Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752117AbbBVSs4 (ORCPT <rfc822;w@1wt.eu>);
	Sun, 22 Feb 2015 13:48:56 -0500
Received: from relay4-d.mail.gandi.net ([217.70.183.196]:38838 "EHLO
	relay4-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751810AbbBVSsz (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sun, 22 Feb 2015 13:48:55 -0500
X-Originating-IP: 50.43.43.179
Date: Sun, 22 Feb 2015 10:48:45 -0800
From: Josh Triplett <josh@joshtriplett.org>
To: Arjan van de Ven <arjan@linux.intel.com>
Cc: paulmck@linux.vnet.ibm.com, Peter Zijlstra <peterz@infradead.org>,
        linux-kernel@vger.kernel.org, mingo@kernel.org, laijs@cn.fujitsu.com,
        dipankar@in.ibm.com, akpm@linux-foundation.org,
        mathieu.desnoyers@efficios.com, tglx@linutronix.de,
        rostedt@goodmis.org, dhowells@redhat.com, edumazet@google.com,
        dvhart@linux.intel.com, fweisbec@gmail.com, oleg@redhat.com,
        bobby.prani@gmail.com
Subject: Re: [PATCH tip/core/rcu 0/4] Programmatic nestable expedited grace
 periods
Message-ID: <20150222184844.GA4262@thin>
References: <20150220050850.GA32639@linux.vnet.ibm.com>
 <20150220091107.GN21418@twins.programming.kicks-ass.net>
 <20150220163737.GL5745@linux.vnet.ibm.com>
 <20150220165409.GU5029@twins.programming.kicks-ass.net>
 <20150220171442.GM5745@linux.vnet.ibm.com>
 <54E76FB7.4060005@linux.intel.com>
 <20150220182745.GN5745@linux.vnet.ibm.com>
 <54E8A986.4090302@linux.intel.com>
 <20150222035806.GA4452@thin>
 <54EA207E.3090502@linux.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <54EA207E.3090502@linux.intel.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 961
Lines: 20

On Sun, Feb 22, 2015 at 10:31:26AM -0800, Arjan van de Ven wrote:
> >>To show the boot time, I'm using the timestamp of the "Write protecting" line,
> >>that's pretty much the last thing we print prior to ring 3 execution.
> >
> >That's a little sad; we ought to be write-protecting kernel read-only
> >data as *early* as possible.
> 
> well... if you are compromised before the first ring 3 instruction...
> .... you have a slightly bigger problem than where in the kernel we write protect things.

Definitely not talking about malicious compromise here; malicious code
could just remove the write protection.  However, write-protecting
kernel read-only data also protects against a class of bugs.

- Josh Triplett
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/