From patchwork Tue Apr 1 23:08:45 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rabin Vincent X-Patchwork-Id: 3925951 Return-Path: X-Original-To: patchwork-linux-arm@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 7CB169F2F7 for ; Tue, 1 Apr 2014 23:10:46 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 2409720439 for ; Tue, 1 Apr 2014 23:10:44 +0000 (UTC) Received: from casper.infradead.org (casper.infradead.org [85.118.1.10]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 02B982054D for ; Tue, 1 Apr 2014 23:10:06 +0000 (UTC) Received: from merlin.infradead.org ([2001:4978:20e::2]) by casper.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1WV7oc-0003JC-RM; Tue, 01 Apr 2014 23:09:59 +0000 Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1WV7oa-0000B3-CV; Tue, 01 Apr 2014 23:09:56 +0000 Received: from mail-la0-x230.google.com ([2a00:1450:4010:c03::230]) by merlin.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1WV7oV-000079-QV for linux-arm-kernel@lists.infradead.org; Tue, 01 Apr 2014 23:09:53 +0000 Received: by mail-la0-f48.google.com with SMTP id gf5so7400457lab.7 for ; Tue, 01 Apr 2014 16:09:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=y/ify8uBjXgMT14NflL4FL3lSwWvjlNNX2SD32iU7Qs=; b=Hr5k0/XvtmKLaoPltsxxrZK2LNoEVoFejeJRhQpvHR+qRolsoQWdnEsBbBtKn4FzX2 LasxzU2z1KS1Bsta5RFC84gybYiodjLtzli97V+N/9EDfPNXs1A2looiuOxojD6WapJb MNpbVaQ/JxI8cmP9sAvF7VXXFGM6F0HAXWukewXsCdmsjf+0CU9WjxX2MacKsqNOVCcb 7lG06J2JpHFJQ1pweBtfuoLAJ3wVTn7u5NdufLC3YUJneDicC8+M7RZzSSi/iEDbjatw QSb6fBR2qs2i+uAwMTMjXLWeP4ZzUUzwiBjWi+OGJtkTIAElpBS1TzZPH8Qp+dBqvq4i Rt7g== X-Received: by 10.152.210.70 with SMTP id ms6mr24357810lac.5.1396393765889; Tue, 01 Apr 2014 16:09:25 -0700 (PDT) MIME-Version: 1.0 Received: by 10.112.215.227 with HTTP; Tue, 1 Apr 2014 16:08:45 -0700 (PDT) In-Reply-To: References: <1396346657-7166-1-git-send-email-holler@ahsoftware.de> <533AFF77.5030106@codeaurora.org> From: Rabin Vincent Date: Wed, 2 Apr 2014 01:08:45 +0200 X-Google-Sender-Auth: sSH6i4YdQdAJvP4gF0wJDWmo6yI Message-ID: Subject: Re: [PATCH] arm: don't allow CONFIG_DEBUG_SET_MODULE_RONX if CONFIG_JUMP_LABEL is enabled To: Kees Cook X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20140401_190952_232902_2C717175 X-CRM114-Status: GOOD ( 23.08 ) X-Spam-Score: -1.9 (-) Cc: Laura Abbott , Catalin Marinas , Will Deacon , LKML , Russell King , Alexander Holler , "linux-arm-kernel@lists.infradead.org" X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP 2014-04-01 20:36 GMT+02:00 Kees Cook : > Is there something "sticky" about PMD sections that I'm not aware of? > Even after calling set_kernel_text_rw(), any writes to kernel memory > fault. :( section_update() updates init_mm, but each mm has a copy of the first level page tables. So your updates to init_mm won't be visibile to currently running processes. (Have a look at arch/arm/mm/ioremap.c's vmalloc_seq stuff for some background on how section support is handled on non-SMP; the vmalloc code doesn't use sections on SMP.) Here's a patch (probably whitespace damaged, hence also attached) with which dynamic ftrace works for me on top your other paches. Tested on a non-LPAE SMP. Notes: - I commented out the other entries in section_perm except from the kernel text only because I didn't want to figure out the mask values to use - I didn't/couldn't call set_kernel_text_rw in ftrace_arch_code_modify_prepare() because that is called outside of stop_machine(), and stop_machine() triggers another thread which actually runs ftrace_modify_all_code() with the machine stopped. From 91d92b8e241835013cefaca0c5121b9d6df9d500 Mon Sep 17 00:00:00 2001 From: Rabin Vincent Date: Wed, 2 Apr 2014 00:57:09 +0200 Subject: [PATCH] ftrace --- arch/arm/kernel/ftrace.c | 21 +++++++++++++ arch/arm/mm/init.c | 77 ++++++++++++++++++++++++++++++++++-------------- 2 files changed, 76 insertions(+), 22 deletions(-) } @@ -702,13 +711,37 @@ static inline void fix_kernmem_perms(void) for (addr = section_perms[i].start; addr < section_perms[i].end; addr += SECTION_SIZE) - section_update(addr, section_perms[i].prot); + section_update(&init_mm, addr, section_perms[i].mask, section_perms[i].prot); } } #else static inline void fix_kernmem_perms(void) { } #endif /* CONFIG_ARM_KERNMEM_PERMS */ +void set_kernel_text_rw(struct mm_struct *mm) +{ + unsigned long addr; + + for (addr = section_perms[0].start; + addr < section_perms[0].end; + addr += SECTION_SIZE) + section_update(mm, addr, section_perms[0].mask, + section_perms[0].clear); + + flush_tlb_all(); +} + +void set_kernel_text_ro(struct mm_struct *mm) +{ + unsigned long addr; + + for (addr = section_perms[0].start; + addr < section_perms[0].end; + addr += SECTION_SIZE) + section_update(mm, addr, section_perms[0].mask, + section_perms[0].prot); +} + void free_initmem(void) { #ifdef CONFIG_HAVE_TCM From 91d92b8e241835013cefaca0c5121b9d6df9d500 Mon Sep 17 00:00:00 2001 From: Rabin Vincent Date: Wed, 2 Apr 2014 00:57:09 +0200 Subject: [PATCH] ftrace --- arch/arm/kernel/ftrace.c | 21 +++++++++++++ arch/arm/mm/init.c | 77 ++++++++++++++++++++++++++++++++++-------------- 2 files changed, 76 insertions(+), 22 deletions(-) diff --git a/arch/arm/kernel/ftrace.c b/arch/arm/kernel/ftrace.c index 34e5664..61cb8ef 100644 --- a/arch/arm/kernel/ftrace.c +++ b/arch/arm/kernel/ftrace.c @@ -14,6 +14,7 @@ #include #include +#include #include #include @@ -34,6 +35,26 @@ #define OLD_NOP 0xe1a00000 /* mov r0, r0 */ +static int __ftrace_modify_code(void *data) +{ + extern void set_kernel_text_rw(struct mm_struct *mm); + extern void set_kernel_text_ro(struct mm_struct *mm); + + struct mm_struct *mm = current->active_mm; + int *command = data; + + set_kernel_text_rw(mm); + ftrace_modify_all_code(*command); + set_kernel_text_ro(mm); + + return 0; +} + +void arch_ftrace_update_code(int command) +{ + stop_machine(__ftrace_modify_code, &command, NULL); +} + static unsigned long ftrace_nop_replace(struct dyn_ftrace *rec) { return rec->arch.old_mcount ? OLD_NOP : NOP; diff --git a/arch/arm/mm/init.c b/arch/arm/mm/init.c index 5b1b049..c4da92d 100644 --- a/arch/arm/mm/init.c +++ b/arch/arm/mm/init.c @@ -630,22 +630,24 @@ void __init mem_init(void) struct section_perm { unsigned long start; unsigned long end; + pmdval_t mask; pmdval_t prot; + pmdval_t clear; }; -struct section_perm __initdata section_perms[] = { +struct section_perm section_perms[] = { /* Make pages tables, etc before _stext RW (set NX). */ - { - .start = PAGE_OFFSET, - .end = (unsigned long)_stext, - .prot = PMD_SECT_XN, - }, - /* Make init RW (set NX). */ - { - .start = (unsigned long)__init_begin, - .end = (unsigned long)_sdata, - .prot = PMD_SECT_XN, - }, + // { + // .start = PAGE_OFFSET, + // .end = (unsigned long)_stext, + // .prot = PMD_SECT_XN, + // }, + // /* Make init RW (set NX). */ + // { + // .start = (unsigned long)__init_begin, + // .end = (unsigned long)_sdata, + // .prot = PMD_SECT_XN, + // }, /* Make kernel code and rodata RX (set RO). */ { .start = (unsigned long)_stext, @@ -653,30 +655,37 @@ struct section_perm __initdata section_perms[] = { #ifdef CONFIG_ARM_LPAE .prot = PMD_SECT_RDONLY, #else + .mask = ~(PMD_SECT_APX | PMD_SECT_AP_WRITE), .prot = PMD_SECT_APX | PMD_SECT_AP_WRITE, + .clear = PMD_SECT_AP_WRITE, #endif }, #ifdef CONFIG_DEBUG_RODATA /* Make rodata RO (set NX). */ - { - .start = (unsigned long)__start_rodata, - .end = (unsigned long)__init_begin, - .prot = PMD_SECT_XN, - } + // { + // .start = (unsigned long)__start_rodata, + // .end = (unsigned long)__init_begin, + // .prot = PMD_SECT_XN, + // } #endif }; -static inline void section_update(unsigned long addr, pmdval_t prot) +static inline pmd_t *pmd_off(struct mm_struct *mm, unsigned long virt) +{ + return pmd_offset(pud_offset(pgd_offset(mm, virt), virt), virt); +} + +static inline void section_update(struct mm_struct *mm, unsigned long addr, pmdval_t mask, pmdval_t prot) { - pmd_t *pmd = pmd_off_k(addr); + pmd_t *pmd = pmd_off(mm, addr); #ifdef CONFIG_ARM_LPAE pmd[0] = __pmd(pmd_val(pmd[0]) | prot); #else if (addr & SECTION_SIZE) - pmd[1] = __pmd(pmd_val(pmd[1]) | prot); + pmd[1] = __pmd((pmd_val(pmd[1]) & mask) | prot); else - pmd[0] = __pmd(pmd_val(pmd[0]) | prot); + pmd[0] = __pmd((pmd_val(pmd[0]) & mask) | prot); #endif flush_pmd_entry(pmd); } @@ -702,13 +711,37 @@ static inline void fix_kernmem_perms(void) for (addr = section_perms[i].start; addr < section_perms[i].end; addr += SECTION_SIZE) - section_update(addr, section_perms[i].prot); + section_update(&init_mm, addr, section_perms[i].mask, section_perms[i].prot); } } #else static inline void fix_kernmem_perms(void) { } #endif /* CONFIG_ARM_KERNMEM_PERMS */ +void set_kernel_text_rw(struct mm_struct *mm) +{ + unsigned long addr; + + for (addr = section_perms[0].start; + addr < section_perms[0].end; + addr += SECTION_SIZE) + section_update(mm, addr, section_perms[0].mask, + section_perms[0].clear); + + flush_tlb_all(); +} + +void set_kernel_text_ro(struct mm_struct *mm) +{ + unsigned long addr; + + for (addr = section_perms[0].start; + addr < section_perms[0].end; + addr += SECTION_SIZE) + section_update(mm, addr, section_perms[0].mask, + section_perms[0].prot); +} + void free_initmem(void) { #ifdef CONFIG_HAVE_TCM -- 1.9.0