Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Subject: Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Apr 2019 16:18:18 -0700
Cc: Nadav Amit <nadav.amit@xxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Khalid Aziz <khalid.aziz@xxxxxxxxxx>, juergh@xxxxxxxxx, Tycho Andersen <tycho@xxxxxxxx>, jsteckli@xxxxxxxxx, keescook@xxxxxxxxxx, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Juerg Haefliger <juerg.haefliger@xxxxxxxxxxxxx>, deepa.srinivasan@xxxxxxxxxx, chris.hyser@xxxxxxxxxx, tyhicks@xxxxxxxxxxxxx, David Woodhouse <dwmw@xxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, jcm@xxxxxxxxxx, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>, iommu <iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx>, X86 ML <x86@xxxxxxxxxx>, linux-arm-kernel@xxxxxxxxxxxxxxxxxxx, "open list:DOCUMENTATION" <linux-doc@xxxxxxxxxxxxxxx>, Linux List Kernel Mailing <linux-kernel@xxxxxxxxxxxxxxx>, Linux-MM <linux-mm@xxxxxxxxx>, LSM List <linux-security-module@xxxxxxxxxxxxxxx>, Khalid Aziz <khalid@xxxxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>, Dave Hansen <dave@xxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Arjan van de Ven <arjan@xxxxxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <alpine.DEB.2.21.1904172317460.3174@nanos.tec.linutronix.de>
References: <cover.1554248001.git.khalid.aziz@oracle.com> <f1ac3700970365fb979533294774af0b0dd84b3b.1554248002.git.khalid.aziz@oracle.com> <20190417161042.GA43453@gmail.com> <e16c1d73-d361-d9c7-5b8e-c495318c2509@oracle.com> <20190417170918.GA68678@gmail.com> <56A175F6-E5DA-4BBD-B244-53B786F27B7F@gmail.com> <20190417172632.GA95485@gmail.com> <063753CC-5D83-4789-B594-019048DE22D9@gmail.com> <alpine.DEB.2.21.1904172317460.3174@nanos.tec.linutronix.de>

On Wed, Apr 17, 2019, 14:20 Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:

It's not necessarily a W+X issue. The user space text is mapped in the
kernel as well and even if it is mapped RX then this can happen. So any
kernel mappings of user space text need to be mapped NX!

With SMEP, user space pages are always NX.

I really think SM[AE]P is something we can already take for granted. People who have old CPU's workout it are simply not serious about security anyway. There is no point in saying "we can do it badly in software".

Linus

Follow-Ups:
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Thomas Gleixner

References:
- [RFC PATCH v9 00/13] Add support for eXclusive Page Frame Ownership
  - From: Khalid Aziz
- [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Khalid Aziz
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Ingo Molnar
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Khalid Aziz
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Ingo Molnar
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Nadav Amit
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Ingo Molnar
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Nadav Amit
- Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
  - From: Thomas Gleixner

Prev by Date: Re: [PATCH v4 1/2] mm: refactor __vunmap() to avoid duplicated call to find_vm_area()
Next by Date: Re: [PATCH v1 00/15] Keep track of GUPed pages in fs and block
Previous by thread: Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
Next by thread: Re: [RFC PATCH v9 03/13] mm: Add support for eXclusive Page Frame Ownership (XPFO)
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]