On Fri, 29 May 2026, at 10:49, Kevin Brodsky wrote: > On 29/05/2026 10:34, Ard Biesheuvel wrote: >> On Fri, 29 May 2026, at 10:29, Kevin Brodsky wrote: >>> On 26/05/2026 19:59, Ard Biesheuvel wrote: >>>> From: Ard Biesheuvel <[email protected]> >>>> >>>> The linear aliases of the kernel text and rodata are mapped read-only in >>>> the linear map as well. Given that the contents of these regions are >>>> mostly identical to the version in the loadable image, mapping them >>>> read-only and leaving their contents visible is a reasonable hardening >>>> measure. >>>> >>>> Data and bss, however, are now also mapped read-only but the contents of >>>> these regions are more likely to contain data that we'd rather not leak. >>>> So let's unmap these entirely in the linear map when the kernel is >>>> running normally. >>>> >>>> When going into hibernation or waking up from it, these regions need to >>>> be mapped, so map the region initially, and toggle the valid bit so >>>> map/unmap the region as needed. (While the hibernation snapshot logic >>>> seems able to map inaccessible pages as needed, it currently disregards >>>> non-present pages entirely.) >>> I'm not sure I understand this, is there something wrong with the >>> kernel_page_present() check in safe_copy_page()? >>> >> No. If the hibernate code decides to snapshot a page and it is not mapped, >> safe_copy_page() will do the right thing and map it on demand. >> >> The problem is that pages belonging to the kernel image are marked as >> PageReserved, and so the hibernation logic will not even consider the >> pages for snapshotting if they are not mapped. > > Right I see the check in saveable_page() now. Maybe it would be worth > spelling it out in the commit message (hibernation logic ignores > non-present Reserved pages). >
Yeah it's there but clearly not spelled out sufficiently :-)
