On 11/26/24 14:26, Huang Shijie wrote:
> The default kernel is rodata=on which means
Right but this is true only after the update in the series.
if (!strcmp(arg, "on")) {
rodata_enabled = rodata_full = true;
return true;
}
rodata_full is always "true" via 'rodata=on' and does not depend
on the config RODATA_FULL_DEFAULT_ENABLED anymore, so it can be
dropped. Please update this commit message with these context as
well.
> CONFIG_RODATA_FULL_DEFAULT_ENABLED is always enabled by default.
> So we can remove CONFIG_RODATA_FULL_DEFAULT_ENABLED now.
>
> Signed-off-by: Huang Shijie <shijie@xxxxxxxxxxxxxxxxxxxxxx>
> ---
> arch/arm64/Kconfig | 14 --------------
> arch/arm64/mm/pageattr.c | 2 +-
> 2 files changed, 1 insertion(+), 15 deletions(-)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 4316b1fe8bf8..a9ca305a31d8 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1653,20 +1653,6 @@ config MITIGATE_SPECTRE_BRANCH_HISTORY
> When taking an exception from user-space, a sequence of branches
> or a firmware call overwrites the branch history.
>
> -config RODATA_FULL_DEFAULT_ENABLED
> - bool "Apply r/o permissions of VM areas also to their linear aliases"
> - default y
> - help
> - Apply read-only attributes of VM areas to the linear alias of
> - the backing pages as well. This prevents code or read-only data
> - from being modified (inadvertently or intentionally) via another
> - mapping of the same memory page. This additional enhancement can
> - be turned off at runtime by passing rodata=[off|on] (and turned on
> - with rodata=full if this option is set to 'n')
> -
> - This requires the linear region to be mapped down to pages,
> - which may adversely affect performance in some cases.
> -
> config ARM64_SW_TTBR0_PAN
> bool "Emulate Privileged Access Never using TTBR0_EL1 switching"
> depends on !KCSAN
> diff --git a/arch/arm64/mm/pageattr.c b/arch/arm64/mm/pageattr.c
> index 39fd1f7ff02a..6eef08d8451e 100644
> --- a/arch/arm64/mm/pageattr.c
> +++ b/arch/arm64/mm/pageattr.c
> @@ -20,7 +20,7 @@ struct page_change_data {
> pgprot_t clear_mask;
> };
>
> -bool rodata_full __ro_after_init = IS_ENABLED(CONFIG_RODATA_FULL_DEFAULT_ENABLED);
> +bool rodata_full __ro_after_init = true;
>
> bool can_set_direct_map(void)
> {
This patch can still follow the first one but after folding in the
third patch.
