git.baikalelectronics.ru Git - kernel.git/commit

author	Ard Biesheuvel <ard.biesheuvel@linaro.org>
	Wed, 7 Nov 2018 10:36:20 +0000 (11:36 +0100)
committer	Will Deacon <will.deacon@arm.com>
	Tue, 20 Nov 2018 11:38:26 +0000 (11:38 +0000)
commit	e74d2a3f9cc84609eebd90a778c1f564b44c74c1
tree	666149c1da45a23a876980c1ba77e260a8f133a3	tree \| snapshot
parent	755d0968e2880b6ecb748c047fed1f4c39a1fad4	commit \| diff

arm64: mm: apply r/o permissions of VM areas to its linear alias as well

On arm64, we use block mappings and contiguous hints to map the linear
region, to minimize the TLB footprint. However, this means that the
entire region is mapped using read/write permissions, which we cannot
modify at page granularity without having to take intrusive measures to
prevent TLB conflicts.

This means the linear aliases of pages belonging to read-only mappings
(executable or otherwise) in the vmalloc region are also mapped read/write,
and could potentially be abused to modify things like module code, bpf JIT
code or other read-only data.

So let's fix this, by extending the set_memory_ro/rw routines to take
the linear alias into account. The consequence of enabling this is
that we can no longer use block mappings or contiguous hints, so in
cases where the TLB footprint of the linear region is a bottleneck,
performance may be affected.

Therefore, allow this feature to be runtime en/disabled, by setting
rodata=full (or 'on' to disable just this enhancement, or 'off' to
disable read-only mappings for code and r/o data entirely) on the
kernel command line. Also, allow the default value to be set via a
Kconfig option.

Tested-by: Laura Abbott <labbott@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>

arch/arm64/Kconfig		diff \| blob \| history
arch/arm64/include/asm/mmu_context.h		diff \| blob \| history
arch/arm64/mm/mmu.c		diff \| blob \| history
arch/arm64/mm/pageattr.c		diff \| blob \| history