git.kernelconcepts.de Git - karo-tx-linux.git/commit

author	Daniel Borkmann <daniel@iogearbox.net>
	Fri, 27 Feb 2015 14:55:40 +0000 (15:55 +0100)
committer	Ingo Molnar <mingo@kernel.org>
	Sat, 28 Feb 2015 09:41:59 +0000 (10:41 +0100)
commit	6bbb614ec478961c7443086bdf7fd6784479c14a
tree	2a8f3e5e4faa36f90ce6588bf8157851bf831ded	tree \| snapshot
parent	954e12f7a800ce38b4722ca1d7a6d0293d377b55	commit \| diff

x86/mm: Unexport set_memory_ro() and set_memory_rw()

This effectively unexports set_memory_ro() and set_memory_rw()
functions, and thus reverts:

a03352d2c1dc ("x86: export set_memory_ro and set_memory_rw").

They have been introduced for debugging purposes in e1000e, but
no module user is in mainline kernel (anymore?) and we
explicitly do not want modules to use these functions, as they
i.e. protect eBPF (interpreted & JIT'ed) images from malicious
modifications or bugs.

Outside of eBPF scope, I believe also other set_memory_*()
functions should be unexported on x86 for modules.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
Cc: Arjan van de Ven <arjan@linux.intel.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Bruce Allan <bruce.w.allan@intel.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jesse Brandeburg <jesse.brandeburg@intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: davem@davemloft.net
Link: http://lkml.kernel.org/r/a064393a0a5d319eebde5c761cfd743132d4f213.1425040940.git.daniel@iogearbox.net
Signed-off-by: Ingo Molnar <mingo@kernel.org>