From nobody Mon Apr 6 18:09:05 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1549FC433FE for ; Tue, 4 Oct 2022 18:07:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229961AbiJDSHq (ORCPT ); Tue, 4 Oct 2022 14:07:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58184 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229549AbiJDSHl (ORCPT ); Tue, 4 Oct 2022 14:07:41 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [IPv6:2a0a:51c0:0:12e:550::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 980461EED6; Tue, 4 Oct 2022 11:07:36 -0700 (PDT) Date: Tue, 04 Oct 2022 18:07:32 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1664906854; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Buvg75iS92I0UDfCpd9qBltTzuOjiTg3cDhwVij++wM=; b=FDMZR+RbsYW7/ifV8mB/kXtIyI8yIGA4mTCcG7JScD8ye2PcWeGeyyFIVj2gFjol14KyMp 0i/K2YzsSzzTHF6k/YDXX4BcIkiaQFKU0Yoya8LwFDmExpMLnApDEkGISyFYMX8D7vLe6N NUyjU1oHR+CFCAyBrZf6a7aoMfi3ipjUN97syIuy+UQiIFQbFi0uzJbZfwmK2AMCygNQj5 xyxQytKzfnlT15p/+v8m2SCsrofAKF8HMwq+DY9FBLnOvWNCwFHQKUz7ElhszRJxRIzkFv 5CTiexlH3vu7vnmoEklGvRPtD5mfH3wUdgYfykQgHUJ+vkhcWdAMeOuAe7uReg== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1664906854; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Buvg75iS92I0UDfCpd9qBltTzuOjiTg3cDhwVij++wM=; b=ujBCuTNnHoa+qAvRxKfhlLEiUp7WTu1eB0KEnnn5exCvZw2l7LcP5kOwzsYN/rZ66+qj/V skDw0GlaTaNQvIBg== From: "tip-bot2 for Dave Hansen" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/mm] x86/mm: Ease W^X enforcement back to just a warning Cc: Dave Hansen , Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, "H. Peter Anvin" , Kees Cook , Peter Zijlstra , linux-kernel@vger.kernel.org MIME-Version: 1.0 Message-ID: <166490685242.401.17129977356268001359.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/mm branch of tip: Commit-ID: e9935b87c46236e8d7dd0acb847a31952db25228 Gitweb: https://git.kernel.org/tip/e9935b87c46236e8d7dd0acb847a31952= db25228 Author: Dave Hansen AuthorDate: Mon, 03 Oct 2022 13:23:46 -07:00 Committer: Dave Hansen CommitterDate: Tue, 04 Oct 2022 11:00:24 -07:00 x86/mm: Ease W^X enforcement back to just a warning Currently, the "change_page_attr" (CPA) code refuses to create W+X mappings on 64-bit kernels. There have been reports both from 32-bit[1] and from BPF[2] users where this change kept the system from booting. These reports are showing up even after about a month of soak time in -next. To avoid breaking anything, never enforce W^X. Always warn and return the requested permissions even if a problem is detected. 1. https://lore.kernel.org/all/CAMj1kXHcF_iK_g0OZSkSv56Wmr=3DeQGQwNstcNjLEf= S=3Dmm7a06w@mail.gmail.com/ 2. https://lore.kernel.org/bpf/c84cc27c1a5031a003039748c3c099732a718aec.cam= el@kernel.org/T/#u Signed-off-by: Dave Hansen Cc: Thomas Gleixner Cc: Ingo Molnar Cc: Borislav Petkov Cc: x86@kernel.org Cc: "H. Peter Anvin" Cc: Kees Cook Cc: Peter Zijlstra --- arch/x86/mm/pat/set_memory.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/arch/x86/mm/pat/set_memory.c b/arch/x86/mm/pat/set_memory.c index efe882c..97342c4 100644 --- a/arch/x86/mm/pat/set_memory.c +++ b/arch/x86/mm/pat/set_memory.c @@ -580,7 +580,7 @@ static inline pgprot_t static_protections(pgprot_t prot= , unsigned long start, } =20 /* - * Validate and enforce strict W^X semantics. + * Validate strict W^X semantics. */ static inline pgprot_t verify_rwx(pgprot_t old, pgprot_t new, unsigned lon= g start, unsigned long pfn, unsigned long npg) @@ -595,7 +595,7 @@ static inline pgprot_t verify_rwx(pgprot_t old, pgprot_= t new, unsigned long star if (IS_ENABLED(CONFIG_X86_32)) return new; =20 - /* Only enforce when NX is supported: */ + /* Only verify when NX is supported: */ if (!(__supported_pte_mask & _PAGE_NX)) return new; =20 @@ -606,13 +606,17 @@ static inline pgprot_t verify_rwx(pgprot_t old, pgpro= t_t new, unsigned long star return new; =20 end =3D start + npg * PAGE_SIZE - 1; - WARN_ONCE(1, "CPA refuse W^X violation: %016llx -> %016llx range: 0x%016l= x - 0x%016lx PFN %lx\n", + WARN_ONCE(1, "CPA detected W^X violation: %016llx -> %016llx range: 0x%01= 6lx - 0x%016lx PFN %lx\n", (unsigned long long)pgprot_val(old), (unsigned long long)pgprot_val(new), start, end, pfn); =20 - /* refuse the transition into WX */ - return old; + /* + * For now, allow all permission change attempts by returning the + * attempted permissions. This can 'return old' to actively + * refuse the permission change at a later time. + */ + return new; } =20 /*