On 2023-04-05 20:40, Borislav Petkov wrote:
On Tue, Mar 14, 2023 at 01:13:29PM +0300, Evgeniy Baskov wrote:
Avoid creating sections simultaneously writable and readable to
prepare
for W^X implementation for the kernel itself (not the decompressor).
Align kernel sections on page size (4KB) to allow protecting them in
the
page tables.
Split init code form ".init" segment into separate R_X ".inittext"
s/form/from/
Thanks!
segment and make ".init" segment non-executable.
"... and make the .init segment RW_."
Will fix.
Also add these segments to x86_32 architecture for consistency.
Same comment as before: please refrain from talking about the *what* in
a commit message but about the *why*.
And considering the matter, you have a *lot* of *why* to talk about.
:-)
Pls check your whole set.
I'll try do make descriptions of patches more elaborate and to better
reflect the reasoning behind the changes before resubmitting, thanks.
Currently paging is disabled in x86_32 in compressed kernel, so
protection is not applied anyways, but .init code was incorrectly
placed in non-executable ".data" segment. This should not change
anything meaningful in memory layout now, but might be required in
case
memory protection will also be implemented in compressed kernel for
x86_32.
I highly doubt that - no one cares about 32-bit x86 anymore.
True, but in theory it's still possible and also the change
makes things more correct.
@@ -226,9 +225,10 @@ SECTIONS
#endif
INIT_TEXT_SECTION(PAGE_SIZE)
-#ifdef CONFIG_X86_64
- :init
-#endif
+ :inittext
+
+ . = ALIGN(PAGE_SIZE);
+
/*
* Section for code used exclusively before alternatives are run.
All
@@ -240,6 +240,7 @@ SECTIONS
.altinstr_aux : AT(ADDR(.altinstr_aux) - LOAD_OFFSET) {
*(.altinstr_aux)
}
+ :init
Why isn't this placed after inittext but here?
Because, AFAIK, :init is a part of a section syntax so it must
come after the brace, at least according to the documentation:
https://sourceware.org/binutils/docs/ld/PHDRS.html
I'm thinking you wanna have:
:inittext
. = ALIGN..
:init
<rest>
Thx.