Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp3993665ybp; Sun, 13 Oct 2019 19:27:10 -0700 (PDT) X-Google-Smtp-Source: APXvYqw4ISpV9ukWkwGw2N8Ht75m5W/7TnnnA5zs2EILKcvm3gDOLWDJmgbBGgQ7DWSmFew8J7he X-Received: by 2002:a17:906:3797:: with SMTP id n23mr26295743ejc.284.1571020030444; Sun, 13 Oct 2019 19:27:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571020030; cv=none; d=google.com; s=arc-20160816; b=Sgeggiy9utQSzchW4Xf9i47FXDm2qTIRo6rkNqzH0hquAbVq7bflFoVnehsyH7zYpW DMEvJBmbxf8wUNrwASFfkyEm8O4Hg96WmOvzjv4sRzhqT4ihM9aAiZY+DsgoFQeajjZ8 HgpcYRBdy9AmmdD6hSeElNg0NqgCl9wXSuqTpOrGOIt5Mtl7G3iu+Mg+ikrMqmT+qRNL +KtGkLafIb8uS+21aLFB9l1g1+wzf/NPuTZkTzZwZoOX5FTraFyIQ4Ak4ZixRxCnNYg2 4oxKMXONXvXA5QPTaWzOEZg5ILBtWyzBsOEHYBF6wn8mqPR62gZmJiuYlsqZm36YGyBW C9gg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=lP906qLGyTEBqe55BgoOje0n/wNr+NcPtklrVASvvHA=; b=tsuibzQu1ue3/71WKwMpwCsNcgTYUjSuNk/2Qn6vUugXiMxsrrClyt0EOqKHj0ZyT1 EX38jjPrqtLzOOEBTK29ZSPq3fta3bXXL3fY3TC49PaqmyMUTZ6hURaYEOTx8kHL6Tu5 JCKqqkGvDAxeIKs04RaF4CmJKJex+olWWaX8vIv2xrPnNkWl4nTVLm4r7hFMKKHFbDCK V4cz0GDJWH6asL44Axk3c9JoV64moB76dBrW6QuRI/jQRGHW/7eWVbDKwZznpGR1eXVe F9ejRanLhGqY//ZAUKa0gVrom/D+DouLJAGCTyslWGmQUCLGEBbNo4KLWSc+vFbeDhY2 0bBQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="IS5BQ/44"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d19si9977171ejr.163.2019.10.13.19.26.47; Sun, 13 Oct 2019 19:27:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="IS5BQ/44"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729808AbfJNCZr (ORCPT + 99 others); Sun, 13 Oct 2019 22:25:47 -0400 Received: from mail-ot1-f66.google.com ([209.85.210.66]:37558 "EHLO mail-ot1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729474AbfJNCZq (ORCPT ); Sun, 13 Oct 2019 22:25:46 -0400 Received: by mail-ot1-f66.google.com with SMTP id k32so12553564otc.4 for ; Sun, 13 Oct 2019 19:25:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=lP906qLGyTEBqe55BgoOje0n/wNr+NcPtklrVASvvHA=; b=IS5BQ/44O5nPSYEgMvhA5ue5f8rm2WjOUI0H0EaNT+szqXdXyFs4SCC/ZwFmnvPMt6 EwazwfzkAyQiJJ9DFy6cE8623VjFb/VMuqqPQIZlafgsGnERyxmrMqgEnOFOtb+q0pSo NfAMizqzvJcwaj3hh2m6SzGAdM7mebp2YR9v3Zi/7ilcovua90ZnveeG/uhxtjs/1TAS 97f9ArqI/yrg+8V3hNWg0cMWeIjH44FLUMJPrHnkPX+6V4KZQa7hdKZQMaADVgjQUfTK pEvBVDvVFMqWh8PLhTpOrAMrb9MpppnpV/v6D4B8va0USsaL2eNeQ65wcNF7wie6mvbN xkLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=lP906qLGyTEBqe55BgoOje0n/wNr+NcPtklrVASvvHA=; b=OUxwUdba2NSYPgEpNE87kBYCWVshSq3ioRsm2jBC8YSrh/E54DqYW+9HGvqmJTPlFK VMrOcpJ/dgkFKmZzmcRDXjCTw1qdAJLBZBtL1ml/FaNfkCa9/SXoxiiEpDf/uPFCY+a9 zUBo6rlwm7fwFPXDobPUIwUPKgAzwtrT3/9ywuyMZbbvTy2mMLc6lQzM7h+jfDuFJs8E mV7dKM4eEWnloP79XIoZAeKYUovknNhcShkpPwc+PC77xh/R2+nrDMQiDT7XzQBez1rU Awe9p2fRXf9jLDZR/IZbRb/hd/KfpAoqMXDxEK7LvTtZ99NXYYHejyZgHRTmDgox50Js nn0A== X-Gm-Message-State: APjAAAUStTIAwRX0lKxwaXcnZEPcxvVGsR+Kt1/775/pAMtzuxQ60zp8 hEZGjWt3qTT7LxbxUH2WyV0= X-Received: by 2002:a9d:12ac:: with SMTP id g41mr21703818otg.57.1571019945644; Sun, 13 Oct 2019 19:25:45 -0700 (PDT) Received: from ubuntu-m2-xlarge-x86 ([2604:1380:4111:8b00::1]) by smtp.gmail.com with ESMTPSA id d95sm5617723otb.25.2019.10.13.19.25.44 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 13 Oct 2019 19:25:45 -0700 (PDT) Date: Sun, 13 Oct 2019 19:25:43 -0700 From: Nathan Chancellor To: Shyam Saini Cc: kernel-hardening@lists.openwall.com, iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Christoph Hellwig , Marek Szyprowski , Robin Murphy , Matthew Wilcox , Christopher Lameter , Kees Cook , clang-built-linux@googlegroups.com Subject: Re: [PATCH] kernel: dma: Make CMA boot parameters __ro_after_init Message-ID: <20191014022543.GA2674@ubuntu-m2-xlarge-x86> References: <20191012122918.8066-1-mayhs11saini@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191012122918.8066-1-mayhs11saini@gmail.com> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Oct 12, 2019 at 05:59:18PM +0530, Shyam Saini wrote: > This parameters are not changed after early boot. > By making them __ro_after_init will reduce any attack surface in the > kernel. > > Link: https://lwn.net/Articles/676145/ > Cc: Christoph Hellwig > Cc: Marek Szyprowski > Cc: Robin Murphy > Cc: Matthew Wilcox > Cc: Christopher Lameter > Cc: Kees Cook > Signed-off-by: Shyam Saini > --- > kernel/dma/contiguous.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c > index 69cfb4345388..1b689b1303cd 100644 > --- a/kernel/dma/contiguous.c > +++ b/kernel/dma/contiguous.c > @@ -42,10 +42,10 @@ struct cma *dma_contiguous_default_area; > * Users, who want to set the size of global CMA area for their system > * should use cma= kernel parameter. > */ > -static const phys_addr_t size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M; > -static phys_addr_t size_cmdline = -1; > -static phys_addr_t base_cmdline; > -static phys_addr_t limit_cmdline; > +static const phys_addr_t __ro_after_init size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M; The 0day bot reported an issue with this change with clang: https://groups.google.com/d/msgid/clang-built-linux/201910140334.nhultlt8%25lkp%40intel.com kernel/dma/contiguous.c:46:36: error: 'size_cmdline' causes a section type conflict with 'size_bytes' static phys_addr_t __ro_after_init size_cmdline = -1; ^ kernel/dma/contiguous.c:45:42: note: declared here static const phys_addr_t __ro_after_init size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M; ^ kernel/dma/contiguous.c:47:36: error: 'base_cmdline' causes a section type conflict with 'size_bytes' static phys_addr_t __ro_after_init base_cmdline; ^ kernel/dma/contiguous.c:45:42: note: declared here static const phys_addr_t __ro_after_init size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M; ^ kernel/dma/contiguous.c:48:36: error: 'limit_cmdline' causes a section type conflict with 'size_bytes' static phys_addr_t __ro_after_init limit_cmdline; ^ kernel/dma/contiguous.c:45:42: note: declared here static const phys_addr_t __ro_after_init size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M; ^ 3 errors generated. The errors seem kind of cryptic at first but something that is const should automatically be in the read only section, this part of the commit seems unnecessary. Removing that part of the change fixes the error. Cheers, Nathan