arm64: kprobe: make page to RO mode when allocate it
Commit
1404d6f13e47 ("arm64: dump: Add checking for writable and exectuable pages")
has successfully identified code that leaves a page with W+X
permissions.
[ 3.245140] arm64/mm: Found insecure W+X mapping at address (____ptrval____)/0xffff000000d90000
[ 3.245771] WARNING: CPU: 0 PID: 1 at ../arch/arm64/mm/dump.c:232 note_page+0x410/0x420
[ 3.246141] Modules linked in:
[ 3.246653] CPU: 0 PID: 1 Comm: swapper/0 Not tainted
4.19.0-rc5-next-20180928-00001-ge70ae259b853-dirty #62
[ 3.247008] Hardware name: linux,dummy-virt (DT)
[ 3.247347] pstate:
80000005 (Nzcv daif -PAN -UAO)
[ 3.247623] pc : note_page+0x410/0x420
[ 3.247898] lr : note_page+0x410/0x420
[ 3.248071] sp :
ffff00000804bcd0
[ 3.248254] x29:
ffff00000804bcd0 x28:
ffff000009274000
[ 3.248578] x27:
ffff00000921a000 x26:
ffff80007dfff000
[ 3.248845] x25:
ffff0000093f5000 x24:
ffff000009526f6a
[ 3.249109] x23:
0000000000000004 x22:
ffff000000d91000
[ 3.249396] x21:
ffff000000d90000 x20:
0000000000000000
[ 3.249661] x19:
ffff00000804bde8 x18:
0000000000000400
[ 3.249924] x17:
0000000000000000 x16:
0000000000000000
[ 3.250271] x15:
ffffffffffffffff x14:
295f5f5f5f6c6176
[ 3.250594] x13:
7274705f5f5f5f28 x12:
2073736572646461
[ 3.250941] x11:
20746120676e6970 x10:
70616d20582b5720
[ 3.251252] x9 :
6572756365736e69 x8 :
3039643030303030
[ 3.251519] x7 :
306666666678302f x6 :
ffff0000095467b2
[ 3.251802] x5 :
0000000000000000 x4 :
0000000000000000
[ 3.252060] x3 :
0000000000000000 x2 :
ffffffffffffffff
[ 3.252323] x1 :
4d151327adc50b00 x0 :
0000000000000000
[ 3.252664] Call trace:
[ 3.252953] note_page+0x410/0x420
[ 3.253186] walk_pgd+0x12c/0x238
[ 3.253417] ptdump_check_wx+0x68/0xf8
[ 3.253637] mark_rodata_ro+0x68/0x98
[ 3.253847] kernel_init+0x38/0x160
[ 3.254103] ret_from_fork+0x10/0x18
kprobes allocates a writable executable page with module_alloc() in
order to store executable code.
Reworked to that when allocate a page it sets mode RO. Inspired by
commit
63fef14fc98a ("kprobes/x86: Make insn buffer always ROX and use text_poke()").
Suggested-by: Arnd Bergmann <arnd@arndb.de>
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Laura Abbott <labbott@redhat.com>
Signed-off-by: Anders Roxell <anders.roxell@linaro.org>
[catalin.marinas@arm.com: removed unnecessary casts]
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>