Commit 33bd8d15 authored Jul 29, 2024 by Heiko Carstens Committed by Vasily Gorbik Jul 31, 2024

s390: Keep inittext section writable



There is no added security by making the inittext section non-writable,
however it does split part of the kernel mapping into 4K mappings
instead of 1M mappings:

---[ Kernel Image Start ]---
0x000003ffe0000000-0x000003ffe0e00000        14M PMD RO X
0x000003ffe0e00000-0x000003ffe0ec7000       796K PTE RO X
0x000003ffe0ec7000-0x000003ffe0f00000       228K PTE RO NX
0x000003ffe0f00000-0x000003ffe1300000         4M PMD RO NX
0x000003ffe1300000-0x000003ffe1353000       332K PTE RO NX
0x000003ffe1353000-0x000003ffe1400000       692K PTE RW NX
0x000003ffe1400000-0x000003ffe1500000         1M PMD RW NX
0x000003ffe1500000-0x000003ffe1700000         2M PTE RW NX <---
0x000003ffe1700000-0x000003ffe1800000         1M PMD RW NX
0x000003ffe1800000-0x000003ffe187e000       504K PTE RW NX
---[ Kernel Image End ]---

Keep the inittext writable and enable instruction execution protection
(aka noexec) later to prevent this. This also allows to use the
generic free_initmem() implementation.

---[ Kernel Image Start ]---
0x000003ffe0000000-0x000003ffe0e00000        14M PMD RO X
0x000003ffe0e00000-0x000003ffe0ec7000       796K PTE RO X
0x000003ffe0ec7000-0x000003ffe0f00000       228K PTE RO NX
0x000003ffe0f00000-0x000003ffe1300000         4M PMD RO NX
0x000003ffe1300000-0x000003ffe1353000       332K PTE RO NX
0x000003ffe1353000-0x000003ffe1400000       692K PTE RW NX
0x000003ffe1400000-0x000003ffe1800000         4M PMD RW NX <---
0x000003ffe1800000-0x000003ffe187e000       504K PTE RW NX
---[ Kernel Image End ]---

Reviewed-by: Alexander Gordeev <agordeev@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>

parent 75c10d53

arch/s390/mm/init.c

+2 −7

Original line number	Diff line number	Diff line
		@@ -108,6 +108,8 @@ void mark_rodata_ro(void)
		{
		unsigned long size = __end_ro_after_init - __start_ro_after_init;

		if (MACHINE_HAS_NX)
		system_ctl_set_bit(0, CR0_INSTRUCTION_EXEC_PROTECTION_BIT);
		__set_memory_ro(__start_ro_after_init, __end_ro_after_init);
		pr_info("Write protected read-only-after-init data: %luk\n", size >> 10);
		}
		@@ -170,13 +172,6 @@ void __init mem_init(void)
		setup_zero_pages(); /* Setup zeroed pages. */
		}

		void free_initmem(void)
		{
		set_memory_rwnx((unsigned long)_sinittext,
		(unsigned long)(_einittext - _sinittext) >> PAGE_SHIFT);
		free_initmem_default(POISON_FREE_INITMEM);
		}

		unsigned long memory_block_size_bytes(void)
		{
		/*

arch/s390/mm/vmem.c

+0 −3

Original line number	Diff line number	Diff line
		@@ -661,7 +661,6 @@ void __init vmem_map_init(void)
		{
		__set_memory_rox(_stext, _etext);
		__set_memory_ro(_etext, __end_rodata);
		__set_memory_rox(_sinittext, _einittext);
		__set_memory_rox(__stext_amode31, __etext_amode31);
		/*
		* If the BEAR-enhancement facility is not installed the first
		@@ -672,8 +671,6 @@ void __init vmem_map_init(void)
		set_memory_x(0, 1);
		if (debug_pagealloc_enabled())
		__set_memory_4k(__va(0), __va(0) + ident_map_size);
		if (MACHINE_HAS_NX)
		system_ctl_set_bit(0, CR0_INSTRUCTION_EXEC_PROTECTION_BIT);
		pr_info("Write protected kernel read-only data: %luk\n",
		(unsigned long)(__end_rodata - _stext) >> 10);
		}