From 36f72d8e35e36725e34376ef46a3a5f5946d8953 Mon Sep 17 00:00:00 2001
From: Zhao Xuehui <zhaoxuehui1@huawei.com>
Date: Fri, 7 May 2021 11:16:44 +0800
Subject: [PATCH] livepatch: Restoring code segment permissions after
 stop_machine completed

hulk inclusion
category: bugfix
bugzilla: 51821
CVE: NA

---------------------------

The function 'arch_klp_code_modify_prepare' is called before stop_machine
to change the permissions of the code segment to be readable and writable,
but the permissions of the code segment were not restored to the original
state after the stop_mahcine was completed. This may introduce security
issues, so 'arch_klp_code_modify_post_process' is used after 'stop_machine'
to fix this problem in this commit.

Signed-off-by: Zhao Xuehui <zhaoxuehui1@huawei.com>
Reviewed-by: Yang Jihong <yangjihong1@huawei.com>
Signed-off-by: Yang Yingliang <yangyingliang@huawei.com>
---
 kernel/livepatch/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
index 65f48c468e16..4cbe7ebfcf7f 100644
--- a/kernel/livepatch/core.c
+++ b/kernel/livepatch/core.c
@@ -663,7 +663,7 @@ static int __klp_enable_patch(struct klp_patch *patch)
 
 	arch_klp_code_modify_prepare();
 	ret = stop_machine(klp_try_enable_patch, &patch_data, cpu_online_mask);
-	arch_klp_code_modify_prepare();
+	arch_klp_code_modify_post_process();
 	if (ret)
 		return ret;
 
-- 
GitLab