lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 12 Oct 2019 17:59:18 +0530
From:   Shyam Saini <mayhs11saini@...il.com>
To:     kernel-hardening@...ts.openwall.com
Cc:     iommu@...ts.linux-foundation.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, Shyam Saini <mayhs11saini@...il.com>,
        Christoph Hellwig <hch@....de>,
        Marek Szyprowski <m.szyprowski@...sung.com>,
        Robin Murphy <robin.murphy@....com>,
        Matthew Wilcox <willy@...radead.org>,
        Christopher Lameter <cl@...ux.com>,
        Kees Cook <keescook@...omium.org>
Subject: [PATCH] kernel: dma: Make CMA boot parameters __ro_after_init

This parameters are not changed after early boot.
By making them __ro_after_init will reduce any attack surface in the
kernel.

Link: https://lwn.net/Articles/676145/
Cc: Christoph Hellwig <hch@....de>
Cc: Marek Szyprowski <m.szyprowski@...sung.com>
Cc: Robin Murphy <robin.murphy@....com>
Cc: Matthew Wilcox <willy@...radead.org>
Cc: Christopher Lameter <cl@...ux.com>
Cc: Kees Cook <keescook@...omium.org>
Signed-off-by: Shyam Saini <mayhs11saini@...il.com>
---
 kernel/dma/contiguous.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c
index 69cfb4345388..1b689b1303cd 100644
--- a/kernel/dma/contiguous.c
+++ b/kernel/dma/contiguous.c
@@ -42,10 +42,10 @@ struct cma *dma_contiguous_default_area;
  * Users, who want to set the size of global CMA area for their system
  * should use cma= kernel parameter.
  */
-static const phys_addr_t size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M;
-static phys_addr_t size_cmdline = -1;
-static phys_addr_t base_cmdline;
-static phys_addr_t limit_cmdline;
+static const phys_addr_t __ro_after_init size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M;
+static phys_addr_t __ro_after_init size_cmdline = -1;
+static phys_addr_t __ro_after_init base_cmdline;
+static phys_addr_t __ro_after_init limit_cmdline;
 
 static int __init early_cma(char *p)
 {
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ