x86, cpa: Fix kernel text RO checks in static_protection()

Steven Rostedt reported that we are unconditionally making the kernel text mapping as read-only. i.e., if someone does cpa() to the kernel text area for setting/clearing any page table attribute, we unconditionally clear the read-write attribute for the kernel text mapping that is set at compile time. We should delay (to forbid the write attribute) and enforce only after the kernel has mapped the text as read-only. Reported-by: Steven Rostedt <rostedt@goodmis.org> Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com> Acked-by: Steven Rostedt <rostedt@goodmis.org> Tested-by: Steven Rostedt <rostedt@goodmis.org> LKML-Reference: <20091029024820.996634347@sbs-t61.sc.intel.com> [ marked kernel_set_to_readonly as __read_mostly ] Signed-off-by: Ingo Molnar <mingo@elte.hu>
author: Suresh Siddha <suresh.b.siddha@intel.com> 2009-10-28 22:46:56 -0400
committer: Ingo Molnar <mingo@elte.hu> 2009-11-02 11:16:35 -0500
commit: 502f660466ba7a66711ffdf414b1f7f1131dcbf7 (patch)
tree: 9b5ac4309f392855108365d3d17406ce3199d2eb /arch/x86/mm
parent: 883242dd0e5faaba041528a9a99f483f2a656c83 (diff)
3 files changed, 8 insertions, 6 deletions
diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
index f64d0d5e0f8..c973f8e2a6c 100644
--- a/arch/x86/mm/init_32.c
+++ b/arch/x86/mm/init_32.c
@@ -997,7 +997,7 @@ static noinline int do_test_wp_bit(void)
 const int rodata_test_data = 0xC3;
 EXPORT_SYMBOL_GPL(rodata_test_data);
-static int kernel_set_to_readonly;
+int kernel_set_to_readonly __read_mostly;
 void set_kernel_text_rw(void)
 {
diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c
index 0ed09fad6aa..4b507c08940 100644
--- a/arch/x86/mm/init_64.c
+++ b/arch/x86/mm/init_64.c
@@ -695,7 +695,7 @@ void __init mem_init(void)
 const int rodata_test_data = 0xC3;
 EXPORT_SYMBOL_GPL(rodata_test_data);
-static int kernel_set_to_readonly;
+int kernel_set_to_readonly;
 void set_kernel_text_rw(void)
 {
diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index 78d3168b3c6..8d1e8d95ea4 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -282,14 +282,16 @@ static inline pgprot_t static_protections(pgprot_t prot, unsigned long address,
 #if defined(CONFIG_X86_64) && defined(CONFIG_DEBUG_RODATA) && \
        !defined(CONFIG_DYNAMIC_FTRACE)
        /*
-         * Kernel text mappings for the large page aligned .rodata section
+         * Once the kernel maps the text as RO (kernel_set_to_readonly is set),
-         * will be read-only. For the kernel identity mappings covering
+         * kernel text mappings for the large page aligned text, rodata sections
-         * the holes caused by this alignment can be anything.
+         * will be always read-only. For the kernel identity mappings covering
+         * the holes caused by this alignment can be anything that user asks.
         *
         * This will preserve the large page mappings for kernel text/data
         * at no extra cost.
         */
-        if (within(address, (unsigned long)_text,
+        if (kernel_set_to_readonly &&
+            within(address, (unsigned long)_text,
                   (unsigned long)__end_rodata_hpage_align))
                pgprot_val(forbidden) |= _PAGE_RW;
 #endif
author	Suresh Siddha <suresh.b.siddha@intel.com>	2009-10-28 22:46:56 -0400
committer	Ingo Molnar <mingo@elte.hu>	2009-11-02 11:16:35 -0500
commit	502f660466ba7a66711ffdf414b1f7f1131dcbf7 (patch)
tree	9b5ac4309f392855108365d3d17406ce3199d2eb /arch/x86/mm
parent	883242dd0e5faaba041528a9a99f483f2a656c83 (diff)