Re: [PATCH] x86, mm: set NX across entire PMD at boot

On Fri, 14 Nov 2014, Kees Cook wrote: > When setting up permissions on kernel memory at boot, the end of the > PMD that was split from bss remained executable. It should be NX like > the rest. This performs a PMD alignment instead of a PAGE alignment to > get the correct span of memory. > >

[PATCH] x86, mm: set NX across entire PMD at boot

When setting up permissions on kernel memory at boot, the end of the PMD that was split from bss remained executable. It should be NX like the rest. This performs a PMD alignment instead of a PAGE alignment to get the correct span of memory. Before: ---[ High Kernel Mapping ]--- ...

[PATCH] x86, mm: set NX across entire PMD at boot

When setting up permissions on kernel memory at boot, the end of the PMD that was split from bss remained executable. It should be NX like the rest. This performs a PMD alignment instead of a PAGE alignment to get the correct span of memory. Before: ---[ High Kernel Mapping ]--- ...

Re: [PATCH] x86, mm: set NX across entire PMD at boot

On Fri, 14 Nov 2014, Kees Cook wrote: When setting up permissions on kernel memory at boot, the end of the PMD that was split from bss remained executable. It should be NX like the rest. This performs a PMD alignment instead of a PAGE alignment to get the correct span of memory. Before: