From patchwork Sat Mar 4 14:30:44 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 9603973 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 7F4DF60453 for ; Sat, 4 Mar 2017 14:31:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 717C828503 for ; Sat, 4 Mar 2017 14:31:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 661E928589; Sat, 4 Mar 2017 14:31:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 9970928503 for ; Sat, 4 Mar 2017 14:31:46 +0000 (UTC) Received: (qmail 16197 invoked by uid 550); 4 Mar 2017 14:31:39 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 15870 invoked from network); 4 Mar 2017 14:31:34 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=JebjuArTEIOtC/kn65SzY3JKRevvVf+oRFy/m3BY+b4=; b=e2G8KgXOPtqnfVNHttsXLaVge/u0sTZMAY56AsgQE0aLuYrzw12sMK5jgx6fmLycXB 5tUnDeVbtyzRbdjyAK4/7EvI0YI+U7SaYeckM35J/rvlkQJo1yTfFDdIuhUbfvlf5Pcp t14fqcVVsbqTQDZlueKP6/5GfGT45R8U7VEj0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=JebjuArTEIOtC/kn65SzY3JKRevvVf+oRFy/m3BY+b4=; b=B0nnhaPQzW1gLDOvqH1cIwAqOXlZPFBkA12khAzkGmsGF7meViVhSg//aLTWx+jEbY JL35n9WVeGdFPjMclREzQLDzh9Al0lPqr+Up6fSd+9hXQpnTeDh7Bu0XD9t5aHPfoT7K ly3IPYRZwKw/xlWtJHgkHIDnrTEu0YQTU2L/8Of6AVcdm7rx8aTejdr0Ursnb/SjsfQe 7JdQSfRzJuw85Duz89LZwS76K+CjT6OTp07FApXGLRKYKg9rhrMN/r7+5czTMVmJKnq8 jqnq2hrqBbXvf1EO2CJsnAe5qx8nnl05QfrdfHOh+0kWCrWXrKYLRRZKFkGNu8VDhGFA UANw== X-Gm-Message-State: AMke39khcF6y8ziEzGaoj/lIor1xaq17ruTnp7hDkA4cPn/N1Ed/iX+177JMatdSzjYSW7Fc X-Received: by 10.28.92.193 with SMTP id q184mr7502297wmb.139.1488637883561; Sat, 04 Mar 2017 06:31:23 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, kernel-hardening@lists.openwall.com, mark.rutland@arm.com, catalin.marinas@arm.com, will.deacon@arm.com, labbott@fedoraproject.org Cc: kvmarm@lists.cs.columbia.edu, marc.zyngier@arm.com, keescook@chromium.org, andre.przywara@arm.com, james.morse@arm.com, suzuki.poulose@arm.com, Ard Biesheuvel Date: Sat, 4 Mar 2017 14:30:44 +0000 Message-Id: <1488637848-13588-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1488637848-13588-1-git-send-email-ard.biesheuvel@linaro.org> References: <1488637848-13588-1-git-send-email-ard.biesheuvel@linaro.org> Subject: [kernel-hardening] [PATCH v4 2/6] arm64: mmu: move TLB maintenance from callers to create_mapping_late() X-Virus-Scanned: ClamAV using ClamSMTP In preparation of refactoring the kernel mapping logic so that text regions are never mapped writable, which would require adding explicit TLB maintenance to new call sites of create_mapping_late() (which is currently invoked twice from the same function), move the TLB maintenance from the call site into create_mapping_late() itself, and change it from a full TLB flush into a flush by VA, which is more appropriate here. Also, given that create_mapping_late() has evolved into a routine that only updates protection bits on existing mappings, rename it to update_mapping_prot() Reviewed-by: Mark Rutland Tested-by: Mark Rutland Signed-off-by: Ard Biesheuvel --- arch/arm64/mm/mmu.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index d28dbcf596b6..6cafd8723d1a 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -319,17 +319,20 @@ void __init create_pgd_mapping(struct mm_struct *mm, phys_addr_t phys, pgd_pgtable_alloc, page_mappings_only); } -static void create_mapping_late(phys_addr_t phys, unsigned long virt, - phys_addr_t size, pgprot_t prot) +static void update_mapping_prot(phys_addr_t phys, unsigned long virt, + phys_addr_t size, pgprot_t prot) { if (virt < VMALLOC_START) { - pr_warn("BUG: not creating mapping for %pa at 0x%016lx - outside kernel range\n", + pr_warn("BUG: not updating mapping for %pa at 0x%016lx - outside kernel range\n", &phys, virt); return; } __create_pgd_mapping(init_mm.pgd, phys, virt, size, prot, NULL, debug_pagealloc_enabled()); + + /* flush the TLBs after updating live kernel mappings */ + flush_tlb_kernel_range(virt, virt + size); } static void __init __map_memblock(pgd_t *pgd, phys_addr_t start, phys_addr_t end) @@ -402,19 +405,16 @@ void mark_rodata_ro(void) unsigned long section_size; section_size = (unsigned long)_etext - (unsigned long)_text; - create_mapping_late(__pa_symbol(_text), (unsigned long)_text, + update_mapping_prot(__pa_symbol(_text), (unsigned long)_text, section_size, PAGE_KERNEL_ROX); /* * mark .rodata as read only. Use __init_begin rather than __end_rodata * to cover NOTES and EXCEPTION_TABLE. */ section_size = (unsigned long)__init_begin - (unsigned long)__start_rodata; - create_mapping_late(__pa_symbol(__start_rodata), (unsigned long)__start_rodata, + update_mapping_prot(__pa_symbol(__start_rodata), (unsigned long)__start_rodata, section_size, PAGE_KERNEL_RO); - /* flush the TLBs after updating live kernel mappings */ - flush_tlb_all(); - debug_checkwx(); }