[PATCH v2] arm64: mm: fix location of _etext
Catalin Marinas
catalin.marinas at arm.com
Mon Jun 27 10:16:29 PDT 2016
On Thu, Jun 23, 2016 at 03:53:17PM +0200, Ard Biesheuvel wrote:
> As Kees Cook notes in the ARM counterpart of this patch [0]:
>
> The _etext position is defined to be the end of the kernel text code,
> and should not include any part of the data segments. This interferes
> with things that might check memory ranges and expect executable code
> up to _etext.
>
> In particular, Kees is referring to the HARDENED_USERCOPY patch set [1],
> which rejects attempts to call copy_to_user() on kernel ranges containing
> executable code, but does allow access to the .rodata segment. Regardless
> of whether one may or may not agree with the distinction, it makes sense
> for _etext to have the same meaning across architectures.
>
> So let's put _etext where it belongs, between .text and .rodata, and fix
> up existing references to use __init_begin instead, which unlike _end_rodata
> includes the exception and notes sections as well.
>
> The _etext references in kaslr.c are left untouched, since its references
> to [_stext, _etext) are meant to capture potential jump instruction targets,
> and so disregarding .rodata is actually an improvement here.
>
> [0] http://article.gmane.org/gmane.linux.kernel/2245084
> [1] http://thread.gmane.org/gmane.linux.kernel.hardened.devel/2502
>
> Reported-by: Kees Cook <keescook at chromium.org>
> Reviewed-by: Mark Rutland <mark.rutland at arm.com>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel at linaro.org>
Applied. Thanks.
--
Catalin
More information about the linux-arm-kernel
mailing list