Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753225AbdLHU7Z (ORCPT ); Fri, 8 Dec 2017 15:59:25 -0500 Received: from mail-ua0-f195.google.com ([209.85.217.195]:39727 "EHLO mail-ua0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753129AbdLHU7Y (ORCPT ); Fri, 8 Dec 2017 15:59:24 -0500 X-Google-Smtp-Source: AGs4zMbFXRD1FJmpEbK5/wlyPU3DXwbONBpytJ1betGGbLddeUhZwxhkwofEZWdIcN0cOQt5oBRY3vkNNiXEfBHyXxg= MIME-Version: 1.0 In-Reply-To: <20171208111318.GA12346@pjb1027-Latitude-E5410> References: <20171208111318.GA12346@pjb1027-Latitude-E5410> From: Kees Cook Date: Fri, 8 Dec 2017 12:59:22 -0800 X-Google-Sender-Auth: 5RFIyvrD9lgeGDrGKT9mmXsA_Ag Message-ID: Subject: Re: [kernel-hardening][PATCH] arm: mm: idmap: Mark variables as ro_after_init To: Jinbum Park Cc: linux-arm-kernel@lists.infradead.org, LKML , kernel-hardening@lists.openwall.com, Russell King , Greg KH , Thomas Gleixner , kstewart@linuxfoundation.org, Ingo Molnar , pombredanne@nexb.com, Mark Rutland Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1120 Lines: 42 On Fri, Dec 8, 2017 at 3:13 AM, Jinbum Park wrote: > idmap_pgd, arch_phys_to_idmap_offset are setup once > while init stage, and never changed after that. > so, it is good candidate for __ro_after_init. > > Signed-off-by: Jinbum Park Reviewed-by: Kees Cook Does arm64 have anything like this? Just grepping for similar names, idmap_t0sz looks like it could actually be const. -Kees > --- > arch/arm/mm/idmap.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/arch/arm/mm/idmap.c b/arch/arm/mm/idmap.c > index 10bfba8..1d1edd0 100644 > --- a/arch/arm/mm/idmap.c > +++ b/arch/arm/mm/idmap.c > @@ -16,8 +16,8 @@ > * are not supported on any CPU using the idmap tables as its current > * page tables. > */ > -pgd_t *idmap_pgd; > -long long arch_phys_to_idmap_offset; > +pgd_t *idmap_pgd __ro_after_init; > +long long arch_phys_to_idmap_offset __ro_after_init; > > #ifdef CONFIG_ARM_LPAE > static void idmap_add_pmd(pud_t *pud, unsigned long addr, unsigned long end, > -- > 1.9.1 > -- Kees Cook Pixel Security