like sparc
that already have normal kernel memory as executable. This patch fixes the usage
of this flag on sparc to also fix it in case the root cause is also an issue on
other architectures. Separately we can disable usage of VM_FLUSH_RESET_PERMS for
these architectures if desired.
Rick
rmsissions")
Reported-by: Meelis Roos
Cc: Meelis Roos
Cc: Peter Zijlstra
Cc: "David S. Miller"
Cc: Dave Hansen
Cc: Borislav Petkov
Cc: Andy Lutomirski
Cc: Ingo Molnar
Cc: Nadav Amit
Signed-off-by: Rick Edgecombe
---
mm/vmalloc.c | 23 +--
1 file chan
g some text in vmalloc so that calls can be in relative jump
range. For example, a BPF library program could maybe be re-mapped multiple
times so that a copy is always near the caller and so we could use the faster
calls.
Rick Edgecombe (4):
bpf, x64: Implement BPF call retpoline
bpf,
insertion would fail, or
BPF would fallback to the interpreter.
In the case of using vmalloc, it is not charged against bpf_jit_limit.
Cc: Daniel Borkmann
Cc: Alexei Starovoitov
Signed-off-by: Rick Edgecombe
---
arch/x86/net/bpf_jit_comp.c | 32
1 file changed, 32
, however the allocation
may be larger at the end when using retpoline due the thunk emitted at
the end.
Cc: Daniel Borkmann
Cc: Alexei Starovoitov
Signed-off-by: Rick Edgecombe
---
arch/x86/net/bpf_jit_comp.c | 117 +---
1 file changed, 94 insertions(+), 23
: Rick Edgecombe
---
include/linux/filter.h | 3 +++
kernel/bpf/core.c | 20 +++-
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/include/linux/filter.h b/include/linux/filter.h
index ad106d845b22..33c0ae5990e1 100644
--- a/include/linux/filter.h
+++ b/include
Add x86 call retpoline sequence from the "Intel Retpoline: A Branch Target
Injection Mitigation White Paper" for BPF JIT compiler. Unlike the paper
it uses RBX instead of RAX since RAX is part of the BPF calling
convetions.
Cc: Daniel Borkmann
Cc: Alexei Starovoitov
Signed-of
better communicate
their different (non-flushing) behavior from the rest of the set_pages_*
functions.
The method for doing this with only 1 TLB flush was suggested by Andy
Lutomirski.
Suggested-by: Andy Lutomirski
Signed-off-by: Rick Edgecombe
---
arch/x86/include/asm/set_memory.h | 2 +
arch
27;s next version of his
patchset
Changes since v1:
- New efficient algorithm on x86 for tearing down executable RO memory and
flag for this (Andy Lutomirski)
- Have no W^X violating window on tear down (Nadav Amit)
Rick Edgecombe (4):
vmalloc: New flags for safe vfree on special perm
This switches to use the new vmalloc flags to control freeing memory with
special permissions.
Signed-off-by: Rick Edgecombe
---
include/linux/filter.h | 26 --
kernel/bpf/core.c | 1 -
2 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/include/linux
Add new flags for handling freeing of special permissioned memory in vmalloc,
and remove places where the handling was done in module.c.
This will enable this flag for all architectures.
Signed-off-by: Rick Edgecombe
---
kernel/module.c | 43 ---
1 file
Suggested-by: Andy Lutomirski
Suggested-by: Will Deacon
Signed-off-by: Rick Edgecombe
---
include/linux/vmalloc.h | 2 ++
mm/vmalloc.c| 73 +
2 files changed, 69 insertions(+), 6 deletions(-)
diff --git a/include/linux/vmalloc.h b/include/linux
freeing the pages.
If this solution seems good I can plug the flag in for other architectures that
define PAGE_KERNEL_EXEC.
Rick Edgecombe (2):
vmalloc: New flag for flush before releasing pages
x86/modules: Make x86 allocs to flush when free
arch/x86/kernel/module.c | 4 ++--
include/linux
.
Suggested-by: Dave Hansen
Suggested-by: Andy Lutomirski
Suggested-by: Will Deacon
Signed-off-by: Rick Edgecombe
---
include/linux/vmalloc.h | 1 +
mm/vmalloc.c| 13 +++--
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/include/linux/vmalloc.h b/include
Change the module allocations to flush before freeing the pages.
Signed-off-by: Rick Edgecombe
---
arch/x86/kernel/module.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/module.c b/arch/x86/kernel/module.c
index b052e883dd8c..1694daf256b3 100644
--- a
15 matches
Mail list logo
