Re: [PATCH RFC] x86: check for and defend against BIOS memorycorruption

[Hugh Dickins]

On Mon, 8 Sep 2008, Jeremy Fitzhardinge wrote:
> 
> Well, if we never want the direct map to be non-executable (which I

One too many negatives?

> think would be OK, since all the code is either core kernel or modules
> which are mapped elsewhere),

I had thought so until just before replying.

> then we can set NX on the level4 for the
> linear mapping which will make everything below non-executable.

That would be much the neatest answer: I hadn't realized
that inheritance (perhaps I'm still living in early-i386 days,
when IIRC there was a bug in inheriting WP from higher levels).

But then I stumbled across static_protections() in pageattr.c
(takes both addr and pfn, latter seems weird), whose BIOS_BEGIN
and BIOS_END seem to echo the ISA_START_ADDR and ISA_END_ADDR
used by is_ISA_range() in ioremap.c.

And peering at the pagetables I've got here for that area of the
direct map in 2.6.26 x86_64, yes, I'm missing NX from 0xc0000 to
0xfffff (presumably nothing tried to ioremap 0xa0000 to 0xbffff).

A simple answer might be to go the way you suggest, but remove
the special casing from pageattr.c and ioremap.c; but I fear
that will slow something down, or introduce further bugs.

Hugh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/