Re: [WARNING] x86/mm: Found insecure W+X mapping at address ..

From: Kees Cook
Date: Tue May 23 2017 - 11:54:59 EST

Next message: Paul Gortmaker: "Re: [PATCH 1/3] pinctrl: samsung: clean up modular vs. non-modular distinctions"
Previous message: Ian Abbott: "[PATCH v3 2/2] kernel.h: handle pointers to arrays better in container_of()"
In reply to: Thomas Gleixner: "[WARNING] x86/mm: Found insecure W+X mapping at address .."
Next in thread: Thomas Gleixner: "Re: [WARNING] x86/mm: Found insecure W+X mapping at address .."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 23, 2017 at 8:40 AM, Thomas Gleixner <tglx@xxxxxxxxxxxxx> wrote:
> As of 4.12-rc1 one of my machines triggers the insecure W+X mapping.
>
> It's consistenly 9 entries close to the beginning of the module space,
> before the first actual module starts. See below.
>
> Any ideas which avoid bisecting would be appreciated.

Is this the same as:

https://lkml.org/lkml/2017/5/19/899

?

The location is very similar.

-Kees

>
> Thanks,
>
> tglx
>
> ---[ Modules ]---
> 0xffffffffc0000000-0xffffffffc017d000 1524K pte
> 0xffffffffc017d000-0xffffffffc017e000 4K RW GLB x pte
> 0xffffffffc017e000-0xffffffffc017f000 4K pte
> 0xffffffffc017f000-0xffffffffc0180000 4K RW GLB x pte
> 0xffffffffc0180000-0xffffffffc0181000 4K pte
> 0xffffffffc0181000-0xffffffffc0182000 4K RW GLB x pte
> 0xffffffffc0182000-0xffffffffc0183000 4K pte
> 0xffffffffc0183000-0xffffffffc0184000 4K RW GLB x pte
> 0xffffffffc0184000-0xffffffffc0185000 4K pte
> 0xffffffffc0185000-0xffffffffc0186000 4K RW GLB x pte
> 0xffffffffc0186000-0xffffffffc0187000 4K pte
> 0xffffffffc0187000-0xffffffffc0188000 4K RW GLB x pte
> 0xffffffffc0188000-0xffffffffc0189000 4K pte
> 0xffffffffc0189000-0xffffffffc018a000 4K RW GLB x pte
> 0xffffffffc018a000-0xffffffffc018b000 4K pte
> 0xffffffffc018b000-0xffffffffc018c000 4K RW GLB x pte
> 0xffffffffc018c000-0xffffffffc018d000 4K pte
> 0xffffffffc018d000-0xffffffffc018e000 4K RW GLB x pte
>
> First module starts here:
>
> 0xffffffffc018e000-0xffffffffc0191000 12K pte
> 0xffffffffc0191000-0xffffffffc0192000 4K ro GLB x pte
>
> ---[ Modules ]---
> 0xffffffffc0000000-0xffffffffc0200000 2M pmd
> 0xffffffffc0200000-0xffffffffc02f8000 992K pte
> 0xffffffffc02f8000-0xffffffffc02f9000 4K RW GLB x pte
> 0xffffffffc02f9000-0xffffffffc02fa000 4K pte
> 0xffffffffc02fa000-0xffffffffc02fb000 4K RW GLB x pte
> 0xffffffffc02fb000-0xffffffffc02fc000 4K pte
> 0xffffffffc02fc000-0xffffffffc02fd000 4K RW GLB x pte
> 0xffffffffc02fd000-0xffffffffc02fe000 4K pte
> 0xffffffffc02fe000-0xffffffffc02ff000 4K RW GLB x pte
> 0xffffffffc02ff000-0xffffffffc0300000 4K pte
> 0xffffffffc0300000-0xffffffffc0301000 4K RW GLB x pte
> 0xffffffffc0301000-0xffffffffc0302000 4K pte
> 0xffffffffc0302000-0xffffffffc0303000 4K RW GLB x pte
> 0xffffffffc0303000-0xffffffffc0304000 4K pte
> 0xffffffffc0304000-0xffffffffc0305000 4K RW GLB x pte
> 0xffffffffc0305000-0xffffffffc0306000 4K pte
> 0xffffffffc0306000-0xffffffffc0307000 4K RW GLB x pte
> 0xffffffffc0307000-0xffffffffc0308000 4K pte
> 0xffffffffc0308000-0xffffffffc0309000 4K RW GLB x pte
>
> First module starts here:
>
> 0xffffffffc0309000-0xffffffffc030c000 12K pte
> 0xffffffffc030c000-0xffffffffc030d000 4K ro GLB x pte

--
Kees Cook
Pixel Security

Next message: Paul Gortmaker: "Re: [PATCH 1/3] pinctrl: samsung: clean up modular vs. non-modular distinctions"
Previous message: Ian Abbott: "[PATCH v3 2/2] kernel.h: handle pointers to arrays better in container_of()"
In reply to: Thomas Gleixner: "[WARNING] x86/mm: Found insecure W+X mapping at address .."
Next in thread: Thomas Gleixner: "Re: [WARNING] x86/mm: Found insecure W+X mapping at address .."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]