lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <fc5a960f-21d4-4110-88db-20c103491af6@suse.com>
Date: Mon, 7 Apr 2025 16:14:34 +0200
From: Petr Pavlu <petr.pavlu@...e.com>
To: Petr Pavlu <petr.pavlu@...e.com>, Luis Chamberlain <mcgrof@...nel.org>,
 Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>,
 Jason Baron <jbaron@...mai.com>
Cc: Sami Tolvanen <samitolvanen@...gle.com>,
 Daniel Gomez <da.gomez@...sung.com>, Steven Rostedt <rostedt@...dmis.org>,
 Ard Biesheuvel <ardb@...nel.org>,
 Christophe Leroy <christophe.leroy@...roup.eu>,
 linux-modules@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 0/3] module: Make .static_call_sites read-only after
 init

On 3/6/25 14:13, Petr Pavlu wrote:
> Section .static_call_sites holds data structures that need to be sorted and
> processed only at module load time. The section is never modified
> afterwards. Make it therefore read-only after module initialization to
> avoid any (non-)accidental modifications.
> 
> Changes since v1 [1]:
> * Rebase the patches. The kernel now has commit 110b1e070f1d ("module:
>   Don't fail module loading when setting ro_after_init section RO failed")
>   which addresses a previous problem with handling ro_after_init sections.
> 
> [1] https://lore.kernel.org/linux-modules/20241223093840.29417-1-petr.pavlu@suse.com/
> 
> Petr Pavlu (3):
>   module: Constify parameters of module_enforce_rwx_sections()
>   module: Add a separate function to mark sections as read-only after
>     init
>   module: Make .static_call_sites read-only after init
> 
>  kernel/module/internal.h   |  7 ++++--
>  kernel/module/main.c       | 18 +++------------
>  kernel/module/strict_rwx.c | 47 ++++++++++++++++++++++++++++++++++++--
>  3 files changed, 53 insertions(+), 19 deletions(-)

Queued now on modules-next, for 6.16-rc1.

-- Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ