From: Rusty Russell <rusty@rustcorp.com.au>
To: Jessica Yu <jeyu@redhat.com>
Cc: Kees Cook <keescook@google.com>,
linux-api@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: modules: add ro_after_init support
Date: Thu, 30 Jun 2016 14:26:51 +0930 [thread overview]
Message-ID: <87wpl7b7fw.fsf@rustcorp.com.au> (raw)
In-Reply-To: <20160629212713.GB30908@packer-debian-8-amd64.digitalocean.com>
Jessica Yu <jeyu@redhat.com> writes:
> +++ Rusty Russell [29/06/16 10:38 +0930]:
>>Jessica Yu <jeyu@redhat.com> writes:
>>> Add ro_after_init support for modules by adding a new page-aligned section
>>> in the module layout (after rodata) for ro_after_init data and enabling RO
>>> protection for that section after module init runs.
>>>
>>> Signed-off-by: Jessica Yu <jeyu@redhat.com>
>>
>>I would prefer a "bool after_init" flag to module_enable_ro(). It's
>>more explicit.
>
> Sure thing, I was just initially worried about the
> module_{enable,disable}_ro() asymmetry. :)
Yes, but I think compile-time-analyzable behaviour beats
runtime-analyzable behaviour for clarity.
>>Exposing the flags via uapi looks like a wart, but it's kind of a
>>feature, since we don't *unset* it in any section; userspace may want to
>>know about it.
>
> Hm, I'm still unsure about this. I'm starting to think it might be a
> bit overkill to expose SHF_RO_AFTER_INIT through uapi (although that
> is where all the other SHF_* flags are defined) SHF_RO_AFTER_INIT
> would technically be used only internally in the kernel (i.e. module
> loader), and it'd also be considered a non-standard flag, using a bit
> from SHF_MASKOS (OS-specific range). What do you think?
Some arch *could* use it by setting the flag in a section in their
module I think; we don't stop them. Since the other flags are there,
I'd leave it.
We don't expose the flags via sysfs, though, so that's the only
exposure.
Thanks!
Rusty.
next prev parent reply other threads:[~2016-06-30 5:04 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-14 0:13 [PATCH 0/1] Add ro_after_init support for modules Jessica Yu
2016-06-14 0:13 ` [PATCH 1/1] modules: add ro_after_init support Jessica Yu
2016-06-14 21:33 ` Kees Cook
2016-06-14 23:53 ` Jessica Yu
2016-06-29 1:08 ` [PATCH 1/1] " Rusty Russell
2016-06-29 21:27 ` Jessica Yu
2016-06-30 4:56 ` Rusty Russell [this message]
2016-07-21 23:03 ` Kees Cook
2016-07-21 23:11 ` Jessica Yu
-- strict thread matches above, loose matches on Subject: below --
2016-07-25 9:25 [PATCH v2 0/1] Add ro_after_init support for modules Jessica Yu
2016-07-25 9:25 ` [PATCH v2 1/1] modules: add ro_after_init support Jessica Yu
2016-07-25 10:01 ` Jessica Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wpl7b7fw.fsf@rustcorp.com.au \
--to=rusty@rustcorp.com.au \
--cc=jeyu@redhat.com \
--cc=keescook@google.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).