|
Message-ID: <20160919225717.GO18931@jhogan-linux.le.imgtec.org>
Date: Mon, 19 Sep 2016 23:57:17 +0100
From: James Hogan <james.hogan@...tec.com>
To: Kees Cook <keescook@...omium.org>
CC: Guenter Roeck <linux@...ck-us.net>, Petr Mladek <pmladek@...e.com>, LKML
<linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>,
Tejun Heo <tj@...nel.org>, <linux-metag@...r.kernel.org>, Ingo Molnar
<mingo@...nel.org>, "kernel-hardening@...ts.openwall.com"
<kernel-hardening@...ts.openwall.com>
Subject: Re: qemu:metag image runtime failure in -next due to 'kthread: allow
to cancel kthread work'
On Mon, Sep 19, 2016 at 02:51:54PM -0700, Kees Cook wrote:
> On Mon, Sep 19, 2016 at 2:37 PM, James Hogan <james.hogan@...tec.com> wrote:
> > Okay, I just built x86_64 default defconfig (on ef98de028afd, half way
> > through the mm patches on linux-next from the other day where metag
> > stopped booting). Perhaps I'm missing some important config option to
> > enable the memory protection (if so I appologise).
> >
> > For metag:
> >
> > $ readelf -S drivers/tty/pty.o
> > [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
> > [51] .data..ro_after_i PROGBITS 00000000 00f0c0 00007c 00 WA 0 0 4
> >
> > $ readelf -S vmlinux.bust:
> > [Nr] Name Type Addr Off Size ES Flg Lk Inf Al
> > [ 4] .rodata PROGBITS 40190000 194000 04c9c8 00 WA 0 0 64
> >
> > And x86_64:
> >
> > $ readelf -S drivers/tty/pty.o
> > [Nr] Name Type Address Offset
> > Size EntSize Flags Link Info Align
> > [18] .data..ro_after_i PROGBITS 0000000000000000 00001140
> > 00000000000000f8 0000000000000000 WA 0 0 64
> >
> > $ readelf -S vmlinux
> > [Nr] Name Type Address Offset
> > Size EntSize Flags Link Info Align
> > [ 4] .rodata PROGBITS ffffffff81a00000 00c00000
> > 00000000002663d0 0000000000000000 WA 0 0 4096
> >
> > Both have WA on that section in the object file and the final vmlinux
> > ELF too.
>
> Hm, very true, I never noticed that. Oddly, the LOAD flags don't pay
> any attention on x86:
>
> $ readelf -l vmlinux
>
> Elf file type is EXEC (Executable file)
> Entry point 0x1000000
> There are 5 program headers, starting at offset 64
>
> Program Headers:
> Type Offset VirtAddr PhysAddr
> FileSiz MemSiz Flags Align
> LOAD 0x0000000000200000 0xffffffff81000000 0x0000000001000000
> 0x0000000000fdc000 0x0000000000fdc000 R E 200000
> LOAD 0x0000000001200000 0xffffffff82000000 0x0000000002000000
> 0x0000000000155000 0x0000000000155000 RW 200000
> LOAD 0x0000000001400000 0x0000000000000000 0x0000000002155000
> 0x0000000000019488 0x0000000000019488 RW 200000
> LOAD 0x000000000156f000 0xffffffff8216f000 0x000000000216f000
> 0x0000000000122000 0x0000000000eb4000 RWE 200000
> NOTE 0x0000000000ca0248 0xffffffff81aa0248 0x0000000001aa0248
> 0x0000000000000024 0x0000000000000024 4
>
> Section to Segment mapping:
> Segment Sections...
> 00 .text .notes __ex_table .rodata __bug_table .pci_fixup
> .builtin_fw .tracedata __ksymtab __ksymtab_gpl __ksymtab_strings
> __param __modver
> 01 .data .vvar
> 02 .data..percpu
> 03 .init.text .altinstr_aux .init.data .x86_cpu_dev.init
> .altinstructions .altinstr_replacement .iommu_table .apicdrivers
> .exit.text .smp_locks .bss .brk
> 04 .notes
>
> The first load (containing .rodata) is "R E".
Aah, right, I think thats because the program headers are specified
explicitly in arch/x86/kernel/vmlinux.lds.S:
PHDRS {
text PT_LOAD FLAGS(5); /* R_E */
data PT_LOAD FLAGS(6); /* RW_ */
#ifdef CONFIG_X86_64
#ifdef CONFIG_SMP
percpu PT_LOAD FLAGS(6); /* RW_ */
#endif
init PT_LOAD FLAGS(7); /* RWE */
#endif
note PT_NOTE FLAGS(0); /* ___ */
}
The bit I was missing is that RO_DATA() is after .text, but before
.data, so counts as part of the PT_LOAD program header for text.
>
> But, the point is: the kernel is what sets up the permissions, so the
> flags are ignored anyway.
Indeed.
Thanks for your patience working through this stuff with me :)
Cheers
James
Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.