Re: fix a hyperv W^X violation and remove vmalloc_exec

From: Peter Zijlstra
Date: Thu Jun 18 2020 - 05:28:26 EST

Next message: Steven Price: "Re: [PATCH v3] drm/panfrost: Reduce the amount of logs on deferred probe"
Previous message: Peter Zijlstra: "Re: [PATCH 2/3] arm64: use PAGE_KERNEL_ROX directly in alloc_insn_page"
In reply to: Wei Liu: "Re: [PATCH 1/3] x86/hyperv: allocate the hypercall page with only read and execute bits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 18, 2020 at 08:43:04AM +0200, Christoph Hellwig wrote:
> Hi all,
>
> Dexuan reported a W^X violation due to the fact that the hyper hypercall
> page due switching it to be allocated using vmalloc_exec. The problem
> is that PAGE_KERNEL_EXEC as used by vmalloc_exec actually sets writable
> permissions in the pte. This series fixes the issue by switching to the
> low-level __vmalloc_node_range interface that allows specifing more
> detailed permissions instead. It then also open codes the other two
> callers and removes the somewhat confusing vmalloc_exec interface.

Acked-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>

> Peter noted that the hyper hypercall page allocation also has another
> long standing issue in that it shouldn't use the full vmalloc but just
> the module space. This issue is so far theoretical as the allocation is
> done early in the boot process. I plan to fix it with another bigger
> series for 5.9.

Thanks!

Next message: Steven Price: "Re: [PATCH v3] drm/panfrost: Reduce the amount of logs on deferred probe"
Previous message: Peter Zijlstra: "Re: [PATCH 2/3] arm64: use PAGE_KERNEL_ROX directly in alloc_insn_page"
In reply to: Wei Liu: "Re: [PATCH 1/3] x86/hyperv: allocate the hypercall page with only read and execute bits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]