From: Sasha Levin <sashal@kernel.org> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Dan Li <ashimida@linux.alibaba.com>, Mark Rutland <mark.rutland@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, Sasha Levin <sashal@kernel.org>, will@kernel.org, maz@kernel.org, peterz@infradead.org, pcc@google.com, linux-arm-kernel@lists.infradead.org Subject: [PATCH AUTOSEL 4.9 08/11] arm64: Mark __stack_chk_guard as __ro_after_init Date: Wed, 22 Sep 2021 23:40:24 -0400 [thread overview] Message-ID: <20210923034028.1421876-8-sashal@kernel.org> (raw) In-Reply-To: <20210923034028.1421876-1-sashal@kernel.org> From: Dan Li <ashimida@linux.alibaba.com> [ Upstream commit 9fcb2e93f41c07a400885325e7dbdfceba6efaec ] __stack_chk_guard is setup once while init stage and never changed after that. Although the modification of this variable at runtime will usually cause the kernel to crash (so does the attacker), it should be marked as __ro_after_init, and it should not affect performance if it is placed in the ro_after_init section. Signed-off-by: Dan Li <ashimida@linux.alibaba.com> Acked-by: Mark Rutland <mark.rutland@arm.com> Link: https://lore.kernel.org/r/1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> --- arch/arm64/kernel/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c index e917d119490c..9c62365f8267 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -57,7 +57,7 @@ #ifdef CONFIG_CC_STACKPROTECTOR #include <linux/stackprotector.h> -unsigned long __stack_chk_guard __read_mostly; +unsigned long __stack_chk_guard __ro_after_init; EXPORT_SYMBOL(__stack_chk_guard); #endif -- 2.30.2 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sashal@kernel.org> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Dan Li <ashimida@linux.alibaba.com>, Mark Rutland <mark.rutland@arm.com>, Catalin Marinas <catalin.marinas@arm.com>, Sasha Levin <sashal@kernel.org>, will@kernel.org, maz@kernel.org, peterz@infradead.org, pcc@google.com, linux-arm-kernel@lists.infradead.org Subject: [PATCH AUTOSEL 4.9 08/11] arm64: Mark __stack_chk_guard as __ro_after_init Date: Wed, 22 Sep 2021 23:40:24 -0400 [thread overview] Message-ID: <20210923034028.1421876-8-sashal@kernel.org> (raw) In-Reply-To: <20210923034028.1421876-1-sashal@kernel.org> From: Dan Li <ashimida@linux.alibaba.com> [ Upstream commit 9fcb2e93f41c07a400885325e7dbdfceba6efaec ] __stack_chk_guard is setup once while init stage and never changed after that. Although the modification of this variable at runtime will usually cause the kernel to crash (so does the attacker), it should be marked as __ro_after_init, and it should not affect performance if it is placed in the ro_after_init section. Signed-off-by: Dan Li <ashimida@linux.alibaba.com> Acked-by: Mark Rutland <mark.rutland@arm.com> Link: https://lore.kernel.org/r/1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Sasha Levin <sashal@kernel.org> --- arch/arm64/kernel/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c index e917d119490c..9c62365f8267 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -57,7 +57,7 @@ #ifdef CONFIG_CC_STACKPROTECTOR #include <linux/stackprotector.h> -unsigned long __stack_chk_guard __read_mostly; +unsigned long __stack_chk_guard __ro_after_init; EXPORT_SYMBOL(__stack_chk_guard); #endif -- 2.30.2
next prev parent reply other threads:[~2021-09-23 3:42 UTC|newest] Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-09-23 3:40 [PATCH AUTOSEL 4.9 01/11] net: stmmac: allow CSR clock of 300MHz Sasha Levin 2021-09-23 3:40 ` Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 02/11] m68k: Double cast io functions to unsigned long Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 03/11] compiler.h: Introduce absolute_pointer macro Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 04/11] net: i825xx: Use absolute_pointer for memcpy from fixed memory location Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 05/11] sparc: avoid stringop-overread errors Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 06/11] qnx4: " Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 07/11] parisc: Use absolute_pointer() to define PAGE0 Sasha Levin 2021-09-23 3:40 ` Sasha Levin [this message] 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 08/11] arm64: Mark __stack_chk_guard as __ro_after_init Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 09/11] alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 10/11] net: 6pack: Fix tx timeout and slot time Sasha Levin 2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 11/11] spi: Fix tegra20 build with CONFIG_PM=n Sasha Levin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210923034028.1421876-8-sashal@kernel.org \ --to=sashal@kernel.org \ --cc=ashimida@linux.alibaba.com \ --cc=catalin.marinas@arm.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=mark.rutland@arm.com \ --cc=maz@kernel.org \ --cc=pcc@google.com \ --cc=peterz@infradead.org \ --cc=stable@vger.kernel.org \ --cc=will@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.