Kees Cook <keescook@xxxxxxxxxxxx> writes: > On Thu, Jul 7, 2016 at 4:01 AM, Arnd Bergmann <arnd@xxxxxxxx> wrote: >> On Wednesday, July 6, 2016 3:25:20 PM CEST Kees Cook wrote: >>> + >>> + /* Allow kernel rodata region (if not marked as Reserved). */ >>> + if (ptr >= (const void *)__start_rodata && >>> + end <= (const void *)__end_rodata) >>> + return NULL; >> >> Should we explicitly forbid writing to rodata, or is it enough to >> rely on page protection here? > > Hm, interesting. That's a very small check to add. My knee-jerk is to > just leave it up to page protection. I'm on the fence. :) There are platforms that don't have page protection, so it would be nice if they could at least opt-in to checking for it here. cheers -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>