J=C4=99drze?= =?utf-8?q?jewski-Szmek?= Cc: Will Deacon , Alexander Viro , Eric Biederman , Kees Cook , Szabolcs Nagy , Mark Brown , Jeremy Linton , Topi Miettinen , linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-abi-devel@lists.sourceforge.net Subject: [PATCH RFC 3/4] fs/binfmt_elf: Tell user-space about the DENY_WRITE_EXEC personality flag Date: Wed, 13 Apr 2022 14:49:45 +0100 Message-Id: <20220413134946.2732468-4-catalin.marinas@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220413134946.2732468-1-catalin.marinas@arm.com> References: <20220413134946.2732468-1-catalin.marinas@arm.com> MIME-Version: 1.0 X-Rspam-User: Authentication-Results: imf17.hostedemail.com; dkim=none; spf=pass (imf17.hostedemail.com: domain of cmarinas@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=cmarinas@kernel.org; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=arm.com (policy=none) X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 5FD3C40006 X-Stat-Signature: m7r51c195gbd5yas4qgk51f5w7qisysc X-HE-Tag: 1649857803-668383 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Since personality() accepts any flags and does not mask out any unknown bits, inform user space that such personality flag is supported via an AT_FLAGS_DENY_WRITE_EXEC flag. Signed-off-by: Catalin Marinas Cc: Alexander Viro Cc: Eric Biederman Cc: Kees Cook Cc: Christoph Hellwig --- fs/binfmt_elf.c | 2 ++ include/uapi/linux/binfmts.h | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 6556e13ed95f..4e6cba1f67ee 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -265,6 +265,8 @@ create_elf_tables(struct linux_binprm *bprm, const struct elfhdr *exec, NEW_AUX_ENT(AT_BASE, interp_load_addr); if (bprm->interp_flags & BINPRM_FLAGS_PRESERVE_ARGV0) flags |= AT_FLAGS_PRESERVE_ARGV0; + if (IS_ENABLED(CONFIG_ARCH_ENABLE_DENY_WRITE_EXEC)) + flags |= AT_FLAGS_DENY_WRITE_EXEC; NEW_AUX_ENT(AT_FLAGS, flags); NEW_AUX_ENT(AT_ENTRY, e_entry); NEW_AUX_ENT(AT_UID, from_kuid_munged(cred->user_ns, cred->uid)); diff --git a/include/uapi/linux/binfmts.h b/include/uapi/linux/binfmts.h index c6f9450efc12..304bbb30264c 100644 --- a/include/uapi/linux/binfmts.h +++ b/include/uapi/linux/binfmts.h @@ -22,4 +22,8 @@ struct pt_regs; #define AT_FLAGS_PRESERVE_ARGV0_BIT 0 #define AT_FLAGS_PRESERVE_ARGV0 (1 << AT_FLAGS_PRESERVE_ARGV0_BIT) +/* support for DENY_WRITE_EXEC personality flag */ +#define AT_FLAGS_DENY_WRITE_EXEC_BIT 1 +#define AT_FLAGS_DENY_WRITE_EXEC (1 << AT_FLAGS_DENY_WRITE_EXEC_BIT) + #endif /* _UAPI_LINUX_BINFMTS_H */ From patchwork Wed Apr 13 13:49:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Catalin Marinas X-Patchwork-Id: 12812048 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5A7BC433EF for ; Wed, 13 Apr 2022 13:50:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4CBAD6B0078; Wed, 13 Apr 2022 09:50:07 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 47AE76B007B; Wed, 13 Apr 2022 09:50:07 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 27FBC6B007D; Wed, 13 Apr 2022 09:50:07 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.27]) by kanga.kvack.org (Postfix) with ESMTP id 14C2F6B0078 for ; Wed, 13 Apr 2022 09:50:07 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id DE8622330A for ; Wed, 13 Apr 2022 13:50:06 +0000 (UTC) X-FDA: 79351989612.09.453C9F0 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf20.hostedemail.com (Postfix) with ESMTP id 431361C0004 for ; Wed, 13 Apr 2022 13:50:06 +0000 (UTC) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9C35D617C7; Wed, 13 Apr 2022 13:50:05 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 17378C385A3; Wed, 13 Apr 2022 13:50:01 +0000 (UTC) From: Catalin Marinas To: Andrew Morton , Christoph Hellwig , Lennart Poettering , =?utf-8?q?Zbigniew_J=C4=99drze?= =?utf-8?q?jewski-Szmek?= Cc: Will Deacon , Alexander Viro , Eric Biederman , Kees Cook , Szabolcs Nagy , Mark Brown , Jeremy Linton , Topi Miettinen , linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, linux-abi-devel@lists.sourceforge.net Subject: [PATCH RFC 4/4] arm64: Select ARCH_ENABLE_DENY_WRITE_EXEC Date: Wed, 13 Apr 2022 14:49:46 +0100 Message-Id: <20220413134946.2732468-5-catalin.marinas@arm.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220413134946.2732468-1-catalin.marinas@arm.com> References: <20220413134946.2732468-1-catalin.marinas@arm.com> MIME-Version: 1.0 X-Rspam-User: Authentication-Results: imf20.hostedemail.com; dkim=none; spf=pass (imf20.hostedemail.com: domain of cmarinas@kernel.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=cmarinas@kernel.org; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=arm.com (policy=none) X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 431361C0004 X-Stat-Signature: ykop4e8gk84g55kadpab3s4kfwotgjx4 X-HE-Tag: 1649857806-63933 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: This will allow the DENY_WRITE_EXEC personality flag to prevent creating a PROT_EXEC mapping that is or was also PROT_WRITE. Signed-off-by: Catalin Marinas Cc: Will Deacon --- arch/arm64/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 57c4c995965f..6cbdc8294337 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -13,6 +13,7 @@ config ARM64 select ARCH_BINFMT_ELF_EXTRA_PHDRS select ARCH_BINFMT_ELF_STATE select ARCH_CORRECT_STACKTRACE_ON_KRETPROBE + select ARCH_ENABLE_DENY_WRITE_EXEC select ARCH_ENABLE_HUGEPAGE_MIGRATION if HUGETLB_PAGE && MIGRATION select ARCH_ENABLE_MEMORY_HOTPLUG select ARCH_ENABLE_MEMORY_HOTREMOVE