Re: [tip:x86/mm] x86/mm: Warn on W^X mappings

[Arjan van de Ven]

On 10/6/2015 2:54 AM, tip-bot for Stephen Smalley wrote:
> Commit-ID:  e1a58320a38dfa72be48a0f1a3a92273663ba6db
> Gitweb:     http://git.kernel.org/tip/e1a58320a38dfa72be48a0f1a3a92273663ba6db
> Author:     Stephen Smalley <sds@xxxxxxxxxxxxx>
> AuthorDate: Mon, 5 Oct 2015 12:55:20 -0400
> Committer:  Ingo Molnar <mingo@xxxxxxxxxx>
> CommitDate: Tue, 6 Oct 2015 11:11:48 +0200
>
> x86/mm: Warn on W^X mappings
>
> Warn on any residual W+X mappings after setting NX
> if DEBUG_WX is enabled.  Introduce a separate
> X86_PTDUMP_CORE config that enables the code for
> dumping the page tables without enabling the debugfs
> interface, so that DEBUG_WX can be enabled without
> exposing the debugfs interface.  Switch EFI_PGT_DUMP
> to using X86_PTDUMP_CORE so that it also does not require
> enabling the debugfs interface.

I like it, so Acked-by: Arjan van de Ven <arjan@xxxxxxxxxxxxxxx>

I also have/had an old userland script to do similar checks but using the debugfs interface...
... would that be useful to have somewhere more central?

http://git.fenrus.org/tmp/i386-check-pagetables.pl


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/