* [PATCH v2 1/2] asm-generic/vmlinux.lds: Move .data.rel.ro input into .rodata segment
[not found] <20250219105542.2418786-4-ardb+git@google.com>
@ 2025-02-19 10:55 ` Ard Biesheuvel
2025-02-20 20:55 ` Josh Poimboeuf
0 siblings, 1 reply; 3+ messages in thread
From: Ard Biesheuvel @ 2025-02-19 10:55 UTC (permalink / raw)
To: linux-kernel; +Cc: x86, Huacai Chen, Ard Biesheuvel, stable
From: Ard Biesheuvel <ardb@kernel.org>
When using -fPIE codegen, the compiler will emit const global objects
(which are useless unless statically initialized) into .data.rel.ro
rather than .rodata if the object contains fields that carry absolute
addresses of other code or data objects. This permits the linker to
annotate such regions as requiring read-write access only at load time,
but not at execution time (in user space).
This distinction does not matter for the kernel, but it does imply that
const data will end up in writable memory if the .data.rel.ro sections
are not treated in a special way.
So emit .data.rel.ro into the .rodata segment.
Cc: <stable@vger.kernel.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
include/asm-generic/vmlinux.lds.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index 02a4adb4a999..0d5b186abee8 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -457,7 +457,7 @@ defined(CONFIG_AUTOFDO_CLANG) || defined(CONFIG_PROPELLER_CLANG)
. = ALIGN((align)); \
.rodata : AT(ADDR(.rodata) - LOAD_OFFSET) { \
__start_rodata = .; \
- *(.rodata) *(.rodata.*) \
+ *(.rodata) *(.rodata.*) *(.data.rel.ro*) \
SCHED_DATA \
RO_AFTER_INIT_DATA /* Read only after init */ \
. = ALIGN(8); \
--
2.48.1.601.g30ceb7b040-goog
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2 1/2] asm-generic/vmlinux.lds: Move .data.rel.ro input into .rodata segment
2025-02-19 10:55 ` [PATCH v2 1/2] asm-generic/vmlinux.lds: Move .data.rel.ro input into .rodata segment Ard Biesheuvel
@ 2025-02-20 20:55 ` Josh Poimboeuf
2025-02-20 22:33 ` Ard Biesheuvel
0 siblings, 1 reply; 3+ messages in thread
From: Josh Poimboeuf @ 2025-02-20 20:55 UTC (permalink / raw)
To: Ard Biesheuvel; +Cc: linux-kernel, x86, Huacai Chen, Ard Biesheuvel, stable
On Wed, Feb 19, 2025 at 11:55:44AM +0100, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@kernel.org>
BTW, I was copied on the cover letter but not the individual patches.
> When using -fPIE codegen, the compiler will emit const global objects
> (which are useless unless statically initialized) into .data.rel.ro
> rather than .rodata if the object contains fields that carry absolute
> addresses of other code or data objects. This permits the linker to
> annotate such regions as requiring read-write access only at load time,
> but not at execution time (in user space).
Hm, this sounds more like __ro_after_init, are we sure the kernel
doesn't need to write it early?
> This distinction does not matter for the kernel, but it does imply that
> const data will end up in writable memory if the .data.rel.ro sections
> are not treated in a special way.
>
> So emit .data.rel.ro into the .rodata segment.
This is a bug fix, right? Since the RO data wasn't actually RO? That's
not clear in the title.
--
Josh
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v2 1/2] asm-generic/vmlinux.lds: Move .data.rel.ro input into .rodata segment
2025-02-20 20:55 ` Josh Poimboeuf
@ 2025-02-20 22:33 ` Ard Biesheuvel
0 siblings, 0 replies; 3+ messages in thread
From: Ard Biesheuvel @ 2025-02-20 22:33 UTC (permalink / raw)
To: Josh Poimboeuf; +Cc: Ard Biesheuvel, linux-kernel, x86, Huacai Chen, stable
On Thu, 20 Feb 2025 at 21:55, Josh Poimboeuf <jpoimboe@kernel.org> wrote:
>
> On Wed, Feb 19, 2025 at 11:55:44AM +0100, Ard Biesheuvel wrote:
> > From: Ard Biesheuvel <ardb@kernel.org>
>
> BTW, I was copied on the cover letter but not the individual patches.
>
> > When using -fPIE codegen, the compiler will emit const global objects
> > (which are useless unless statically initialized) into .data.rel.ro
> > rather than .rodata if the object contains fields that carry absolute
> > addresses of other code or data objects. This permits the linker to
> > annotate such regions as requiring read-write access only at load time,
> > but not at execution time (in user space).
>
> Hm, this sounds more like __ro_after_init, are we sure the kernel
> doesn't need to write it early?
>
It does need to write to it early, for KASLR relocation. So
conceptually, it is the same as .rodata. __ro_after_init conceptually
remains writable for longer.
In practice, they are all treated the same so it doesn't really matter.
> > This distinction does not matter for the kernel, but it does imply that
> > const data will end up in writable memory if the .data.rel.ro sections
> > are not treated in a special way.
> >
> > So emit .data.rel.ro into the .rodata segment.
>
> This is a bug fix, right? Since the RO data wasn't actually RO? That's
> not clear in the title.
>
Yes, it is. I'll clarify that.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-02-20 22:33 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20250219105542.2418786-4-ardb+git@google.com>
2025-02-19 10:55 ` [PATCH v2 1/2] asm-generic/vmlinux.lds: Move .data.rel.ro input into .rodata segment Ard Biesheuvel
2025-02-20 20:55 ` Josh Poimboeuf
2025-02-20 22:33 ` Ard Biesheuvel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).