From: "Mike Rapoport (Microsoft)" rppt@kernel.org
Hi,
Jürgen Groß reported some bugs in interaction of ITS mitigation with execmem [1] when running on a Xen PV guest.
These patches fix the issue by moving all the permissions management of ITS memory allocated from execmem into ITS code.
I didn't test on a real Xen PV guest, but I emulated !PSE variant by force-disabling the ROX cache in x86::execmem_arch_setup().
Peter, I took liberty to put your SoB in the patch that actually implements the execmem permissions management in ITS, please let me know if I need to update something about the authorship.
The patches are against v6.15. They are also available in git: https://web.git.kernel.org/pub/scm/linux/kernel/git/rppt/linux.git/log/?h=it...
[1] https://lore.kernel.org/all/20250528123557.12847-2-jgross@suse.com/
Juergen Gross (1): x86/mm/pat: don't collapse pages without PSE set
Mike Rapoport (Microsoft) (3): x86/Kconfig: only enable ROX cache in execmem when STRICT_MODULE_RWX is set x86/its: move its_pages array to struct mod_arch_specific Revert "mm/execmem: Unify early execmem_cache behaviour"
Peter Zijlstra (Intel) (1): x86/its: explicitly manage permissions for ITS pages
arch/x86/Kconfig | 2 +- arch/x86/include/asm/module.h | 8 ++++ arch/x86/kernel/alternative.c | 89 ++++++++++++++++++++++++++--------- arch/x86/mm/init_32.c | 3 -- arch/x86/mm/init_64.c | 3 -- arch/x86/mm/pat/set_memory.c | 3 ++ include/linux/execmem.h | 8 +--- include/linux/module.h | 5 -- mm/execmem.c | 40 ++-------------- 9 files changed, 82 insertions(+), 79 deletions(-)
base-commit: 0ff41df1cb268fc69e703a08a57ee14ae967d0ca