Re: [PATCH 4/6] powerpc/mm/64s/hash: Factor out change_memory_range()

2021-03-15 Thread Michael Ellerman
Daniel Axtens writes: > Michael Ellerman writes: > >> Pull the loop calling hpte_updateboltedpp() out of >> hash__change_memory_range() into a helper function. We need it to be a >> separate function for the next patch. >> >> Signed-off-by: Michael Ellerman >> --- >> arch/powerpc/mm/book3s64/ha

Re: [PATCH v9 2/8] powerpc/lib/code-patching: Set up Strict RWX patching earlier

2021-03-15 Thread Christophe Leroy
Le 16/03/2021 à 04:17, Jordan Niethe a écrit : setup_text_poke_area() is a late init call so it runs before mark_rodata_ro() and after the init calls. This lets all the init code patching simply write to their locations. In the future, kprobes is going to allocate its instruction pages RO whic

Re: [PATCH 5/6] powerpc/mm/64s/hash: Add real-mode change_memory_range() for hash LPAR

2021-03-15 Thread Michael Ellerman
Nicholas Piggin writes: > Excerpts from Michael Ellerman's message of February 11, 2021 11:51 pm: >> When we enabled STRICT_KERNEL_RWX we received some reports of boot >> failures when using the Hash MMU and running under phyp. The crashes >> are intermittent, and often exhibit as a completely unr

Re: [PATCH v9 3/8] powerpc/kprobes: Mark newly allocated probes as RO

2021-03-15 Thread Christophe Leroy
Le 16/03/2021 à 04:17, Jordan Niethe a écrit : From: Russell Currey With CONFIG_STRICT_KERNEL_RWX=y and CONFIG_KPROBES=y, there will be one W+X page at boot by default. This can be tested with CONFIG_PPC_PTDUMP=y and CONFIG_PPC_DEBUG_WX=y set, and checking the kernel log during boot. Thi

Re: [PATCH v9 4/8] powerpc/mm/ptdump: debugfs handler for W+X checks at runtime

2021-03-15 Thread Christophe Leroy
Le 16/03/2021 à 04:17, Jordan Niethe a écrit : From: Russell Currey Very rudimentary, just echo 1 > [debugfs]/check_wx_pages and check the kernel log. Useful for testing strict module RWX. Updated the Kconfig entry to reflect this. Also fixed a typo. Why not just perform the t

Re: [PATCH v9 5/8] powerpc: Set ARCH_HAS_STRICT_MODULE_RWX

2021-03-15 Thread Christophe Leroy
Le 16/03/2021 à 04:17, Jordan Niethe a écrit : From: Russell Currey To enable strict module RWX on powerpc, set: CONFIG_STRICT_MODULE_RWX=y You should also have CONFIG_STRICT_KERNEL_RWX=y set to have any real security benefit. ARCH_HAS_STRICT_MODULE_RWX is set to require ARCH_HAS_STR

Re: [PATCH] powerpc: arch/powerpc/kernel/setup_64.c - cleanup warnings

2021-03-15 Thread Christophe Leroy
Le 16/03/2021 à 05:11, He Ying a écrit : warning: symbol 'rfi_flush' was not declared. warning: symbol 'entry_flush' was not declared. warning: symbol 'uaccess_flush' was not declared. We found warnings above in arch/powerpc/kernel/setup_64.c by using sparse tool. Define 'entry_flush' and 'ua

<    1   2