| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Aug 2014 08:41:55 -0700 From: Kees Cook <keescook@...omium.org> To: Will Deacon <will.deacon@....com> Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Liu hua <sdu.liu@...wei.com>, "msalter@...hat.com" <msalter@...hat.com>, Rabin Vincent <rabin@....in>, Nikolay Borisov <Nikolay.Borisov@....com>, Nicolas Pitre <nicolas.pitre@...aro.org>, Leif Lindholm <leif.lindholm@...aro.org>, Tomasz Figa <t.figa@...sung.com>, Rob Herring <robh@...nel.org>, Doug Anderson <dianders@...gle.com>, Jason Wessel <jason.wessel@...driver.com>, Laura Abbott <lauraa@...eaurora.org>, Catalin Marinas <Catalin.Marinas@....com>, Russell King - ARM Linux <linux@....linux.org.uk>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org> Subject: Re: [PATCH 8/8] ARM: mm: allow text and rodata sections to be read-only On Mon, Aug 11, 2014 at 6:30 AM, Will Deacon <will.deacon@....com> wrote: > On Thu, Aug 07, 2014 at 04:01:53PM +0100, Kees Cook wrote: >> This introduces CONFIG_DEBUG_RODATA, making kernel text and rodata >> read-only. Additionally, this splits rodata from text so that rodata can >> also be NX, which may lead to wasted memory when aligning to SECTION_SIZE. >> The read-only areas are made writable during ftrace updates and kexec. > > [...] > >> diff --git a/arch/arm/kernel/machine_kexec.c b/arch/arm/kernel/machine_kexec.c >> index 1ac184f2bdd8..4423a565ef6f 100644 >> --- a/arch/arm/kernel/machine_kexec.c >> +++ b/arch/arm/kernel/machine_kexec.c >> @@ -164,11 +164,11 @@ void machine_kexec(struct kimage *image) >> reboot_code_buffer = page_address(image->control_code_page); >> >> /* Prepare parameters for reboot_code_buffer*/ >> + set_kernel_text_rw(); >> kexec_start_address = image->start; >> kexec_indirection_page = page_list; >> kexec_mach_type = machine_arch_type; >> - kexec_boot_atags = dt_mem ?: image->start >> - - KEXEC_ARM_ZIMAGE_OFFSET >> + kexec_boot_atags = dt_mem ?: image->start - KEXEC_ARM_ZIMAGE_OFFSET >> + KEXEC_ARM_ATAGS_OFFSET; > > Minor nit: but this patch and the kexec patch earlier in the series seem to > move this line around in different ways without actually changing the code. > I guess you just got a screwy rebase? An earlier version of the patch had a typo in this line and when cleaning it up I made this formatting change. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists