From patchwork Tue Mar 31 04:48:19 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466711
Return-Path: 
 <SRS0=pe95=5Q=lists.openwall.com=kernel-hardening-return-18315-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id AF9FF81
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:09 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id DCCE92071A
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:08 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="PZ047Cqx";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="Ze8iTVjl"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org DCCE92071A
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18315-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 17594 invoked by uid 550); 31 Mar 2020 04:49:00 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 17529 invoked from network); 31 Mar 2020 04:48:59 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=GUoylZfwGXXUQ
	zXJLlC+XHEoNWZPS5Q278HAm5/6Phc=; b=PZ047Cqxk1ghS8CRCnyaEnzlufyIi
	kRD5EreUfwOEh6+Ybu2mSughuL2Ti36tz5oJnmWPRGp2f+uC7IduMTeiWjr8Ozg6
	T0AzAzayHjwbCrAzrg4hAd9MIoKT5zc8K4aSx+A8ssygx6b4EyqofsGw+xmP4iPM
	EAfUIrpnKC3xx532Cjz1aKhJtmFyiKDMTg8cNnxHI/r8IvPKEvLyqzNKtZm2d5Fv
	w6D9abHlgUD7M9UwvB9l6c2SXhQyTdixNaQBC3t4FlcR6Mnv/as25gTp3m9fY/5o
	Pe8YeFfCCtiPExBlKcMNuECNO6TGcuNyjzc74pJz7lO/ZFg/dxZnrUZ6Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=GUoylZfwGXXUQzXJLlC+XHEoNWZPS5Q278HAm5/6Phc=; b=Ze8iTVjl
	FUvP4oO1ObeSpEGLiWxupJ1UcP31ZB0zG4H8HisSE7OHlk1Zvle1fXcXinWGC6HX
	JKrSgWanEua77FEJJocCGXKYcdphWHBV10a5FlPkQRf/s32D7XpeGRUtqcmVVoN5
	z3L8IZGLGv39ill1j5Tcw7c3sq13IlS3hkt5V0AXiZev5zsm2aLWUv/weT4+R/SC
	A21qZ/k7qnPUQ0/DE6e/V2OSX41/SoJjUVSp/GTcN/MuNHGgiz4CH74373bxK+q+
	eSNwmLOXJYR3BZrJsCd2S8mbRsuXg0kOI3m8lJveknGTmP9ivI6M3vOmXBvvJErm
	a6dzhc86iTEivQ==
X-ME-Sender: <xms:rsuCXsvTcVsRxiNuEVZAQ1R4zcV0XWj7ffXHKS9XTm2qzWI4kLpUxw>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucgfrhhlucfvnfffucdluddtmdenucfjughrpefhvf
    fufffkofgjfhgggfestdekredtredttdenucfhrhhomheptfhushhsvghllhcuvehurhhr
    vgihuceorhhushgtuhhrsehruhhsshgvlhhlrdgttgeqnecukfhppeduvddurdeghedrvd
    duvddrvdefleenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr
    ohhmpehruhhstghurhesrhhushhsvghllhdrtggt
X-ME-Proxy: <xmx:rsuCXsat5IzZ9L44pOMnCx__UEpjlMroJPb9itn0Y2VhVvu6VoG3Eg>
    <xmx:rsuCXv81zrRX4FJYWkJiPhHTJzRVL0iB4l0cLCYCozXFNls6QsgYWQ>
    <xmx:rsuCXuC7XcZFVfj2PzSkk257kwYM8G2AAGURIjumQbwunlbGqO7iTg>
    <xmx:rsuCXshW-lnBMENGNZ73LKHfM7g4I8SjXsHp4x9Fbk9rMtWftQtjOQ>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Russell Currey <ruscur@russell.cc>,
	christophe.leroy@c-s.fr,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com
Subject: [PATCH v7 1/7] powerpc/mm: Implement set_memory() routines
Date: Tue, 31 Mar 2020 15:48:19 +1100
Message-Id: <20200331044825.591653-2-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

The set_memory_{ro/rw/nx/x}() functions are required for STRICT_MODULE_RWX,
and are generally useful primitives to have.  This implementation is
designed to be completely generic across powerpc's many MMUs.

It's possible that this could be optimised to be faster for specific
MMUs, but the focus is on having a generic and safe implementation for
now.

This implementation does not handle cases where the caller is attempting
to change the mapping of the page it is executing from, or if another
CPU is concurrently using the page being altered.  These cases likely
shouldn't happen, but a more complex implementation with MMU-specific code
could safely handle them, so that is left as a TODO for now.

These functions do nothing if STRICT_KERNEL_RWX is not enabled.

Reviewed-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Russell Currey <ruscur@russell.cc>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
v7: Use apply_to_existing_page_range() and check for negative numpages

arch/powerpc/Kconfig                  |  1 +
 arch/powerpc/include/asm/set_memory.h | 32 +++++++++++
 arch/powerpc/mm/Makefile              |  2 +-
 arch/powerpc/mm/pageattr.c            | 81 +++++++++++++++++++++++++++
 4 files changed, 115 insertions(+), 1 deletion(-)
 create mode 100644 arch/powerpc/include/asm/set_memory.h
 create mode 100644 arch/powerpc/mm/pageattr.c

diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index 497b7d0b2d7e..bd074246e34e 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -129,6 +129,7 @@ config PPC
 	select ARCH_HAS_PTE_SPECIAL
 	select ARCH_HAS_MEMBARRIER_CALLBACKS
 	select ARCH_HAS_SCALED_CPUTIME		if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64
+	select ARCH_HAS_SET_MEMORY
 	select ARCH_HAS_STRICT_KERNEL_RWX	if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION)
 	select ARCH_HAS_TICK_BROADCAST		if GENERIC_CLOCKEVENTS_BROADCAST
 	select ARCH_HAS_UACCESS_FLUSHCACHE
diff --git a/arch/powerpc/include/asm/set_memory.h b/arch/powerpc/include/asm/set_memory.h
new file mode 100644
index 000000000000..64011ea444b4
--- /dev/null
+++ b/arch/powerpc/include/asm/set_memory.h
@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _ASM_POWERPC_SET_MEMORY_H
+#define _ASM_POWERPC_SET_MEMORY_H
+
+#define SET_MEMORY_RO	0
+#define SET_MEMORY_RW	1
+#define SET_MEMORY_NX	2
+#define SET_MEMORY_X	3
+
+int change_memory_attr(unsigned long addr, int numpages, long action);
+
+static inline int set_memory_ro(unsigned long addr, int numpages)
+{
+	return change_memory_attr(addr, numpages, SET_MEMORY_RO);
+}
+
+static inline int set_memory_rw(unsigned long addr, int numpages)
+{
+	return change_memory_attr(addr, numpages, SET_MEMORY_RW);
+}
+
+static inline int set_memory_nx(unsigned long addr, int numpages)
+{
+	return change_memory_attr(addr, numpages, SET_MEMORY_NX);
+}
+
+static inline int set_memory_x(unsigned long addr, int numpages)
+{
+	return change_memory_attr(addr, numpages, SET_MEMORY_X);
+}
+
+#endif
diff --git a/arch/powerpc/mm/Makefile b/arch/powerpc/mm/Makefile
index 5e147986400d..a998fdac52f9 100644
--- a/arch/powerpc/mm/Makefile
+++ b/arch/powerpc/mm/Makefile
@@ -5,7 +5,7 @@
 
 ccflags-$(CONFIG_PPC64)	:= $(NO_MINIMAL_TOC)
 
-obj-y				:= fault.o mem.o pgtable.o mmap.o \
+obj-y				:= fault.o mem.o pgtable.o mmap.o pageattr.o \
 				   init_$(BITS).o pgtable_$(BITS).o \
 				   pgtable-frag.o ioremap.o ioremap_$(BITS).o \
 				   init-common.o mmu_context.o drmem.o
diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c
new file mode 100644
index 000000000000..2da3fbab6ff7
--- /dev/null
+++ b/arch/powerpc/mm/pageattr.c
@@ -0,0 +1,81 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * MMU-generic set_memory implementation for powerpc
+ *
+ * Copyright 2019, IBM Corporation.
+ */
+
+#include <linux/mm.h>
+#include <linux/set_memory.h>
+
+#include <asm/mmu.h>
+#include <asm/page.h>
+#include <asm/pgtable.h>
+
+
+/*
+ * Updates the attributes of a page in three steps:
+ *
+ * 1. invalidate the page table entry
+ * 2. flush the TLB
+ * 3. install the new entry with the updated attributes
+ *
+ * This is unsafe if the caller is attempting to change the mapping of the
+ * page it is executing from, or if another CPU is concurrently using the
+ * page being altered.
+ *
+ * TODO make the implementation resistant to this.
+ *
+ * NOTE: can be dangerous to call without STRICT_KERNEL_RWX
+ */
+static int change_page_attr(pte_t *ptep, unsigned long addr, void *data)
+{
+	long action = (long)data;
+	pte_t pte;
+
+	spin_lock(&init_mm.page_table_lock);
+
+	/* invalidate the PTE so it's safe to modify */
+	pte = ptep_get_and_clear(&init_mm, addr, ptep);
+	flush_tlb_kernel_range(addr, addr + PAGE_SIZE);
+
+	/* modify the PTE bits as desired, then apply */
+	switch (action) {
+	case SET_MEMORY_RO:
+		pte = pte_wrprotect(pte);
+		break;
+	case SET_MEMORY_RW:
+		pte = pte_mkwrite(pte);
+		break;
+	case SET_MEMORY_NX:
+		pte = pte_exprotect(pte);
+		break;
+	case SET_MEMORY_X:
+		pte = pte_mkexec(pte);
+		break;
+	default:
+		WARN_ON_ONCE(1);
+		break;
+	}
+
+	set_pte_at(&init_mm, addr, ptep, pte);
+	spin_unlock(&init_mm.page_table_lock);
+
+	return 0;
+}
+
+int change_memory_attr(unsigned long addr, int numpages, long action)
+{
+	unsigned long start = ALIGN_DOWN(addr, PAGE_SIZE);
+	unsigned long sz = numpages * PAGE_SIZE;
+
+	if (!IS_ENABLED(CONFIG_STRICT_KERNEL_RWX))
+		return 0;
+
+	if (numpages <= 0)
+		return 0;
+
+	return apply_to_existing_page_range(&init_mm, start, sz,
+					    change_page_attr, (void *)action);
+}

From patchwork Tue Mar 31 04:48:20 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466713
Return-Path: 
 <SRS0=mUeC=5Q=lists.openwall.com=kernel-hardening-return-18316-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1B7B8912
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:17 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id 720C1206DB
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:16 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="aa7Y09bC";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="pJiRJMWO"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 720C1206DB
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18316-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 17772 invoked by uid 550); 31 Mar 2020 04:49:01 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 17599 invoked from network); 31 Mar 2020 04:49:00 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=j31fQE86XUAg1
	3xgkmTRfBdrUL53tEWPF3K3/cROCJY=; b=aa7Y09bC6z7iniz0c7hM8dl8Lm+ZJ
	U7X0FwcIHe6BCfTuCbZUxmeSLqI9R/Oib4nlnnZJJ2P/4Rk0IpF+peaTlH2r9Cxi
	WbSt6Tf6bRo2qUYjWS5WToE3JJOvM0tzMb1ZDaNHAeueiPNyqQXdcssot99jjcPx
	xH9a6W/xzElveLSjy4bkDX31jsqdX2p9djbd+93sSnb4eAYSa4+5qXmOkzl1Knfk
	O1FRR83M1ayCmUdEyb3zsph41xRp8ydHWW69qTHg7hp25vgDz9Ii7jNrhplTbbY5
	HNoqTGBfuMmSGc21yBg7ATM5e9yA8VFZJpElyB/c5DgMDFGE4NjntLacA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=j31fQE86XUAg13xgkmTRfBdrUL53tEWPF3K3/cROCJY=; b=pJiRJMWO
	qvZolekZGS4avsQ6fP9dvS4SXVwn0OOTg+1mY9bKUgW9W4JdxfnPhyInf5P9IG4a
	l3AcQcDcyUd0FpQnpWWkFZOOyhPJebVrxEqQw6Cy33h0jNDMoLh0cS0lxCQ50JMS
	+5Yk6ezkAq+MnLJZqxWq1Z9TLHqPJOJ2jLmdD+Fjstu3oZUKlmB5+d//dhaWVSjh
	lFh8d+EPHdI5y4+tlHw76kIJCX0iWCJqyTc1INvXn92j8wlQ5sorNy3jm/j/Q4te
	OHT3Bs5IzJuvNTNgiEbT6TsN42bRL9V3duk7xQHzNIkgLMHBRkwXxgCmQ/QhFCvj
	5Qx+9d0m4qe4sg==
X-ME-Sender: <xms:scuCXmiWhxVmU5dLI7jY1BtXpCwdCodOjkeXp4jxSrzhnZSkbdoZZg>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucgfrhhlucfvnfffucdluddtmdenucfjughrpefhvf
    fufffkofgjfhgggfestdekredtredttdenucfhrhhomheptfhushhsvghllhcuvehurhhr
    vgihuceorhhushgtuhhrsehruhhsshgvlhhlrdgttgeqnecukfhppeduvddurdeghedrvd
    duvddrvdefleenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhr
    ohhmpehruhhstghurhesrhhushhsvghllhdrtggt
X-ME-Proxy: <xmx:scuCXuEQGJTDzUk2NuG0Ba9jTUXTxzh3kERWKjWFjqcUOkxUso3QIA>
    <xmx:scuCXlx3n2RJffJ3RPla53snAU9j38koCDaRoUyefLgz_2SjlR-lbg>
    <xmx:scuCXlouAbidK04hABbNTfd0NdauxjOmtp0Q7rkRSI0dxdFuXQU2Jw>
    <xmx:scuCXl2DUVSROL0hvnd9Bh376xPDnpDiTY4oUa_KZimoW28giThHaA>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Russell Currey <ruscur@russell.cc>,
	christophe.leroy@c-s.fr,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com
Subject: [PATCH v7 2/7] powerpc/kprobes: Mark newly allocated probes as RO
Date: Tue, 31 Mar 2020 15:48:20 +1100
Message-Id: <20200331044825.591653-3-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

With CONFIG_STRICT_KERNEL_RWX=y and CONFIG_KPROBES=y, there will be one
W+X page at boot by default.  This can be tested with
CONFIG_PPC_PTDUMP=y and CONFIG_PPC_DEBUG_WX=y set, and checking the
kernel log during boot.

powerpc doesn't implement its own alloc() for kprobes like other
architectures do, but we couldn't immediately mark RO anyway since we do
a memcpy to the page we allocate later.  After that, nothing should be
allowed to modify the page, and write permissions are removed well
before the kprobe is armed.

The memcpy() would fail if >1 probes were allocated, so use
patch_instruction() instead which is safe for RO.

Reviewed-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Russell Currey <ruscur@russell.cc>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/kernel/kprobes.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/arch/powerpc/kernel/kprobes.c b/arch/powerpc/kernel/kprobes.c
index 2d27ec4feee4..bfab91ded234 100644
--- a/arch/powerpc/kernel/kprobes.c
+++ b/arch/powerpc/kernel/kprobes.c
@@ -24,6 +24,8 @@
 #include <asm/sstep.h>
 #include <asm/sections.h>
 #include <linux/uaccess.h>
+#include <linux/set_memory.h>
+#include <linux/vmalloc.h>
 
 DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL;
 DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk);
@@ -102,6 +104,16 @@ kprobe_opcode_t *kprobe_lookup_name(const char *name, unsigned int offset)
 	return addr;
 }
 
+void *alloc_insn_page(void)
+{
+	void *page = vmalloc_exec(PAGE_SIZE);
+
+	if (page)
+		set_memory_ro((unsigned long)page, 1);
+
+	return page;
+}
+
 int arch_prepare_kprobe(struct kprobe *p)
 {
 	int ret = 0;
@@ -124,11 +136,8 @@ int arch_prepare_kprobe(struct kprobe *p)
 	}
 
 	if (!ret) {
-		memcpy(p->ainsn.insn, p->addr,
-				MAX_INSN_SIZE * sizeof(kprobe_opcode_t));
+		patch_instruction(p->ainsn.insn, *p->addr);
 		p->opcode = *p->addr;
-		flush_icache_range((unsigned long)p->ainsn.insn,
-			(unsigned long)p->ainsn.insn + sizeof(kprobe_opcode_t));
 	}
 
 	p->ainsn.boostable = 0;

From patchwork Tue Mar 31 04:48:21 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466715
Return-Path: 
 <SRS0=HHph=5Q=lists.openwall.com=kernel-hardening-return-18317-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 279DF912
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:25 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id 826B6206EB
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:24 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="RNYWsI3p";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="nJUvIi5/"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 826B6206EB
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18317-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 18105 invoked by uid 550); 31 Mar 2020 04:49:03 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 18006 invoked from network); 31 Mar 2020 04:49:03 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=7lxSiSzlC+CRa
	BOucvvMEahHc5ocTEmTHhLzUywxUHs=; b=RNYWsI3poX7iSqx2QX4AkSlMzpR/l
	2QsHyDn9fXKk8uIAak4ktw4HLoiN/QComTMxM/Nrb3Zzy9k5gy4D9cenM+LnWAKl
	wZf+CkdPqAfoql+MgSfMNB1dGSW2eRPJCTQNG+WwTmRbzIuIvs4ggHtrU63SgFz7
	rEdzxJhdggA7K/T1MJAfNjCWtiTdQ0b6HEDXYWm78+pCG8kzO3OoUTNcQA9Gd/vG
	+o2a2xydvtRMxz7KEQkVNDwZQPjwiUmQp5+I1RpWTSOfGJx3wK8N2fwkARgvqlU+
	Bvb9trV+TkrL+NfDioHQwX4z78Da15EOLyFmZkE3++GFZ3BeSmkpx2WfQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=7lxSiSzlC+CRaBOucvvMEahHc5ocTEmTHhLzUywxUHs=; b=nJUvIi5/
	MUz3fp9JkeoyprNQLeiRzQmBiTjLnUEnmEY4/svivO6/WIXL/beGNRb0Y2IXDeTb
	IExUs6p+RMuwTFJ19Pmr+97XkTQd3BgBZZdk9XR8r7b8lYNueeILaHCosgLgFebu
	LxTMiDC4xL/kErnVyNDBAy/My1qZU2VgZ2CKJHZtf+fxJ1x++vOdPX0TcdZ83wRU
	xuK1RpjnBsLEt1KX+92eDUY9uKexliiYOEPBkbgVtMBU3yQY9ZFcrWrkAMVxdelF
	NcnszopBpgAx1XegiLgT3v7lxrGsj7r26MGCBr0ZLBCcp2OTX9wkH6wfc2y7kT+H
	sm4+x/WZnimwgw==
X-ME-Sender: <xms:tMuCXn0ldSEX5YIKBhyBAsYcp1nQShVOfEC7SPvroBeXeT31-WjaOQ>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    gfrhhlucfvnfffucdludehmdenucfjughrpefhvffufffkofgjfhgggfestdekredtredt
    tdenucfhrhhomheptfhushhsvghllhcuvehurhhrvgihuceorhhushgtuhhrsehruhhssh
    gvlhhlrdgttgeqnecukfhppeduvddurdeghedrvdduvddrvdefleenucevlhhushhtvghr
    ufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvg
    hllhdrtggt
X-ME-Proxy: <xmx:tMuCXlRflkPbETX9bzxSZsczjuYhLjdcOEVfu3085MVlEQNNkmfOew>
    <xmx:tMuCXql5TVfd1riSo9GG1j-dwHe8ByK9n0Q2MSYxAFCd_7qL5BJlhw>
    <xmx:tMuCXmPcZ0WdFXpkqfKizNpCxNykJ6FjwfZZjBfg-BQTg5eqktP-Zg>
    <xmx:tMuCXqkYDjTWJQAyhepMPXEaApDIiWMuaoZa99e4GlJGoGc06HxtOQ>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Russell Currey <ruscur@russell.cc>,
	christophe.leroy@c-s.fr,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com,
	Kees Cook <keescook@chromium.org>
Subject: [PATCH v7 3/7] powerpc/mm/ptdump: debugfs handler for W+X checks at
 runtime
Date: Tue, 31 Mar 2020 15:48:21 +1100
Message-Id: <20200331044825.591653-4-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

Very rudimentary, just

	echo 1 > [debugfs]/check_wx_pages

and check the kernel log.  Useful for testing strict module RWX.

Updated the Kconfig entry to reflect this.

Also fixed a typo.

Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Russell Currey <ruscur@russell.cc>
---
 arch/powerpc/Kconfig.debug      |  6 ++++--
 arch/powerpc/mm/ptdump/ptdump.c | 21 ++++++++++++++++++++-
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/arch/powerpc/Kconfig.debug b/arch/powerpc/Kconfig.debug
index 0b063830eea8..e37960ef68c6 100644
--- a/arch/powerpc/Kconfig.debug
+++ b/arch/powerpc/Kconfig.debug
@@ -370,7 +370,7 @@ config PPC_PTDUMP
 	  If you are unsure, say N.
 
 config PPC_DEBUG_WX
-	bool "Warn on W+X mappings at boot"
+	bool "Warn on W+X mappings at boot & enable manual checks at runtime"
 	depends on PPC_PTDUMP && STRICT_KERNEL_RWX
 	help
 	  Generate a warning if any W+X mappings are found at boot.
@@ -384,7 +384,9 @@ config PPC_DEBUG_WX
 	  of other unfixed kernel bugs easier.
 
 	  There is no runtime or memory usage effect of this option
-	  once the kernel has booted up - it's a one time check.
+	  once the kernel has booted up, it only automatically checks once.
+
+	  Enables the "check_wx_pages" debugfs entry for checking at runtime.
 
 	  If in doubt, say "Y".
 
diff --git a/arch/powerpc/mm/ptdump/ptdump.c b/arch/powerpc/mm/ptdump/ptdump.c
index 206156255247..a15e19a3b14e 100644
--- a/arch/powerpc/mm/ptdump/ptdump.c
+++ b/arch/powerpc/mm/ptdump/ptdump.c
@@ -4,7 +4,7 @@
  *
  * This traverses the kernel pagetables and dumps the
  * information about the used sections of memory to
- * /sys/kernel/debug/kernel_pagetables.
+ * /sys/kernel/debug/kernel_page_tables.
  *
  * Derived from the arm64 implementation:
  * Copyright (c) 2014, The Linux Foundation, Laura Abbott.
@@ -413,6 +413,25 @@ void ptdump_check_wx(void)
 	else
 		pr_info("Checked W+X mappings: passed, no W+X pages found\n");
 }
+
+static int check_wx_debugfs_set(void *data, u64 val)
+{
+	if (val != 1ULL)
+		return -EINVAL;
+
+	ptdump_check_wx();
+
+	return 0;
+}
+
+DEFINE_SIMPLE_ATTRIBUTE(check_wx_fops, NULL, check_wx_debugfs_set, "%llu\n");
+
+static int ptdump_check_wx_init(void)
+{
+	return debugfs_create_file("check_wx_pages", 0200, NULL,
+				   NULL, &check_wx_fops) ? 0 : -ENOMEM;
+}
+device_initcall(ptdump_check_wx_init);
 #endif
 
 static int ptdump_init(void)

From patchwork Tue Mar 31 04:48:22 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466717
Return-Path: 
 <SRS0=bAnh=5Q=lists.openwall.com=kernel-hardening-return-18318-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5025781
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:33 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id A9295206DB
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:32 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="HN0ge7rO";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="m0YhYt/X"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A9295206DB
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18318-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 18384 invoked by uid 550); 31 Mar 2020 04:49:06 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 18284 invoked from network); 31 Mar 2020 04:49:06 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=YdgK5wJ0mllJO
	Oyk0mWMEHi90zL9Pke/ZAcvxVO1EF0=; b=HN0ge7rOcJmVS5YSgBnI7FNcjbNK1
	yflZMlr6PjhIhFvYqnru5rzZUib0OEKBzGrkukS4Rx6P+p5YQxWdB8biNie5x0GI
	a8STiAC4/7j616u+PtpizEH5b8TT/f7WMmgIKHuV9qNPmzG47EWDb8v1cOqXeAg/
	GegXMiW9NVqJ2rYSgqhmD+IG9LRsZvA1E9YDzCV8BUrADu671L7+tO02vthswhXX
	d+1GFh8OqGgVyslTknIpj7E7zZ4/AdzVCPf6rb9HGEDVyqPa53aU+igIbzPIgHfu
	lPeOi6zuqlxDij2BHPh2q9iQc8dCL5OvCCnZXpn3NPATsmE0019vlSaMw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=YdgK5wJ0mllJOOyk0mWMEHi90zL9Pke/ZAcvxVO1EF0=; b=m0YhYt/X
	WIoOraJVRbjnE3A9OBVteVQyMODBfGLu+0us37fiUQgoKZ8nw21fLOcdH5NBLTc6
	L+3QDKS8f3zxAdL76HCDz6Ko3L77uXq+VbTCBfXjN9UYF6qoUXHELDSGJg/+LNWd
	Psy4obJJumcQFpkxOu116KpAgD3mnul1e8wLBS/VajsXR1ngT8xF59JMKW/wfOPI
	TBk4tT7kYlj5mMqOzfhrmkWHVm/+02e/ZqLc1GdqgEStZUmUbF+489pOiX2LJxUP
	bDIzE+7UGmPID01SYThJEWM9d+Me7NYqGMokPgZ6ztpq7j87BqPbQefJ8eMU6k3q
	okeiqNF65eGwPQ==
X-ME-Sender: <xms:tsuCXp6V-fsTiPeSxEayxsgA9Mcd0gkm9gBY7uzUnMr7UBMNh8mHiA>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucgfrhhlucfvnfffucdlfedtmdenucfjughrpefhvf
    fufffkofgjfhgggfestdekredtredttdenucfhrhhomheptfhushhsvghllhcuvehurhhr
    vgihuceorhhushgtuhhrsehruhhsshgvlhhlrdgttgeqnecukfhppeduvddurdeghedrvd
    duvddrvdefleenucevlhhushhtvghrufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfhhr
    ohhmpehruhhstghurhesrhhushhsvghllhdrtggt
X-ME-Proxy: <xmx:tsuCXsC-_ABZWvw9MjJ-HXmUpQ8Ay7_K5LCJxWllSqoWJAkeHFggyw>
    <xmx:tsuCXnvBrieNQmQzXrPlIioFY6-Y8LM60N0x0vqmiBzszak4wVtSZg>
    <xmx:tsuCXpvETuzyT3fjsXoxQLau2lCUChyEYrv8SywpBeJBGjgmtdaWwQ>
    <xmx:tsuCXts-4kXTA_nXvz5s6PF39QP0DGeZdFKFmcH_t9A6NI1bBp2GAA>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Russell Currey <ruscur@russell.cc>,
	christophe.leroy@c-s.fr,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com
Subject: [PATCH v7 4/7] powerpc: Set ARCH_HAS_STRICT_MODULE_RWX
Date: Tue, 31 Mar 2020 15:48:22 +1100
Message-Id: <20200331044825.591653-5-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

To enable strict module RWX on powerpc, set:

    CONFIG_STRICT_MODULE_RWX=y

You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real
security benefit.

ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STRICT_KERNEL_RWX.
This is due to a quirk in arch/Kconfig and arch/powerpc/Kconfig that
makes STRICT_MODULE_RWX *on by default* in configurations where
STRICT_KERNEL_RWX is *unavailable*.

Since this doesn't make much sense, and module RWX without kernel RWX
doesn't make much sense, having the same dependencies as kernel RWX
works around this problem.

Signed-off-by: Russell Currey <ruscur@russell.cc>
---
 arch/powerpc/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig
index bd074246e34e..e1fc7fba10bf 100644
--- a/arch/powerpc/Kconfig
+++ b/arch/powerpc/Kconfig
@@ -131,6 +131,7 @@ config PPC
 	select ARCH_HAS_SCALED_CPUTIME		if VIRT_CPU_ACCOUNTING_NATIVE && PPC_BOOK3S_64
 	select ARCH_HAS_SET_MEMORY
 	select ARCH_HAS_STRICT_KERNEL_RWX	if ((PPC_BOOK3S_64 || PPC32) && !HIBERNATION)
+	select ARCH_HAS_STRICT_MODULE_RWX	if ARCH_HAS_STRICT_KERNEL_RWX
 	select ARCH_HAS_TICK_BROADCAST		if GENERIC_CLOCKEVENTS_BROADCAST
 	select ARCH_HAS_UACCESS_FLUSHCACHE
 	select ARCH_HAS_UACCESS_MCSAFE		if PPC64

From patchwork Tue Mar 31 04:48:23 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466719
Return-Path: 
 <SRS0=/Rfk=5Q=lists.openwall.com=kernel-hardening-return-18319-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5EDF381
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:41 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id B8C6A206EB
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:40 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="nqxRHgiE";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="mn0VXpGd"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B8C6A206EB
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18319-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 19693 invoked by uid 550); 31 Mar 2020 04:49:09 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 19610 invoked from network); 31 Mar 2020 04:49:09 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=lHgLupnwwVnW8
	9H6t1yvE2k1Yy07V091CXapypcIwwE=; b=nqxRHgiEPi5NinYUkV2aNj2sL+Qc+
	kSp/2HgirIj6UqUYLLP7yByXPkcd5AaxtHJ8T5iyawOYdLjoDcY0g315ujNVXhwi
	2MucyVwY4UUTp1UfvuNMT8DaWM2AP0h/uGUn9SAqG6mnHFzoF1PTBriFM0NDzDO6
	wjnJy7uFHgO+XzMTTrKy2agUgknxxwFzWgVgT4ztwi5k7FDY/zYWRoPh6ggJFCye
	xp3vCu3+feEd9BWeO0h3zBqV008ZsdZfh1kJ2xBBejwcSHqW5rJHG/npGEOGoj4t
	yO6kLtTDYR9vMD/59z6ehlhgGnk/+EtCcK59YD82H0l1Q3QWze3piad0A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=lHgLupnwwVnW89H6t1yvE2k1Yy07V091CXapypcIwwE=; b=mn0VXpGd
	6hLPBw4/6qJ8uqM+gOHVN+he5HuYAAex8VzjnKvkeD+t+OfzIq16fm2yl3ttFRb1
	lluQcpDOXGAYCR94RqbModPGf14IFw30RKUWaoay7S9+sCtcQvNcji5dnFD8kDh8
	VgGpFACHiwrjz9jM/b2RPyDNDBdEfPfE0U9ig/9AarceDV1WKJTRbijkj6iL8pR6
	0zV9Hk31BLz7WTKNyP7T79NgM/FGvJiQpS+fWjWmM034Y+UuY6EEOBtQrHxW9wEq
	05pGoPZFea3FBrrcQu2tX9L8mXLaePxUe1G3iUYJNZMpy6U30/bzythYL670sNEp
	GE1yNuce743M8w==
X-ME-Sender: <xms:ucuCXrtTV3mSwpj6fXO5qD5ip9t_WaNwJkg_T0gCY_qUF27eMpXwxg>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    gfrhhlucfvnfffucdludehmdenucfjughrpefhvffufffkofgjfhgggfestdekredtredt
    tdenucfhrhhomheptfhushhsvghllhcuvehurhhrvgihuceorhhushgtuhhrsehruhhssh
    gvlhhlrdgttgeqnecukfhppeduvddurdeghedrvdduvddrvdefleenucevlhhushhtvghr
    ufhiiigvpedvnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvg
    hllhdrtggt
X-ME-Proxy: <xmx:ucuCXoHf7XYuHxOL2orRatnLUiLr4gonUyb_GTXxkcK8GZr62rQgEw>
    <xmx:ucuCXpOG5N0V0ubSJWX6vjZWmNET52ruNnLGRvWl9hnrfMF10aaLEg>
    <xmx:ucuCXoF3KLiaduWDwHE57yGlTw6ESOYx2U3-uLJzpbuJQYrFWzJXGQ>
    <xmx:ucuCXkAOZSFE6zv2K4MmpcTwbfzfgePYqb2HcYfFs3lc9-Nj0Xrcig>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Russell Currey <ruscur@russell.cc>,
	christophe.leroy@c-s.fr,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com,
	Joel Stanley <joel@joel.id.au>
Subject: [PATCH v7 5/7] powerpc/configs: Enable STRICT_MODULE_RWX in
 skiroot_defconfig
Date: Tue, 31 Mar 2020 15:48:23 +1100
Message-Id: <20200331044825.591653-6-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

skiroot_defconfig is the only powerpc defconfig with STRICT_KERNEL_RWX
enabled, and if you want memory protection for kernel text you'd want it
for modules too, so enable STRICT_MODULE_RWX there.

Acked-by: Joel Stanley <joel@joel.id.au>
Signed-off-by: Russell Currey <ruscur@russell.cc>
---
 arch/powerpc/configs/skiroot_defconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/arch/powerpc/configs/skiroot_defconfig b/arch/powerpc/configs/skiroot_defconfig
index 1b6bdad36b13..66d20dbe67b7 100644
--- a/arch/powerpc/configs/skiroot_defconfig
+++ b/arch/powerpc/configs/skiroot_defconfig
@@ -51,6 +51,7 @@ CONFIG_CMDLINE="console=tty0 console=hvc0 ipr.fast_reboot=1 quiet"
 # CONFIG_PPC_MEM_KEYS is not set
 CONFIG_JUMP_LABEL=y
 CONFIG_STRICT_KERNEL_RWX=y
+CONFIG_STRICT_MODULE_RWX=y
 CONFIG_MODULES=y
 CONFIG_MODULE_UNLOAD=y
 CONFIG_MODULE_SIG_FORCE=y

From patchwork Tue Mar 31 04:48:24 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466721
Return-Path: 
 <SRS0=PiJj=5Q=lists.openwall.com=kernel-hardening-return-18320-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id BDB8E912
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:50 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id 223982071A
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:49 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="Cu17Rled";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="RnDbHuxZ"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 223982071A
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18320-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 20006 invoked by uid 550); 31 Mar 2020 04:49:13 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 19906 invoked from network); 31 Mar 2020 04:49:12 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=Tu8sBLS3zJK/o
	v+DbQsiIXToGWHNJtrgCaqNu1LJZa4=; b=Cu17RledTbvGP9qHrxQ7u5IqysUMS
	DT5G851Fd0mtrMvjpAgx5PUObj6ObKNLOZ/H+tili5g4SA1GNUDxKOqFOyzPZqMo
	npDf2S7F2m4mwfKmRAcF2g3fDM/LervEbH2iC+WHD95jeBOSondDXwMPVfJHHAsk
	lR15oupGxSh9DWj9stylG4HYM5JOUh4guaMet0Qy6C2GlspZeJrXJTxbXi7l+/vk
	a2s5Olb22Ttq002CxqXJd0JjIGVIewru6maev6c3gH5RWmgEbXE3rOSfgFOUtHti
	otjIOdVY8KZk8xkGODHpW0JvssZIIAh/xEsEut+8Gs8D6vAHMZBCjF64g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=Tu8sBLS3zJK/ov+DbQsiIXToGWHNJtrgCaqNu1LJZa4=; b=RnDbHuxZ
	hiw+mgmRXxFrBpmhtTCDnHPfBpBn5nYH8xb+hs3O9ZzK8NCCf9P3c0b2CQ6Ss5qW
	5FaILYk6JHwu5Wn/MhcNcVSIGuX3GITJ31ltZ5YBRgTsaPZkBzGCKPuPhgD8P1Qn
	bRi3qDfAf2i5NNyOp0B8OBKSHvAGeKmikKUESvrBMnL4XI3wuuZc6BAVc8RcrAet
	K26I6AdKCVrl6kieOD2dsVn8I/9keuVewW9pUx/xavWN2KDJ86/APPFmCK9zIYB9
	k0AkHKU6jpDIv2fsZjA2hNvUQvX/QdK5dcTlx4bT8cEwjNAZgTh+O7JRgF5Uv+MZ
	utnmnFaxuIJeWg==
X-ME-Sender: <xms:vMuCXseam8gGwDTWofS1wES7J71yB6UfqbQn2diVMs32qSYEuSnehw>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    gfrhhlucfvnfffucdluddtmdenucfjughrpefhvffufffkofgjfhgggfestdekredtredt
    tdenucfhrhhomheptfhushhsvghllhcuvehurhhrvgihuceorhhushgtuhhrsehruhhssh
    gvlhhlrdgttgeqnecukfhppeduvddurdeghedrvdduvddrvdefleenucevlhhushhtvghr
    ufhiiigvpeehnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvg
    hllhdrtggt
X-ME-Proxy: <xmx:vMuCXqidbjrbzUIw5swJMjqqVBTSbpcDlba-A1OZOn1ejY7DWqs7uw>
    <xmx:vMuCXgQanViWEqGLW66mqKqyIH80PpRy7VzueVknOZA3fABW6PI6hA>
    <xmx:vMuCXjxLhyzDFQFIvPvkmxltVGgDuPPQvdvxDLnncbiqQ7o7_TwUHA>
    <xmx:vMuCXhmVWXLRPfFaa6Vogu5SBEVUASeFDoN9XgiKD3w7Csr1DDk36g>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Christophe Leroy <christophe.leroy@c-s.fr>,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com,
	kbuild test robot <lkp@intel.com>,
	Russell Currey <ruscur@russell.cc>
Subject: [PATCH v7 6/7] powerpc/mm: implement set_memory_attr()
Date: Tue, 31 Mar 2020 15:48:24 +1100
Message-Id: <20200331044825.591653-7-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

From: Christophe Leroy <christophe.leroy@c-s.fr>

In addition to the set_memory_xx() functions which allows to change
the memory attributes of not (yet) used memory regions, implement a
set_memory_attr() function to:
- set the final memory protection after init on currently used
kernel regions.
- enable/disable kernel memory regions in the scope of DEBUG_PAGEALLOC.

Unlike the set_memory_xx() which can act in three step as the regions
are unused, this function must modify 'on the fly' as the kernel is
executing from them. At the moment only PPC32 will use it and changing
page attributes on the fly is not an issue.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Reported-by: kbuild test robot <lkp@intel.com>
[ruscur: cast "data" to unsigned long instead of int]
Signed-off-by: Russell Currey <ruscur@russell.cc>
---
v7: Use apply_to_existing_page_range() and check for negative numpages

 arch/powerpc/include/asm/set_memory.h |  2 ++
 arch/powerpc/mm/pageattr.c            | 33 +++++++++++++++++++++++++++
 2 files changed, 35 insertions(+)

diff --git a/arch/powerpc/include/asm/set_memory.h b/arch/powerpc/include/asm/set_memory.h
index 64011ea444b4..b040094f7920 100644
--- a/arch/powerpc/include/asm/set_memory.h
+++ b/arch/powerpc/include/asm/set_memory.h
@@ -29,4 +29,6 @@ static inline int set_memory_x(unsigned long addr, int numpages)
 	return change_memory_attr(addr, numpages, SET_MEMORY_X);
 }
 
+int set_memory_attr(unsigned long addr, int numpages, pgprot_t prot);
+
 #endif
diff --git a/arch/powerpc/mm/pageattr.c b/arch/powerpc/mm/pageattr.c
index 2da3fbab6ff7..2fde1b195c85 100644
--- a/arch/powerpc/mm/pageattr.c
+++ b/arch/powerpc/mm/pageattr.c
@@ -79,3 +79,36 @@ int change_memory_attr(unsigned long addr, int numpages, long action)
 	return apply_to_existing_page_range(&init_mm, start, sz,
 					    change_page_attr, (void *)action);
 }
+
+/*
+ * Set the attributes of a page:
+ *
+ * This function is used by PPC32 at the end of init to set final kernel memory
+ * protection. It includes changing the maping of the page it is executing from
+ * and data pages it is using.
+ */
+static int set_page_attr(pte_t *ptep, unsigned long addr, void *data)
+{
+	pgprot_t prot = __pgprot((unsigned long)data);
+
+	spin_lock(&init_mm.page_table_lock);
+
+	set_pte_at(&init_mm, addr, ptep, pte_modify(*ptep, prot));
+	flush_tlb_kernel_range(addr, addr + PAGE_SIZE);
+
+	spin_unlock(&init_mm.page_table_lock);
+
+	return 0;
+}
+
+int set_memory_attr(unsigned long addr, int numpages, pgprot_t prot)
+{
+	unsigned long start = ALIGN_DOWN(addr, PAGE_SIZE);
+	unsigned long sz = numpages * PAGE_SIZE;
+
+	if (numpages <= 0)
+		return 0;
+
+	return apply_to_existing_page_range(&init_mm, start, sz, set_page_attr,
+					    (void *)pgprot_val(prot));
+}

From patchwork Tue Mar 31 04:48:25 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Russell Currey <ruscur@russell.cc>
X-Patchwork-Id: 11466723
Return-Path: 
 <SRS0=pnCW=5Q=lists.openwall.com=kernel-hardening-return-18321-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B9A05912
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:50:00 +0000 (UTC)
Received: from mother.openwall.net (mother.openwall.net [195.42.179.200])
	by mail.kernel.org (Postfix) with SMTP id E72DC206EB
	for <patchwork-kernel-hardening@patchwork.kernel.org>;
 Tue, 31 Mar 2020 04:49:59 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=russell.cc header.i=@russell.cc
 header.b="OyzXHsKO";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="UT2XjkMW"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org E72DC206EB
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=russell.cc
Authentication-Results: mail.kernel.org;
 spf=pass
 smtp.mailfrom=kernel-hardening-return-18321-patchwork-kernel-hardening=patchwork.kernel.org@lists.openwall.com
Received: (qmail 20265 invoked by uid 550); 31 Mar 2020 04:49:15 -0000
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:kernel-hardening@lists.openwall.com>
List-Help: <mailto:kernel-hardening-help@lists.openwall.com>
List-Unsubscribe: <mailto:kernel-hardening-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:kernel-hardening-subscribe@lists.openwall.com>
List-ID: <kernel-hardening.lists.openwall.com>
Delivered-To: mailing list kernel-hardening@lists.openwall.com
Received: (qmail 20153 invoked from network); 31 Mar 2020 04:49:14 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=russell.cc; h=
	from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding; s=fm1; bh=ZLAZryI+IRf6Z
	3eYrBz4DeBzmXqKWU+nW4J9jKdBaZE=; b=OyzXHsKO9hYAkc4/b9QORvxk3bRc3
	mRn0TH7gHqvRATPDGrpe0z2Mftpg82ngs/CFCdoRzwdsCc8bS3xoWdxJ02HURXvY
	cgrAor0mhZuPpFta7+oSFd6r87zqPNxY8lcHwUOP7CArnBkF3fWR/tmdDVn3T7Xo
	CJUz3PbMf6KzmvkDHJbBdIehZQ49HLfbsKvPcpTAs87ifFR9eLPQaTJLGWK53C4w
	iBwyeMCOxduWuNf3PwgKwxvFQr0fLaYbREDLozZi2MxjobTrdzIYbBTVFfQpYP2R
	XleEVWwhXjWZW+FbRoSv/D3XvVPXALRYXBR7P3gDbjq9eTpstF+mmOcBw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:date:from
	:in-reply-to:message-id:mime-version:references:subject:to
	:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=
	fm2; bh=ZLAZryI+IRf6Z3eYrBz4DeBzmXqKWU+nW4J9jKdBaZE=; b=UT2XjkMW
	hIdNaXSNFzjBV5IChTNYT8J6W7LcQvMs3P8ZDeEca9SF5oS3F3de7TYelEmOyaBO
	qOWWCoeAN5zGvtI77a3WTW1eZED1cUEO+nqtJ1PkZZQ1uHVPNzELtf/UqbSLWivr
	bmE0uvA7PJlHtwm0/uCeaigxCpG4Ig18P9xsxwPM37fQ7v4Pzm4/GX5waCi4axOS
	ihSSISxGpR5ypv54LKfEgTNQfAA2HU1tB0yBlFogd+O5xhI2gcctKwhMh0bfA/SE
	0Fqx3ltiXJQSqv0bzmmszwVlCPxj/MznDrAghAyTxyk/yNWtH4/t0hR0S1yvmlg+
	22zaVPHV6rjTXQ==
X-ME-Sender: <xms:v8uCXoZ5YuvPVKWWcoQ36K3qlwAM7ogRvxxJa5f_xaTh7pw9m_LXVA>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgedugedrudeiiedgkeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    gfrhhlucfvnfffucdludehmdenucfjughrpefhvffufffkofgjfhgggfestdekredtredt
    tdenucfhrhhomheptfhushhsvghllhcuvehurhhrvgihuceorhhushgtuhhrsehruhhssh
    gvlhhlrdgttgeqnecukfhppeduvddurdeghedrvdduvddrvdefleenucevlhhushhtvghr
    ufhiiigvpeehnecurfgrrhgrmhepmhgrihhlfhhrohhmpehruhhstghurhesrhhushhsvg
    hllhdrtggt
X-ME-Proxy: <xmx:v8uCXjHkHncorBQB6Q-3EtMMNexMA31cl0li3ZiDkZ5JHO3DouL34Q>
    <xmx:v8uCXum0z7YsDTYBOe_FRnFBu6ZOkk5PacatM-Zm9HgRSZsD0dMiWA>
    <xmx:v8uCXuegEz8Avm0hi3_cxeGJ3E0KoKV41kG6AKxCZVBhThIJW2bG9Q>
    <xmx:v8uCXlLQRi2xoVhAKi1hwjoXx_saPzt4VUmBxOLP7r-v7ivTvzdjug>
From: Russell Currey <ruscur@russell.cc>
To: linuxppc-dev@lists.ozlabs.org
Cc: Christophe Leroy <christophe.leroy@c-s.fr>,
	mpe@ellerman.id.au,
	ajd@linux.ibm.com,
	dja@axtens.net,
	npiggin@gmail.com,
	kernel-hardening@lists.openwall.com
Subject: [PATCH v7 7/7] powerpc/32: use set_memory_attr()
Date: Tue, 31 Mar 2020 15:48:25 +1100
Message-Id: <20200331044825.591653-8-ruscur@russell.cc>
X-Mailer: git-send-email 2.26.0
In-Reply-To: <20200331044825.591653-1-ruscur@russell.cc>
References: <20200331044825.591653-1-ruscur@russell.cc>
MIME-Version: 1.0

From: Christophe Leroy <christophe.leroy@c-s.fr>

Use set_memory_attr() instead of the PPC32 specific change_page_attr()

change_page_attr() was checking that the address was not mapped by
blocks and was handling highmem, but that's unneeded because the
affected pages can't be in highmem and block mapping verification
is already done by the callers.

Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
---
 arch/powerpc/mm/pgtable_32.c | 95 ++++--------------------------------
 1 file changed, 10 insertions(+), 85 deletions(-)

diff --git a/arch/powerpc/mm/pgtable_32.c b/arch/powerpc/mm/pgtable_32.c
index 5fb90edd865e..3d92eaf3ee2f 100644
--- a/arch/powerpc/mm/pgtable_32.c
+++ b/arch/powerpc/mm/pgtable_32.c
@@ -23,6 +23,7 @@
 #include <linux/highmem.h>
 #include <linux/memblock.h>
 #include <linux/slab.h>
+#include <linux/set_memory.h>
 
 #include <asm/pgtable.h>
 #include <asm/pgalloc.h>
@@ -121,99 +122,20 @@ void __init mapin_ram(void)
 	}
 }
 
-/* Scan the real Linux page tables and return a PTE pointer for
- * a virtual address in a context.
- * Returns true (1) if PTE was found, zero otherwise.  The pointer to
- * the PTE pointer is unmodified if PTE is not found.
- */
-static int
-get_pteptr(struct mm_struct *mm, unsigned long addr, pte_t **ptep, pmd_t **pmdp)
-{
-        pgd_t	*pgd;
-	pud_t	*pud;
-        pmd_t	*pmd;
-        pte_t	*pte;
-        int     retval = 0;
-
-        pgd = pgd_offset(mm, addr & PAGE_MASK);
-        if (pgd) {
-		pud = pud_offset(pgd, addr & PAGE_MASK);
-		if (pud && pud_present(*pud)) {
-			pmd = pmd_offset(pud, addr & PAGE_MASK);
-			if (pmd_present(*pmd)) {
-				pte = pte_offset_map(pmd, addr & PAGE_MASK);
-				if (pte) {
-					retval = 1;
-					*ptep = pte;
-					if (pmdp)
-						*pmdp = pmd;
-					/* XXX caller needs to do pte_unmap, yuck */
-				}
-			}
-		}
-        }
-        return(retval);
-}
-
-static int __change_page_attr_noflush(struct page *page, pgprot_t prot)
-{
-	pte_t *kpte;
-	pmd_t *kpmd;
-	unsigned long address;
-
-	BUG_ON(PageHighMem(page));
-	address = (unsigned long)page_address(page);
-
-	if (v_block_mapped(address))
-		return 0;
-	if (!get_pteptr(&init_mm, address, &kpte, &kpmd))
-		return -EINVAL;
-	__set_pte_at(&init_mm, address, kpte, mk_pte(page, prot), 0);
-	pte_unmap(kpte);
-
-	return 0;
-}
-
-/*
- * Change the page attributes of an page in the linear mapping.
- *
- * THIS DOES NOTHING WITH BAT MAPPINGS, DEBUG USE ONLY
- */
-static int change_page_attr(struct page *page, int numpages, pgprot_t prot)
-{
-	int i, err = 0;
-	unsigned long flags;
-	struct page *start = page;
-
-	local_irq_save(flags);
-	for (i = 0; i < numpages; i++, page++) {
-		err = __change_page_attr_noflush(page, prot);
-		if (err)
-			break;
-	}
-	wmb();
-	local_irq_restore(flags);
-	flush_tlb_kernel_range((unsigned long)page_address(start),
-			       (unsigned long)page_address(page));
-	return err;
-}
-
 void mark_initmem_nx(void)
 {
-	struct page *page = virt_to_page(_sinittext);
 	unsigned long numpages = PFN_UP((unsigned long)_einittext) -
 				 PFN_DOWN((unsigned long)_sinittext);
 
 	if (v_block_mapped((unsigned long)_stext + 1))
 		mmu_mark_initmem_nx();
 	else
-		change_page_attr(page, numpages, PAGE_KERNEL);
+		set_memory_attr((unsigned long)_sinittext, numpages, PAGE_KERNEL);
 }
 
 #ifdef CONFIG_STRICT_KERNEL_RWX
 void mark_rodata_ro(void)
 {
-	struct page *page;
 	unsigned long numpages;
 
 	if (v_block_mapped((unsigned long)_sinittext)) {
@@ -222,20 +144,18 @@ void mark_rodata_ro(void)
 		return;
 	}
 
-	page = virt_to_page(_stext);
 	numpages = PFN_UP((unsigned long)_etext) -
 		   PFN_DOWN((unsigned long)_stext);
 
-	change_page_attr(page, numpages, PAGE_KERNEL_ROX);
+	set_memory_attr((unsigned long)_stext, numpages, PAGE_KERNEL_ROX);
 	/*
 	 * mark .rodata as read only. Use __init_begin rather than __end_rodata
 	 * to cover NOTES and EXCEPTION_TABLE.
 	 */
-	page = virt_to_page(__start_rodata);
 	numpages = PFN_UP((unsigned long)__init_begin) -
 		   PFN_DOWN((unsigned long)__start_rodata);
 
-	change_page_attr(page, numpages, PAGE_KERNEL_RO);
+	set_memory_attr((unsigned long)__start_rodata, numpages, PAGE_KERNEL_RO);
 
 	// mark_initmem_nx() should have already run by now
 	ptdump_check_wx();
@@ -245,9 +165,14 @@ void mark_rodata_ro(void)
 #ifdef CONFIG_DEBUG_PAGEALLOC
 void __kernel_map_pages(struct page *page, int numpages, int enable)
 {
+	unsigned long addr = (unsigned long)page_address(page);
+
 	if (PageHighMem(page))
 		return;
 
-	change_page_attr(page, numpages, enable ? PAGE_KERNEL : __pgprot(0));
+	if (enable)
+		set_memory_attr(addr, numpages, PAGE_KERNEL);
+	else
+		set_memory_attr(addr, numpages, __pgprot(0));
 }
 #endif /* CONFIG_DEBUG_PAGEALLOC */