From: Dan Li <ashimida@linux.alibaba.com> To: catalin.marinas@arm.com, will@kernel.org Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Dan Li <ashimida@linux.alibaba.com> Subject: [PATCH] [RFC]arm64:Mark __stack_chk_guard as __ro_after_init Date: Tue, 14 Sep 2021 17:44:02 +0800 [thread overview] Message-ID: <1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com> (raw) __stack_chk_guard is setup once while init stage and never changed after that. Although the modification of this variable at runtime will usually cause the kernel to crash (so dose the attacker), it should be marked as _ro_after_init, and it should not affect performance if it is placed in the ro_after_init section. This should also be the case on the ARM platform, or am I missing something? Signed-off-by: Dan Li <ashimida@linux.alibaba.com> --- arch/arm64/kernel/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c index c8989b9..c858b85 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -60,7 +60,7 @@ #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK) #include <linux/stackprotector.h> -unsigned long __stack_chk_guard __read_mostly; +unsigned long __stack_chk_guard __ro_after_init; EXPORT_SYMBOL(__stack_chk_guard); #endif -- 2.7.4
WARNING: multiple messages have this Message-ID (diff)
From: Dan Li <ashimida@linux.alibaba.com> To: catalin.marinas@arm.com, will@kernel.org Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Dan Li <ashimida@linux.alibaba.com> Subject: [PATCH] [RFC]arm64:Mark __stack_chk_guard as __ro_after_init Date: Tue, 14 Sep 2021 17:44:02 +0800 [thread overview] Message-ID: <1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com> (raw) __stack_chk_guard is setup once while init stage and never changed after that. Although the modification of this variable at runtime will usually cause the kernel to crash (so dose the attacker), it should be marked as _ro_after_init, and it should not affect performance if it is placed in the ro_after_init section. This should also be the case on the ARM platform, or am I missing something? Signed-off-by: Dan Li <ashimida@linux.alibaba.com> --- arch/arm64/kernel/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c index c8989b9..c858b85 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -60,7 +60,7 @@ #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK) #include <linux/stackprotector.h> -unsigned long __stack_chk_guard __read_mostly; +unsigned long __stack_chk_guard __ro_after_init; EXPORT_SYMBOL(__stack_chk_guard); #endif -- 2.7.4 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next reply other threads:[~2021-09-14 9:44 UTC|newest] Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-09-14 9:44 Dan Li [this message] 2021-09-14 9:44 ` [PATCH] [RFC]arm64:Mark __stack_chk_guard as __ro_after_init Dan Li 2021-09-14 9:58 ` Russell King (Oracle) 2021-09-14 9:58 ` Russell King (Oracle) 2021-09-14 10:17 ` Mark Rutland 2021-09-14 10:17 ` Mark Rutland 2021-09-15 1:57 ` ashimida 2021-09-15 1:57 ` ashimida 2021-09-15 9:19 ` Mark Rutland 2021-09-15 9:19 ` Mark Rutland 2021-09-15 9:35 ` Dan Li 2021-09-15 9:35 ` Dan Li 2021-09-16 17:08 ` Catalin Marinas 2021-09-16 17:08 ` Catalin Marinas
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com \ --to=ashimida@linux.alibaba.com \ --cc=catalin.marinas@arm.com \ --cc=linux-arm-kernel@lists.infradead.org \ --cc=linux-kernel@vger.kernel.org \ --cc=will@kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.