| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c1f2ba9e-6f2d-4c7e-9956-6d3b183d3e05@arm.com>
Date: Fri, 6 Dec 2024 10:10:43 +0530
From: Anshuman Khandual <anshuman.khandual@....com>
To: Huang Shijie <shijie@...amperecomputing.com>, catalin.marinas@....com,
will@...nel.org
Cc: patches@...erecomputing.com, paulmck@...nel.org,
akpm@...ux-foundation.org, thuth@...hat.com, rostedt@...dmis.org,
xiongwei.song@...driver.com, ardb@...nel.org, steven.price@....com,
suzuki.poulose@....com, mark.rutland@....com, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
cl@...amperecomputing.com
Subject: Re: [PATCH v2 2/4] arm64: remove CONFIG_RODATA_FULL_DEFAULT_ENABLED
On 11/26/24 14:26, Huang Shijie wrote:
> The default kernel is rodata=on which means
Right but this is true only after the update in the series.
if (!strcmp(arg, "on")) {
rodata_enabled = rodata_full = true;
return true;
}
rodata_full is always "true" via 'rodata=on' and does not depend
on the config RODATA_FULL_DEFAULT_ENABLED anymore, so it can be
dropped. Please update this commit message with these context as
well.
> CONFIG_RODATA_FULL_DEFAULT_ENABLED is always enabled by default.
> So we can remove CONFIG_RODATA_FULL_DEFAULT_ENABLED now.
>
> Signed-off-by: Huang Shijie <shijie@...amperecomputing.com>
> ---
> arch/arm64/Kconfig | 14 --------------
> arch/arm64/mm/pageattr.c | 2 +-
> 2 files changed, 1 insertion(+), 15 deletions(-)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 4316b1fe8bf8..a9ca305a31d8 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1653,20 +1653,6 @@ config MITIGATE_SPECTRE_BRANCH_HISTORY
> When taking an exception from user-space, a sequence of branches
> or a firmware call overwrites the branch history.
>
> -config RODATA_FULL_DEFAULT_ENABLED
> - bool "Apply r/o permissions of VM areas also to their linear aliases"
> - default y
> - help
> - Apply read-only attributes of VM areas to the linear alias of
> - the backing pages as well. This prevents code or read-only data
> - from being modified (inadvertently or intentionally) via another
> - mapping of the same memory page. This additional enhancement can
> - be turned off at runtime by passing rodata=[off|on] (and turned on
> - with rodata=full if this option is set to 'n')
> -
> - This requires the linear region to be mapped down to pages,
> - which may adversely affect performance in some cases.
> -
> config ARM64_SW_TTBR0_PAN
> bool "Emulate Privileged Access Never using TTBR0_EL1 switching"
> depends on !KCSAN
> diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c
> index 39fd1f7ff02a..6eef08d8451e 100644
> --- a/arch/arm64/mm/pageattr.c
> +++ b/arch/arm64/mm/pageattr.c
> @@ -20,7 +20,7 @@ struct page_change_data {
> pgprot_t clear_mask;
> };
>
> -bool rodata_full __ro_after_init = IS_ENABLED(CONFIG_RODATA_FULL_DEFAULT_ENABLED);
> +bool rodata_full __ro_after_init = true;
>
> bool can_set_direct_map(void)
> {
This patch can still follow the first one but after folding in the
third patch.
Powered by blists - more mailing lists