• Masami Hiramatsu's avatar
    kprobes/x86: Set kprobes pages read-only · d0381c81
    Masami Hiramatsu authored
    Set the pages which is used for kprobes' singlestep buffer
    and optprobe's trampoline instruction buffer to readonly.
    This can prevent unexpected (or unintended) instruction
    modification.
    
    This also passes rodata_test as below.
    
    Without this patch, rodata_test shows a warning:
    
      WARNING: CPU: 0 PID: 1 at arch/x86/mm/dump_pagetables.c:235 note_page+0x7a9/0xa20
      x86/mm: Found insecure W+X mapping at address ffffffffa0000000/0xffffffffa0000000
    
    With this fix, no W+X pages are found:
    
      x86/mm: Checked W+X mappings: passed, no W+X pages found.
      rodata_test: all tests were successful
    Reported-by: default avatarAndrey Ryabinin <aryabinin@virtuozzo.com>
    Signed-off-by: default avatarMasami Hiramatsu <mhiramat@kernel.org>
    Cc: Ananth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>
    Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Brian Gerst <brgerst@gmail.com>
    Cc: David S . Miller <davem@davemloft.net>
    Cc: Denys Vlasenko <dvlasenk@redhat.com>
    Cc: H. Peter Anvin <hpa@zytor.com>
    Cc: Josh Poimboeuf <jpoimboe@redhat.com>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: Ye Xiaolong <xiaolong.ye@intel.com>
    Link: http://lkml.kernel.org/r/149076375592.22469.14174394514338612247.stgit@devboxSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
    d0381c81
core.c 33.4 KB