From: jeremy.linton@arm.com (Jeremy Linton)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v3] arm64: mm: Mark .rodata as RO
Date: Fri, 26 Feb 2016 08:59:47 -0600 [thread overview]
Message-ID: <56D06863.3080901@arm.com> (raw)
In-Reply-To: <20160226145516.GE8728@leverpostej>
On 02/26/2016 08:55 AM, Mark Rutland wrote:
> On Fri, Feb 19, 2016 at 11:50:32AM -0600, Jeremy Linton wrote:
>> Currently the .rodata section is actually still executable when DEBUG_RODATA
>> is enabled. This changes that so the .rodata is actually read only, no execute.
>> It also adds the .rodata section to the mem_init banner.
>>
>> Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
>> ---
>> arch/arm64/kernel/vmlinux.lds.S | 5 +++--
>> arch/arm64/mm/init.c | 4 +++-
>> arch/arm64/mm/mmu.c | 17 +++++++++++++----
>> 3 files changed, 19 insertions(+), 7 deletions(-)
>>
>> diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
>> index 8f4fc2c..9208f53 100644
>> --- a/arch/arm64/kernel/vmlinux.lds.S
>> +++ b/arch/arm64/kernel/vmlinux.lds.S
>> @@ -114,8 +114,9 @@ SECTIONS
>> *(.got) /* Global offset table */
>> }
>>
>> - RO_DATA(PAGE_SIZE)
>> - EXCEPTION_TABLE(8)
>> + ALIGN_DEBUG_RO_MIN(0)
>> + RO_DATA(PAGE_SIZE) /* everything from this point to */
>> + EXCEPTION_TABLE(8) /* _etext will be marked RO NX */
>> NOTES
>
> That should be ALIGN_DEBUG_RO_MIN(PAGE_SIZE), given we map .text and
> .rodata separately regardless of DEBUG_RODATA (and hence they need to
> never share a page).
>
The RO_DATA macro has an explicit alignment (PAGE_SIZE in this case) in
it too. That is why I left it at 0 to make it clear that it wasn't
changing the alignment unless DEBUG_RO was enabled (and in that case
only really applies if the section_size/cont_size is enabled).
prev parent reply other threads:[~2016-02-26 14:59 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-19 17:50 [PATCH v3] arm64: mm: Mark .rodata as RO Jeremy Linton
2016-02-19 19:05 ` Kees Cook
2016-02-26 14:44 ` Catalin Marinas
2016-02-26 14:55 ` Mark Rutland
2016-02-26 14:59 ` Jeremy Linton [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56D06863.3080901@arm.com \
--to=jeremy.linton@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).