pulled&pushed.
Thanks!
On 03/21/2016 11:43 PM, David Brown wrote:
The following patches bring ARM vDSO read-only patches from Linus's master branch into the 4.1 stable kernel (4.1.20). The patches applied with trivial context fixups.
The easiest way to test this is to enable -DDEBUG on arch/arm/kernel/vdso.o, and see the kernel address of the vDSO page. Then, using CONFIG_ARM_PTDUMP, look at the mappings, and ensure this page is in RO after applying these patches.
There is a demonstrated x86 exploit that uses this to gain root, and this could be done in a similar manner on ARM.
I'll follow the patches with a pull request.
David Brown (1): ARM/vdso: Mark the vDSO code read-only after init
Kees Cook (6): asm-generic: Consolidate mark_rodata_ro() mm/init: Add 'rodata=off' boot cmdline parameter to disable read-only kernel mappings x86/mm: Always enable CONFIG_DEBUG_RODATA and remove the Kconfig option arch: Introduce post-init read-only memory lkdtm: Verify that '__ro_after_init' works correctly x86/vdso: Mark the vDSO code read-only after init
Documentation/kernel-parameters.txt | 4 ++++ arch/arm/include/asm/cacheflush.h | 1 - arch/arm/vdso/vdso.S | 3 +-- arch/arm64/include/asm/cacheflush.h | 4 ---- arch/parisc/include/asm/cache.h | 3 +++ arch/parisc/include/asm/cacheflush.h | 4 ---- arch/x86/Kconfig | 3 +++ arch/x86/Kconfig.debug | 17 +++-------------- arch/x86/include/asm/cacheflush.h | 8 ++------ arch/x86/include/asm/kvm_para.h | 7 ------- arch/x86/include/asm/sections.h | 2 +- arch/x86/kernel/ftrace.c | 6 +++--- arch/x86/kernel/kgdb.c | 8 ++------ arch/x86/kernel/test_nx.c | 2 -- arch/x86/kernel/test_rodata.c | 2 +- arch/x86/kernel/vmlinux.lds.S | 25 +++++++++++-------------- arch/x86/mm/init_32.c | 3 --- arch/x86/mm/init_64.c | 3 --- arch/x86/mm/pageattr.c | 2 +- arch/x86/vdso/vdso2c.h | 2 +- drivers/misc/lkdtm.c | 29 ++++++++++++++++++++++++++--- include/asm-generic/vmlinux.lds.h | 1 + include/linux/cache.h | 14 ++++++++++++++ include/linux/init.h | 4 ++++ init/main.c | 27 +++++++++++++++++++++++---- kernel/debug/kdb/kdb_bp.c | 4 +--- 26 files changed, 105 insertions(+), 83 deletions(-)