| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20241209072020.4743-2-shijie@os.amperecomputing.com>
Date: Mon, 9 Dec 2024 15:20:19 +0800
From: Huang Shijie <shijie@...amperecomputing.com>
To: catalin.marinas@....com,
will@...nel.org,
anshuman.khandual@....com,
corbet@....net
Cc: patches@...erecomputing.com,
cl@...ux.com,
akpm@...ux-foundation.org,
thuth@...hat.com,
rostedt@...dmis.org,
xiongwei.song@...driver.com,
ardb@...nel.org,
inux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
Huang Shijie <shijie@...amperecomputing.com>
Subject: [PATCH v3 1/2] arm64: refactor the rodata=xxx
>From Documentation/admin-guide/kernel-parameters.txt:
rodata= [KNL,EARLY]
on Mark read-only kernel memory as read-only (default).
So "rodata=on" is the default.
But the current code does not follow the document, it makes "rodata=full"
as the default.
This patch refactors the "rodata=xxx" :
1.) Make rodata=on behaviour be the original rodata=full.
(Drop the original rodata=full.)
2.) Introduce "rodata=noalias" which is the original "rodata=on"
3.) Add more comment for arch_parse_debug_rodata(),
update kernel-parameters.txt.
After this patch, the rodata=on will be the default.
Signed-off-by: Huang Shijie <shijie@...amperecomputing.com>
---
.../admin-guide/kernel-parameters.txt | 2 +-
arch/arm64/include/asm/setup.h | 25 +++++++++++++++++--
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index a22b7e621007..51bce7b9d805 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -5901,7 +5901,7 @@
rodata= [KNL,EARLY]
on Mark read-only kernel memory as read-only (default).
off Leave read-only kernel memory writable for debugging.
- full Mark read-only kernel memory and aliases as read-only
+ noalias Use more block mappings,may have better performance.
[arm64]
rockchip.usb_uart
diff --git a/arch/arm64/include/asm/setup.h b/arch/arm64/include/asm/setup.h
index ba269a7a3201..b3063326b79a 100644
--- a/arch/arm64/include/asm/setup.h
+++ b/arch/arm64/include/asm/setup.h
@@ -13,6 +13,27 @@
extern phys_addr_t __fdt_pointer __initdata;
extern u64 __cacheline_aligned boot_args[4];
+/*
+ * rodata=on (default):
+ * Apply read-only attributes of VM areas to the linear alias of
+ * the backing pages as well. This prevents code or read-only data
+ * from being modified (inadvertently or intentionally) via another
+ * mapping of the same memory page.
+ *
+ * This requires the linear region to be mapped down to pages,
+ * which may adversely affect performance in some cases.
+ *
+ * rodata=off:
+ * It provides us more block mappings and contiguous hits
+ * to map the linear region which minimize the TLB footprint.
+ * Leave read-only kernel memory writable for debugging.
+ *
+ * rodata=noalias:
+ * It provides us more block mappings and contiguous hits
+ * to map the linear region which minimize the TLB footprint.
+ * And the linear aliases of pages belonging to read-only mappings
+ * in vmalloc region are also marked as read-only.
+ */
static inline bool arch_parse_debug_rodata(char *arg)
{
extern bool rodata_enabled;
@@ -21,7 +42,7 @@ static inline bool arch_parse_debug_rodata(char *arg)
if (!arg)
return false;
- if (!strcmp(arg, "full")) {
+ if (!strcmp(arg, "on")) {
rodata_enabled = rodata_full = true;
return true;
}
@@ -31,7 +52,7 @@ static inline bool arch_parse_debug_rodata(char *arg)
return true;
}
- if (!strcmp(arg, "on")) {
+ if (!strcmp(arg, "noalias")) {
rodata_enabled = true;
rodata_full = false;
return true;
--
2.40.1
Powered by blists - more mailing lists