On Mon, Mar 7, 2016 at 4:20 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: > Since s390 already sets its .rodata section RO from the start, the generic > .data..ro_after_init section is already RO before init runs. For s390, > split the post-init read-only section off separately and handle that > when the call to mark_rodata_ro() is made. > > Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> > --- > This is totally untested... > --- > arch/s390/Kconfig | 3 +++ > arch/s390/include/asm/cache.h | 2 ++ > arch/s390/include/asm/sections.h | 2 +- > arch/s390/kernel/vmlinux.lds.S | 6 ++++++ > arch/s390/mm/init.c | 10 ++++++++++ > 5 files changed, 22 insertions(+), 1 deletion(-) > > diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig > index 3be9c832dec1..3f8b96f2cd2d 100644 > --- a/arch/s390/Kconfig > +++ b/arch/s390/Kconfig > @@ -59,6 +59,9 @@ config PCI_QUIRKS > config ARCH_SUPPORTS_UPROBES > def_bool y > > +config DEBUG_RODATA > + def_bool y > + > config S390 > def_bool y > select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE > diff --git a/arch/s390/include/asm/cache.h b/arch/s390/include/asm/cache.h > index 4d7ccac5fd1d..816c2964bbee 100644 > --- a/arch/s390/include/asm/cache.h > +++ b/arch/s390/include/asm/cache.h > @@ -15,4 +15,6 @@ > > #define __read_mostly __attribute__((__section__(".data..read_mostly"))) > > +#define __ro_after_init __attribute__((__section__(".arch_ro_after_init"))) > + > #endif > diff --git a/arch/s390/include/asm/sections.h b/arch/s390/include/asm/sections.h > index fbd9116eb17b..6cc6acf87416 100644 > --- a/arch/s390/include/asm/sections.h > +++ b/arch/s390/include/asm/sections.h > @@ -3,6 +3,6 @@ > > #include <asm-generic/sections.h> > > -extern char _eshared[], _ehead[]; > +extern char _eshared[], _ehead[], __ro_after_init[]; 0day points out this should be _ro_after_init > > #endif > diff --git a/arch/s390/kernel/vmlinux.lds.S b/arch/s390/kernel/vmlinux.lds.S > index 445657fe658c..39a2c7e4cdd2 100644 > --- a/arch/s390/kernel/vmlinux.lds.S > +++ b/arch/s390/kernel/vmlinux.lds.S > @@ -52,6 +52,12 @@ SECTIONS > > RW_DATA_SECTION(0x100, PAGE_SIZE, THREAD_SIZE) > > + . = ALIGN(PAGE_SIZE) > + __ro_after_init = .; and here > + .arch_ro_after_init : { > + *(.arch_ro_after_init) /* Read only after init */ > + } > + > _edata = .; /* End of data section */ > > /* will be freed after init */ > diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c > index 73e290337092..6033d396b96c 100644 > --- a/arch/s390/mm/init.c > +++ b/arch/s390/mm/init.c > @@ -136,6 +136,16 @@ void free_initmem(void) > free_initmem_default(POISON_FREE_INITMEM); > } > > +void mark_rodata_ro(void) > +{ > + unsigned long start = (unsigned long) &__ro_after_init; and here. :) > + unsigned long end = (unsigned long) &_edata; > + > + printk(KERN_INFO "Write protecting post-init read-only data: %luk\n", > + (end - start) >> 10); > + set_memory_ro(start, (end - start) >> PAGE_SHIFT); > +} > + > #ifdef CONFIG_BLK_DEV_INITRD > void __init free_initrd_mem(unsigned long start, unsigned long end) > { > -- > 2.6.3 > > > -- > Kees Cook > Chrome OS & Brillo Security I will go try Andy's virtme next... ;) -Kees -- Kees Cook Chrome OS & Brillo Security -- To unsubscribe from this list: send the line "unsubscribe linux-arch" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html