On Thu, 10 Oct 2019 19:28:19 +0200 Peter Zijlstra <pet...@infradead.org> wrote:
> > That is, I really hate the above "set_ro" hack. This is because you > > moved the ro setting to create_trampoline() and then forcing the > > text_poke() on text that has just been created. I prefer to just modify > > it and then setting it to ro before it gets executed. Otherwise we need > > to do all these dances. > > I thought create_trampoline() finished the whole thing; if it does not, > either make create_trampoline() do everything, or add a > finish_trampoline() callback to mark it complete. I'm good with a finish_trampoline(). I can make a patch that does that. > > > The same is with the module code. My patch was turning text to > > read-write that is not to be executed yet. Really, what's wrong with > > that? > > The fact that it is executable; also the fact that you do it right after > we mark it ro. Flipping the memory protections back and forth is just > really poor everything. Hmm, I wonder if we can work with a way to make this work in the module code as well. Moving the place it sets 'x' and 'ro' around :-/ > > Once this ftrace thing is sorted, we'll change x86 to _refuse_ to make > executable (kernel) memory writable. OK. > > Really the best solution is to move all the poking into > ftrace_module_init(), before we mark it RO+X. That's what I'm going to > do for jump_label and static_call as well, I just need to add that extra > notifier callback. I'll have to think about other ways to handle the other archs with the all or nothing approach. Perhaps we can use my patch as an arch dependent situation, I'll try another approach. -- Steve