[PATCH 2/2] ARM: mm: keep rodata non-executable
Rabin Vincent
rabin at rab.in
Tue Mar 25 18:11:19 EDT 2014
2014-03-24 11:47 GMT+01:00 Jon Medhurst (Tixy) <tixy at linaro.org>:
> On Sun, 2014-03-23 at 16:21 -0600, Kees Cook wrote:
>> For this stage, how about I make this "depends on KEXEC=n &&
>> KPROBES=n"?
>
> There's also ftrace (CONFIG_DYNAMIC_FTRACE I believe) which modifies
> kernel code with a call to probe_kernel_write(), which GDB uses as well.
x86 handles this by making all kernel text R/W around the place where
ftrace does the modifications. This is called under stop_machine().
See 16239630974516a887 ("ftrace, x86: make kernel text writable only
for conversions").
> And grepping for the patch_text() function also shows
> __arch_jump_label_transform() modifies kernel code. Not sure how and
> when that gets used.
It gets used when "Optimize very unlikely/likely branches"
(CONFIG_JUMP_LABEL) is enabled. These "very unlikely/likely branches"
are used, among other things, for controlling tracepoints and some
scheduler/networking features.
x86 handles jump labels (and kprobes) by mapping the page being
modified read-write around the modification. See text_poke().
See also this ARM patch from Kyle Martin which I don't think has been merged:
http://marc.info/?l=linux-arm-kernel&m=139291862727863&w=2
More information about the linux-arm-kernel
mailing list