From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932287AbcHJVpk (ORCPT ); Wed, 10 Aug 2016 17:45:40 -0400 Received: from mout.kundenserver.de ([212.227.17.24]:51843 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751556AbcHJVpi (ORCPT ); Wed, 10 Aug 2016 17:45:38 -0400 From: Arnd Bergmann To: linux-arm-kernel@lists.infradead.org Cc: Russell King - ARM Linux , Kees Cook , linux-arch@vger.kernel.org, Ard Biesheuvel , x86@kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Andrew Morton , Mathias Krause Subject: Re: [PATCH 2/2] arm: apply more __ro_after_init Date: Wed, 10 Aug 2016 12:00:53 +0200 Message-ID: <2342289.4RWg0SWI3A@wuerfel> User-Agent: KMail/5.1.3 (Linux/4.4.0-31-generic; KDE/5.18.0; x86_64; ; ) In-Reply-To: <20160810094339.GK1041@n2100.armlinux.org.uk> References: <1464979224-2085-1-git-send-email-keescook@chromium.org> <1464979224-2085-3-git-send-email-keescook@chromium.org> <20160810094339.GK1041@n2100.armlinux.org.uk> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Provags-ID: V03:K0:mMMBXs9X45L/EZ8v85VkVC9ZkwBTms+K88MF1Jwn6IrivfKL5wd zhMtk+afWnyOUbVqaMXyQ67NWsD/z8qtcsVArcvBLaHFXeLNNWdeKjcjH1YazVpXMHNuFzC KBqxaD97R0M6cOZNTCKQZmOLBofmbY9IEwm1dRz8D3/LEVTdvflYIMxNwIHoRtSUPeQyKRY BMbF62mqxuaqIwEDpunag== X-UI-Out-Filterresults: notjunk:1;V01:K0:CRuO1Sjg3aA=:lu3DZXohF6iMxjgA4YXQxh 9qrEOZrFkmLUUdGLXbsMcEVUBwo7EZN+/iabCA/WOe4XUOZRaKrQqEfwO8sd2KrLlGXcFopSO 4zPZkb9FKtjj9raV8hld8n8Yb4mntc68kkr1Esx3HWJmcvkTc0FCPYxbYuER05HmTecEJ8CGc VBKrSOa+5GhYBCJfIIy9qT2V5RhqZfGmUZS1b4wJHjWFN1PPjaKaHTMMQTnGvn7GckF0+mSg8 5L68vba3nvmf1klkHwaIo1Gy+fh6wgwAyBPaOy24k/TZZKVU7XzMCAHOjcOFTSIpsEG6vjvSo gwrpqz9ITBSRWrZljcQF3jRsrGWWgVS0AMb3WQZrNKVYWGHJNtrXUK3eiMJIoPlqxrJgUIIqT UzM1v0SbP3lOXvw7aoUD6XgBQCQgBxD85nH5DI1H1seYLqi3BpYTJ9T/9iQd2jsrsfepTFOMb Yphfhd9KrV4y+jb0W3iguL9We2JZQn81KTSQwEkMNIwKaBtIrGMdzlQelMqpcHLeHyMwQJfMt opRSzSS2lgrrfSHpPEYfULSwtwggaOywSnPQW5+ZLzhEFdWhxV3wRpB6IA+ynO8ZnSy0WlD66 XByIcycRYYyja7cOBnsuSVAkC/YQrQXsP9nZPTpn+PkELgu7HymieefuTcvQV4vMaNiuCapUC 0ebiOvWole5O12lQ2rSreQuj5zYVR0oV3rC60hTTPILBHYXEMoixqOyD7eVKg4xvALM9jhHER 7GNpmflb48jdzCa9 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wednesday, August 10, 2016 10:43:39 AM CEST Russell King - ARM Linux wrote: > On Fri, Jun 03, 2016 at 11:40:24AM -0700, Kees Cook wrote: > > @@ -1309,16 +1309,11 @@ void __init arm_mm_memblock_reserve(void) > > * Any other function or debugging method which may touch any device _will_ > > * crash the kernel. > > */ > > +static char vectors[PAGE_SIZE * 2] __ro_after_init __aligned(PAGE_SIZE); > > static void __init devicemaps_init(const struct machine_desc *mdesc) > > { > > struct map_desc map; > > unsigned long addr; > > - void *vectors; > > - > > - /* > > - * Allocate the vector page early. > > - */ > > - vectors = early_alloc(PAGE_SIZE * 2); > > This one is not appropriate. We _do_ write to these pages after init > for FIQ handler updates. See set_fiq_handler(). Is that the only thing that modifies the page? If we think this is a valuable change, we could make it depend on the absence of FIQ support, as very few platforms (rpc, omap1, s3c24xx and possibly imx) seem to even use it. Arnd