Re: Avoiding RWX segments in XEN3_DOM0/XEN3_DOMU kernels

[Taylor R Campbell <riastradh%NetBSD.org@localhost>]

> Date: Sat, 21 Oct 2023 17:37:01 +0200
> From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
> 
> On Sat, Oct 21, 2023 at 05:12:17PM +0200, Martin Husemann wrote:
> > On Sun, Jul 16, 2023 at 10:24:35AM +0000, Taylor R Campbell wrote:
> > > The attached patch tries to fix it by splitting the linker script into
> > > three different segments -- one with read/execute (for .text), one
> > > read-only (for .rodata and various others), and one with read/write
> > > (for .data and everything else), along with the note.
> > > 
> > > Can someone try this and report back, or take a look and tell me if
> > > I'm barking up the wrong tree to fix the problem?  (Not a linker
> > > script expert here.)
> > 
> > Works for me - dom0 and domU kernel boot, linker warnings are gone.
> 
> Doens't this ends up with bigger kernel images, with a hole between text,
> rodata and data ? The hole would be a waste of ram.

Possible, I didn't check.

> Note that this won't change much things in practice: Xen loads this as a
> single large blob mapped read/write, and the NetBSD bootstrap remaps
> it RX, RO or RW based on __rodata_start and __data_start

How can it remap without separate sections?  RX or RW data could
straddle the boundaries of the RO section if they're not separate.

Alternatively, if everything already is aligned as needed -- how would
this expand the kernel images?

I'm not attached to this patch.  I just drafted the it when I saw the
RWX warnings -- hoped it might prompt a Xen wizard to verify it's the
right approach or find a better one.