lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 14 Feb 2019 00:41:36 +0200
From:   Igor Stoppa <>
To:     unlisted-recipients:; (no To-header on input)
Cc:     Igor Stoppa <>,
        Andy Lutomirski <>,
        Nadav Amit <>,
        Matthew Wilcox <>,
        Peter Zijlstra <>,
        Kees Cook <>,
        Dave Hansen <>,
        Mimi Zohar <>,
        Thiago Jung Bauermann <>,
        Ahmed Soliman <>,,,,
Subject: [RFC PATCH v5 07/12] __wr_after_init: Documentation: self-protection

Update the self-protection documentation, to mention also the use of the
__wr_after_init attribute.

Signed-off-by: Igor Stoppa <>

CC: Andy Lutomirski <>
CC: Nadav Amit <>
CC: Matthew Wilcox <>
CC: Peter Zijlstra <>
CC: Kees Cook <>
CC: Dave Hansen <>
CC: Mimi Zohar <>
CC: Thiago Jung Bauermann <>
CC: Ahmed Soliman <>
 Documentation/security/self-protection.rst | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/Documentation/security/self-protection.rst b/Documentation/security/self-protection.rst
index f584fb74b4ff..df2614bc25b9 100644
--- a/Documentation/security/self-protection.rst
+++ b/Documentation/security/self-protection.rst
@@ -84,12 +84,14 @@ For variables that are initialized once at ``__init`` time, these can
 be marked with the (new and under development) ``__ro_after_init``
-What remains are variables that are updated rarely (e.g. GDT). These
-will need another infrastructure (similar to the temporary exceptions
-made to kernel code mentioned above) that allow them to spend the rest
-of their lifetime read-only. (For example, when being updated, only the
-CPU thread performing the update would be given uninterruptible write
-access to the memory.)
+Others, which are statically allocated, but still need to be updated
+rarely, can be marked with the ``__wr_after_init`` attribute.
+The update mechanism must avoid exposing the data to rogue alterations
+during the update. For example, only the CPU thread performing the update
+would be given uninterruptible write access to the memory.
+Currently there is no protection available for data allocated dynamically.
 Segregation of kernel memory from userspace memory

Powered by blists - more mailing lists