mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-01 10:45:49 +00:00
mm: Introduce set_memory_rox()
Because endlessly repeating: set_memory_ro() set_memory_x() is getting tedious. Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://lkml.kernel.org/r/Y1jek64pXOsougmz@hirez.programming.kicks-ass.net
This commit is contained in:
parent
414ebf148c
commit
d48567c9a0
@ -10,11 +10,11 @@
|
|||||||
#include <linux/kernel.h>
|
#include <linux/kernel.h>
|
||||||
#include <linux/init.h>
|
#include <linux/init.h>
|
||||||
#include <linux/io.h>
|
#include <linux/io.h>
|
||||||
|
#include <linux/set_memory.h>
|
||||||
|
|
||||||
#include <asm/fncpy.h>
|
#include <asm/fncpy.h>
|
||||||
#include <asm/tlb.h>
|
#include <asm/tlb.h>
|
||||||
#include <asm/cacheflush.h>
|
#include <asm/cacheflush.h>
|
||||||
#include <asm/set_memory.h>
|
|
||||||
|
|
||||||
#include <asm/mach/map.h>
|
#include <asm/mach/map.h>
|
||||||
|
|
||||||
@ -74,8 +74,7 @@ void *omap_sram_push(void *funcp, unsigned long size)
|
|||||||
|
|
||||||
dst = fncpy(sram, funcp, size);
|
dst = fncpy(sram, funcp, size);
|
||||||
|
|
||||||
set_memory_ro(base, pages);
|
set_memory_rox(base, pages);
|
||||||
set_memory_x(base, pages);
|
|
||||||
|
|
||||||
return dst;
|
return dst;
|
||||||
}
|
}
|
||||||
@ -126,8 +125,7 @@ static void __init omap_detect_and_map_sram(void)
|
|||||||
base = (unsigned long)omap_sram_base;
|
base = (unsigned long)omap_sram_base;
|
||||||
pages = PAGE_ALIGN(omap_sram_size) / PAGE_SIZE;
|
pages = PAGE_ALIGN(omap_sram_size) / PAGE_SIZE;
|
||||||
|
|
||||||
set_memory_ro(base, pages);
|
set_memory_rox(base, pages);
|
||||||
set_memory_x(base, pages);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void (*_omap_sram_reprogram_clock)(u32 dpllctl, u32 ckctl);
|
static void (*_omap_sram_reprogram_clock)(u32 dpllctl, u32 ckctl);
|
||||||
|
@ -14,11 +14,11 @@
|
|||||||
#include <linux/kernel.h>
|
#include <linux/kernel.h>
|
||||||
#include <linux/init.h>
|
#include <linux/init.h>
|
||||||
#include <linux/io.h>
|
#include <linux/io.h>
|
||||||
|
#include <linux/set_memory.h>
|
||||||
|
|
||||||
#include <asm/fncpy.h>
|
#include <asm/fncpy.h>
|
||||||
#include <asm/tlb.h>
|
#include <asm/tlb.h>
|
||||||
#include <asm/cacheflush.h>
|
#include <asm/cacheflush.h>
|
||||||
#include <asm/set_memory.h>
|
|
||||||
|
|
||||||
#include <asm/mach/map.h>
|
#include <asm/mach/map.h>
|
||||||
|
|
||||||
@ -96,8 +96,7 @@ void *omap_sram_push(void *funcp, unsigned long size)
|
|||||||
|
|
||||||
dst = fncpy(sram, funcp, size);
|
dst = fncpy(sram, funcp, size);
|
||||||
|
|
||||||
set_memory_ro(base, pages);
|
set_memory_rox(base, pages);
|
||||||
set_memory_x(base, pages);
|
|
||||||
|
|
||||||
return dst;
|
return dst;
|
||||||
}
|
}
|
||||||
@ -217,8 +216,7 @@ static void __init omap2_map_sram(void)
|
|||||||
base = (unsigned long)omap_sram_base;
|
base = (unsigned long)omap_sram_base;
|
||||||
pages = PAGE_ALIGN(omap_sram_size) / PAGE_SIZE;
|
pages = PAGE_ALIGN(omap_sram_size) / PAGE_SIZE;
|
||||||
|
|
||||||
set_memory_ro(base, pages);
|
set_memory_rox(base, pages);
|
||||||
set_memory_x(base, pages);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void (*_omap2_sram_ddr_init)(u32 *slow_dll_ctrl, u32 fast_dll_ctrl,
|
static void (*_omap2_sram_ddr_init)(u32 *slow_dll_ctrl, u32 fast_dll_ctrl,
|
||||||
|
@ -20,12 +20,12 @@
|
|||||||
#include <linux/kdebug.h>
|
#include <linux/kdebug.h>
|
||||||
#include <linux/slab.h>
|
#include <linux/slab.h>
|
||||||
#include <linux/moduleloader.h>
|
#include <linux/moduleloader.h>
|
||||||
|
#include <linux/set_memory.h>
|
||||||
#include <asm/code-patching.h>
|
#include <asm/code-patching.h>
|
||||||
#include <asm/cacheflush.h>
|
#include <asm/cacheflush.h>
|
||||||
#include <asm/sstep.h>
|
#include <asm/sstep.h>
|
||||||
#include <asm/sections.h>
|
#include <asm/sections.h>
|
||||||
#include <asm/inst.h>
|
#include <asm/inst.h>
|
||||||
#include <asm/set_memory.h>
|
|
||||||
#include <linux/uaccess.h>
|
#include <linux/uaccess.h>
|
||||||
|
|
||||||
DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL;
|
DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL;
|
||||||
@ -134,10 +134,9 @@ void *alloc_insn_page(void)
|
|||||||
if (!page)
|
if (!page)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (strict_module_rwx_enabled()) {
|
if (strict_module_rwx_enabled())
|
||||||
set_memory_ro((unsigned long)page, 1);
|
set_memory_rox((unsigned long)page, 1);
|
||||||
set_memory_x((unsigned long)page, 1);
|
|
||||||
}
|
|
||||||
return page;
|
return page;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -24,10 +24,10 @@
|
|||||||
#include <linux/module.h>
|
#include <linux/module.h>
|
||||||
#include <linux/memory.h>
|
#include <linux/memory.h>
|
||||||
#include <linux/vmalloc.h>
|
#include <linux/vmalloc.h>
|
||||||
|
#include <linux/set_memory.h>
|
||||||
|
|
||||||
#include <trace/syscall.h>
|
#include <trace/syscall.h>
|
||||||
|
|
||||||
#include <asm/set_memory.h>
|
|
||||||
#include <asm/kprobes.h>
|
#include <asm/kprobes.h>
|
||||||
#include <asm/ftrace.h>
|
#include <asm/ftrace.h>
|
||||||
#include <asm/nops.h>
|
#include <asm/nops.h>
|
||||||
@ -415,8 +415,7 @@ create_trampoline(struct ftrace_ops *ops, unsigned int *tramp_size)
|
|||||||
|
|
||||||
set_vm_flush_reset_perms(trampoline);
|
set_vm_flush_reset_perms(trampoline);
|
||||||
|
|
||||||
set_memory_ro((unsigned long)trampoline, npages);
|
set_memory_rox((unsigned long)trampoline, npages);
|
||||||
set_memory_x((unsigned long)trampoline, npages);
|
|
||||||
return (unsigned long)trampoline;
|
return (unsigned long)trampoline;
|
||||||
fail:
|
fail:
|
||||||
tramp_free(trampoline);
|
tramp_free(trampoline);
|
||||||
|
@ -43,6 +43,7 @@
|
|||||||
#include <linux/objtool.h>
|
#include <linux/objtool.h>
|
||||||
#include <linux/vmalloc.h>
|
#include <linux/vmalloc.h>
|
||||||
#include <linux/pgtable.h>
|
#include <linux/pgtable.h>
|
||||||
|
#include <linux/set_memory.h>
|
||||||
|
|
||||||
#include <asm/text-patching.h>
|
#include <asm/text-patching.h>
|
||||||
#include <asm/cacheflush.h>
|
#include <asm/cacheflush.h>
|
||||||
@ -51,7 +52,6 @@
|
|||||||
#include <asm/alternative.h>
|
#include <asm/alternative.h>
|
||||||
#include <asm/insn.h>
|
#include <asm/insn.h>
|
||||||
#include <asm/debugreg.h>
|
#include <asm/debugreg.h>
|
||||||
#include <asm/set_memory.h>
|
|
||||||
#include <asm/ibt.h>
|
#include <asm/ibt.h>
|
||||||
|
|
||||||
#include "common.h"
|
#include "common.h"
|
||||||
@ -415,17 +415,12 @@ void *alloc_insn_page(void)
|
|||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
set_vm_flush_reset_perms(page);
|
set_vm_flush_reset_perms(page);
|
||||||
/*
|
|
||||||
* First make the page read-only, and only then make it executable to
|
|
||||||
* prevent it from being W+X in between.
|
|
||||||
*/
|
|
||||||
set_memory_ro((unsigned long)page, 1);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* TODO: Once additional kernel code protection mechanisms are set, ensure
|
* TODO: Once additional kernel code protection mechanisms are set, ensure
|
||||||
* that the page was not maliciously altered and it is still zeroed.
|
* that the page was not maliciously altered and it is still zeroed.
|
||||||
*/
|
*/
|
||||||
set_memory_x((unsigned long)page, 1);
|
set_memory_rox((unsigned long)page, 1);
|
||||||
|
|
||||||
return page;
|
return page;
|
||||||
}
|
}
|
||||||
|
@ -10,9 +10,9 @@
|
|||||||
#include <linux/genalloc.h>
|
#include <linux/genalloc.h>
|
||||||
#include <linux/mm.h>
|
#include <linux/mm.h>
|
||||||
#include <linux/sram.h>
|
#include <linux/sram.h>
|
||||||
|
#include <linux/set_memory.h>
|
||||||
|
|
||||||
#include <asm/fncpy.h>
|
#include <asm/fncpy.h>
|
||||||
#include <asm/set_memory.h>
|
|
||||||
|
|
||||||
#include "sram.h"
|
#include "sram.h"
|
||||||
|
|
||||||
@ -106,10 +106,7 @@ void *sram_exec_copy(struct gen_pool *pool, void *dst, void *src,
|
|||||||
|
|
||||||
dst_cpy = fncpy(dst, src, size);
|
dst_cpy = fncpy(dst, src, size);
|
||||||
|
|
||||||
ret = set_memory_ro((unsigned long)base, pages);
|
ret = set_memory_rox((unsigned long)base, pages);
|
||||||
if (ret)
|
|
||||||
goto error_out;
|
|
||||||
ret = set_memory_x((unsigned long)base, pages);
|
|
||||||
if (ret)
|
if (ret)
|
||||||
goto error_out;
|
goto error_out;
|
||||||
|
|
||||||
|
@ -860,8 +860,7 @@ static inline void bpf_prog_lock_ro(struct bpf_prog *fp)
|
|||||||
static inline void bpf_jit_binary_lock_ro(struct bpf_binary_header *hdr)
|
static inline void bpf_jit_binary_lock_ro(struct bpf_binary_header *hdr)
|
||||||
{
|
{
|
||||||
set_vm_flush_reset_perms(hdr);
|
set_vm_flush_reset_perms(hdr);
|
||||||
set_memory_ro((unsigned long)hdr, hdr->size >> PAGE_SHIFT);
|
set_memory_rox((unsigned long)hdr, hdr->size >> PAGE_SHIFT);
|
||||||
set_memory_x((unsigned long)hdr, hdr->size >> PAGE_SHIFT);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int sk_filter_trim_cap(struct sock *sk, struct sk_buff *skb, unsigned int cap);
|
int sk_filter_trim_cap(struct sock *sk, struct sk_buff *skb, unsigned int cap);
|
||||||
|
@ -14,6 +14,14 @@ static inline int set_memory_x(unsigned long addr, int numpages) { return 0; }
|
|||||||
static inline int set_memory_nx(unsigned long addr, int numpages) { return 0; }
|
static inline int set_memory_nx(unsigned long addr, int numpages) { return 0; }
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
static inline int set_memory_rox(unsigned long addr, int numpages)
|
||||||
|
{
|
||||||
|
int ret = set_memory_ro(addr, numpages);
|
||||||
|
if (ret)
|
||||||
|
return ret;
|
||||||
|
return set_memory_x(addr, numpages);
|
||||||
|
}
|
||||||
|
|
||||||
#ifndef CONFIG_ARCH_HAS_SET_DIRECT_MAP
|
#ifndef CONFIG_ARCH_HAS_SET_DIRECT_MAP
|
||||||
static inline int set_direct_map_invalid_noflush(struct page *page)
|
static inline int set_direct_map_invalid_noflush(struct page *page)
|
||||||
{
|
{
|
||||||
|
@ -494,8 +494,7 @@ static int bpf_struct_ops_map_update_elem(struct bpf_map *map, void *key,
|
|||||||
refcount_set(&kvalue->refcnt, 1);
|
refcount_set(&kvalue->refcnt, 1);
|
||||||
bpf_map_inc(map);
|
bpf_map_inc(map);
|
||||||
|
|
||||||
set_memory_ro((long)st_map->image, 1);
|
set_memory_rox((long)st_map->image, 1);
|
||||||
set_memory_x((long)st_map->image, 1);
|
|
||||||
err = st_ops->reg(kdata);
|
err = st_ops->reg(kdata);
|
||||||
if (likely(!err)) {
|
if (likely(!err)) {
|
||||||
/* Pair with smp_load_acquire() during lookup_elem().
|
/* Pair with smp_load_acquire() during lookup_elem().
|
||||||
|
@ -864,8 +864,7 @@ static struct bpf_prog_pack *alloc_new_pack(bpf_jit_fill_hole_t bpf_fill_ill_ins
|
|||||||
list_add_tail(&pack->list, &pack_list);
|
list_add_tail(&pack->list, &pack_list);
|
||||||
|
|
||||||
set_vm_flush_reset_perms(pack->ptr);
|
set_vm_flush_reset_perms(pack->ptr);
|
||||||
set_memory_ro((unsigned long)pack->ptr, BPF_PROG_PACK_SIZE / PAGE_SIZE);
|
set_memory_rox((unsigned long)pack->ptr, BPF_PROG_PACK_SIZE / PAGE_SIZE);
|
||||||
set_memory_x((unsigned long)pack->ptr, BPF_PROG_PACK_SIZE / PAGE_SIZE);
|
|
||||||
return pack;
|
return pack;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -883,8 +882,7 @@ void *bpf_prog_pack_alloc(u32 size, bpf_jit_fill_hole_t bpf_fill_ill_insns)
|
|||||||
if (ptr) {
|
if (ptr) {
|
||||||
bpf_fill_ill_insns(ptr, size);
|
bpf_fill_ill_insns(ptr, size);
|
||||||
set_vm_flush_reset_perms(ptr);
|
set_vm_flush_reset_perms(ptr);
|
||||||
set_memory_ro((unsigned long)ptr, size / PAGE_SIZE);
|
set_memory_rox((unsigned long)ptr, size / PAGE_SIZE);
|
||||||
set_memory_x((unsigned long)ptr, size / PAGE_SIZE);
|
|
||||||
}
|
}
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
@ -468,8 +468,7 @@ static int bpf_trampoline_update(struct bpf_trampoline *tr, bool lock_direct_mut
|
|||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
set_memory_ro((long)im->image, 1);
|
set_memory_rox((long)im->image, 1);
|
||||||
set_memory_x((long)im->image, 1);
|
|
||||||
|
|
||||||
WARN_ON(tr->cur_image && tr->selector == 0);
|
WARN_ON(tr->cur_image && tr->selector == 0);
|
||||||
WARN_ON(!tr->cur_image && tr->selector);
|
WARN_ON(!tr->cur_image && tr->selector);
|
||||||
|
@ -124,8 +124,7 @@ int bpf_struct_ops_test_run(struct bpf_prog *prog, const union bpf_attr *kattr,
|
|||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
set_memory_ro((long)image, 1);
|
set_memory_rox((long)image, 1);
|
||||||
set_memory_x((long)image, 1);
|
|
||||||
prog_ret = dummy_ops_call_op(image, args);
|
prog_ret = dummy_ops_call_op(image, args);
|
||||||
|
|
||||||
err = dummy_ops_copy_args(args);
|
err = dummy_ops_copy_args(args);
|
||||||
|
Loading…
Reference in New Issue
Block a user