On Tue, 2019-10-29 at 16:40 -0700, Kees Cook wrote: > On Thu, Oct 03, 2019 at 02:23:47PM -0700, Rick Edgecombe wrote: > > larger follow on to this enables setting the kernel text as XO, but this is > > just > > Is the kernel side series visible somewhere public yet? > The POC from my Plumber's talk is up here: https://github.com/redgecombe/linux/commits/exec_only It doesn't work with this KVM series though as I made changes on the KVM side. I don't consider it ready for posting on the list yet. Luckily though, PeterZ's switching of ftrace to text_poke(), and your exception table patchset will make it easier when the time comes. Right now I am re-doing the KVM pieces to get rid of the memslot duplication. I am ending up having to touch a lot more KVM mmu code, and it's taken some time to work through. Then I wanted get some more performance numbers before dropping the RFC tag. So it may still be a bit before I can pick up the kernel text piece again.
