diff options
author | Jisheng Zhang <jszhang@kernel.org> | 2021-03-30 02:25:21 +0800 |
---|---|---|
committer | Palmer Dabbelt <palmerdabbelt@google.com> | 2021-04-26 08:25:14 -0700 |
commit | fc8504765ec5e812135b8ccafca7101069a0c6d8 (patch) | |
tree | a4b9d1f65e9bf35e0d6a2120363f108c7c07aca0 /arch/riscv | |
parent | 1d27d854425faec98f352cf88ec3e2a8844429a4 (diff) | |
download | linux-fc8504765ec5e812135b8ccafca7101069a0c6d8.tar.bz2 |
riscv: bpf: Avoid breaking W^X
We allocate Non-executable pages, then call bpf_jit_binary_lock_ro()
to enable executable permission after mapping them read-only. This is
to prepare for STRICT_MODULE_RWX in following patch.
Signed-off-by: Jisheng Zhang <jszhang@kernel.org>
Signed-off-by: Palmer Dabbelt <palmerdabbelt@google.com>
Diffstat (limited to 'arch/riscv')
-rw-r--r-- | arch/riscv/net/bpf_jit_core.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/arch/riscv/net/bpf_jit_core.c b/arch/riscv/net/bpf_jit_core.c index d8da819290b7..fed86f42dfbe 100644 --- a/arch/riscv/net/bpf_jit_core.c +++ b/arch/riscv/net/bpf_jit_core.c @@ -152,6 +152,7 @@ skip_init_ctx: bpf_flush_icache(jit_data->header, ctx->insns + ctx->ninsns); if (!prog->is_func || extra_pass) { + bpf_jit_binary_lock_ro(jit_data->header); out_offset: kfree(ctx->offset); kfree(jit_data); @@ -169,7 +170,7 @@ void *bpf_jit_alloc_exec(unsigned long size) { return __vmalloc_node_range(size, PAGE_SIZE, BPF_JIT_REGION_START, BPF_JIT_REGION_END, GFP_KERNEL, - PAGE_KERNEL_EXEC, 0, NUMA_NO_NODE, + PAGE_KERNEL, 0, NUMA_NO_NODE, __builtin_return_address(0)); } |