From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Dan Li <ashimida@linux.alibaba.com>,
Mark Rutland <mark.rutland@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Sasha Levin <sashal@kernel.org>,
will@kernel.org, maz@kernel.org, peterz@infradead.org,
pcc@google.com, linux-arm-kernel@lists.infradead.org
Subject: [PATCH AUTOSEL 4.9 08/11] arm64: Mark __stack_chk_guard as __ro_after_init
Date: Wed, 22 Sep 2021 23:40:24 -0400 [thread overview]
Message-ID: <20210923034028.1421876-8-sashal@kernel.org> (raw)
In-Reply-To: <20210923034028.1421876-1-sashal@kernel.org>
From: Dan Li <ashimida@linux.alibaba.com>
[ Upstream commit 9fcb2e93f41c07a400885325e7dbdfceba6efaec ]
__stack_chk_guard is setup once while init stage and never changed
after that.
Although the modification of this variable at runtime will usually
cause the kernel to crash (so does the attacker), it should be marked
as __ro_after_init, and it should not affect performance if it is
placed in the ro_after_init section.
Signed-off-by: Dan Li <ashimida@linux.alibaba.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/r/1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/arm64/kernel/process.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
index e917d119490c..9c62365f8267 100644
--- a/arch/arm64/kernel/process.c
+++ b/arch/arm64/kernel/process.c
@@ -57,7 +57,7 @@
#ifdef CONFIG_CC_STACKPROTECTOR
#include <linux/stackprotector.h>
-unsigned long __stack_chk_guard __read_mostly;
+unsigned long __stack_chk_guard __ro_after_init;
EXPORT_SYMBOL(__stack_chk_guard);
#endif
--
2.30.2
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Dan Li <ashimida@linux.alibaba.com>,
Mark Rutland <mark.rutland@arm.com>,
Catalin Marinas <catalin.marinas@arm.com>,
Sasha Levin <sashal@kernel.org>,
will@kernel.org, maz@kernel.org, peterz@infradead.org,
pcc@google.com, linux-arm-kernel@lists.infradead.org
Subject: [PATCH AUTOSEL 4.9 08/11] arm64: Mark __stack_chk_guard as __ro_after_init
Date: Wed, 22 Sep 2021 23:40:24 -0400 [thread overview]
Message-ID: <20210923034028.1421876-8-sashal@kernel.org> (raw)
In-Reply-To: <20210923034028.1421876-1-sashal@kernel.org>
From: Dan Li <ashimida@linux.alibaba.com>
[ Upstream commit 9fcb2e93f41c07a400885325e7dbdfceba6efaec ]
__stack_chk_guard is setup once while init stage and never changed
after that.
Although the modification of this variable at runtime will usually
cause the kernel to crash (so does the attacker), it should be marked
as __ro_after_init, and it should not affect performance if it is
placed in the ro_after_init section.
Signed-off-by: Dan Li <ashimida@linux.alibaba.com>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/r/1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/arm64/kernel/process.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c
index e917d119490c..9c62365f8267 100644
--- a/arch/arm64/kernel/process.c
+++ b/arch/arm64/kernel/process.c
@@ -57,7 +57,7 @@
#ifdef CONFIG_CC_STACKPROTECTOR
#include <linux/stackprotector.h>
-unsigned long __stack_chk_guard __read_mostly;
+unsigned long __stack_chk_guard __ro_after_init;
EXPORT_SYMBOL(__stack_chk_guard);
#endif
--
2.30.2
next prev parent reply other threads:[~2021-09-23 3:42 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-23 3:40 [PATCH AUTOSEL 4.9 01/11] net: stmmac: allow CSR clock of 300MHz Sasha Levin
2021-09-23 3:40 ` Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 02/11] m68k: Double cast io functions to unsigned long Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 03/11] compiler.h: Introduce absolute_pointer macro Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 04/11] net: i825xx: Use absolute_pointer for memcpy from fixed memory location Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 05/11] sparc: avoid stringop-overread errors Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 06/11] qnx4: " Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 07/11] parisc: Use absolute_pointer() to define PAGE0 Sasha Levin
2021-09-23 3:40 ` Sasha Levin [this message]
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 08/11] arm64: Mark __stack_chk_guard as __ro_after_init Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 09/11] alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 10/11] net: 6pack: Fix tx timeout and slot time Sasha Levin
2021-09-23 3:40 ` [PATCH AUTOSEL 4.9 11/11] spi: Fix tegra20 build with CONFIG_PM=n Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210923034028.1421876-8-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=ashimida@linux.alibaba.com \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=maz@kernel.org \
--cc=pcc@google.com \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.