This is a note to let you know that I've just added the patch titled powerpc/mm/radix: Only add X for pages overlapping kernel text to the 4.12-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: powerpc-mm-radix-only-add-x-for-pages-overlapping-kernel-text.patch and it can be found in the queue-4.12 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 9abcc981de9775659a0f6e4a52a3448ea72e59da Mon Sep 17 00:00:00 2001 From: Michael Ellerman <mpe@xxxxxxxxxxxxxx> Date: Tue, 6 Jun 2017 15:48:57 +1000 Subject: powerpc/mm/radix: Only add X for pages overlapping kernel text From: Michael Ellerman <mpe@xxxxxxxxxxxxxx> commit 9abcc981de9775659a0f6e4a52a3448ea72e59da upstream. Currently we map the whole linear mapping with PAGE_KERNEL_X. Instead we should check if the page overlaps the kernel text and only then add PAGE_KERNEL_X. Note that we still use 1G pages if they're available, so this will typically still result in a 1G executable page at KERNELBASE. So this fix is primarily useful for catching stray branches to high linear mapping addresses. Without this patch, we can execute at 1G in xmon using: 0:mon> m c000000040000000 c000000040000000 00 l c000000040000000 00000000 01006038 c000000040000004 00000000 2000804e c000000040000008 00000000 x 0:mon> di c000000040000000 c000000040000000 38600001 li r3,1 c000000040000004 4e800020 blr 0:mon> p c000000040000000 return value is 0x1 After we get a 400 as expected: 0:mon> p c000000040000000 *** 400 exception occurred Fixes: 2bfd65e45e87 ("powerpc/mm/radix: Add radix callbacks for early init routines") Signed-off-by: Michael Ellerman <mpe@xxxxxxxxxxxxxx> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> Acked-by: Balbir Singh <bsingharora@xxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- arch/powerpc/mm/pgtable-radix.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) --- a/arch/powerpc/mm/pgtable-radix.c +++ b/arch/powerpc/mm/pgtable-radix.c @@ -19,6 +19,7 @@ #include <asm/mmu.h> #include <asm/firmware.h> #include <asm/powernv.h> +#include <asm/sections.h> #include <trace/events/thp.h> @@ -121,7 +122,8 @@ static inline void __meminit print_mappi static int __meminit create_physical_mapping(unsigned long start, unsigned long end) { - unsigned long addr, mapping_size = 0; + unsigned long vaddr, addr, mapping_size = 0; + pgprot_t prot; start = _ALIGN_UP(start, PAGE_SIZE); for (addr = start; addr < end; addr += mapping_size) { @@ -145,8 +147,14 @@ static int __meminit create_physical_map start = addr; } - rc = radix__map_kernel_page((unsigned long)__va(addr), addr, - PAGE_KERNEL_X, mapping_size); + vaddr = (unsigned long)__va(addr); + + if (overlaps_kernel_text(vaddr, vaddr + mapping_size)) + prot = PAGE_KERNEL_X; + else + prot = PAGE_KERNEL; + + rc = radix__map_kernel_page(vaddr, addr, prot, mapping_size); if (rc) return rc; } Patches currently in stable-queue which might be from mpe@xxxxxxxxxxxxxx are queue-4.12/powerpc-asm-mark-cr0-as-clobbered-in-mftb.patch queue-4.12/powerpc-mm-radix-only-add-x-for-pages-overlapping-kernel-text.patch queue-4.12/powerpc-mm-radix-properly-clear-process-table-entry.patch queue-4.12/powerpc-fix-emulation-of-mfocrf-in-emulate_step.patch queue-4.12/powerpc-64-fix-atomic64_inc_not_zero-to-return-an-int.patch queue-4.12/powerpc-pseries-fix-passing-of-pp0-in-updatepp-and-updateboltedpp.patch queue-4.12/powerpc-perf-fix-sdar_mode-value-for-continous-sampling-on-power9.patch queue-4.12/powerpc-fix-emulation-of-mcrf-in-emulate_step.patch queue-4.12/powerpc-mm-radix-fix-execute-permissions-for-interrupt_vectors.patch