Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp4146115pxb; Mon, 27 Sep 2021 10:19:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwcDGCJb7XLjEcnad0CyNEFElrcI8JahVOTsz9t2LGP7Tju9IX/Pm8FlBqHMp6mGK1btM3v X-Received: by 2002:aa7:9af7:0:b0:43f:13cb:804a with SMTP id y23-20020aa79af7000000b0043f13cb804amr1003010pfp.7.1632763157724; Mon, 27 Sep 2021 10:19:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632763157; cv=none; d=google.com; s=arc-20160816; b=k8FPni1rRb2gdyZZefBWJj5KqFN7oa2DN8uftFsmUhojSXcBsoW6lTrLQv1QgAANnJ sdsXv92QwXzq5U92jm9EeI9Rvw0QW29pHETDEF6hFgTivnxjXapGQG91jQ2gaozvHjj+ o8g4YGu5z+BZ/9rMmKisvudaX6FFb1CaPymEwt+wJX9/7vz3IfgckoA2xs4LKN7yTwlH Zj4qV2r+nYhdnGGJdMM42e57N+Ns++R2GTKb7kfLjdnmATNmqcYpwYttM+f5VtQXP9Bj zF1UM5KI5QRDCra8EOECvugHxwLknNdI57YSm5spLjbaWLWatW8AXyGaPkyoFQiJJqO7 zmXA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=xPz6mZms+UOafK+vG99WcOcKe7MBpHTKQMYxUzDZMOk=; b=0LdOCjFGn3fC/TJj3hVLrqOmLvCqKIGDi+uphISEtjv+RU4vfAONAhQDPfwIVVLkg7 oAR+R/f92NlGu9bm0GzbT7HiRExr6GlPyCSH6AyjmXLE2jm2j7lUmJFn4/7OJBLpW/F8 MRVd3WvBhBDd8bnj6wIyqL4o63CYuy1ta6ihhngmA5owBeszrKBDcBXb0H6S4xM3QEF/ MNGNNBpH7ELR/0ungWN2CeD/TOpYUSMIoa6HpCGyALZAcF4MOBUADmww8DqFJAtiXSCj YGbPgmJe8x/LlaVscT93Q34IxBM9+pCGJ8EkohhT1cT/ARc6FiMpQTxlLR+q7meTrLKE k4MQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=wm8fvNbR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o13si24578616pgv.20.2021.09.27.10.19.04; Mon, 27 Sep 2021 10:19:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=wm8fvNbR; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236704AbhI0RT4 (ORCPT + 99 others); Mon, 27 Sep 2021 13:19:56 -0400 Received: from mail.kernel.org ([198.145.29.99]:55992 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236113AbhI0RPT (ORCPT ); Mon, 27 Sep 2021 13:15:19 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 0D5196137B; Mon, 27 Sep 2021 17:10:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1632762654; bh=uD5hBpo/Bd8HGrZziF5Fq85F0KgSiZo5uUkd4Vrf/kY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=wm8fvNbRgsVqZUhT6R6nIaj0Y0fBUXBtTZ4P1+C4oXNfVTb21a51EaFO/aFfKOUGl DQOpVtukm4VUlClB0nqs0LqGiTXvIn3ZRVMSIUXQNT6+LnZCz7jfZshe+6Kbj5yi06 mw9LSj4QneTO35XndKMBwhhXzroDi9hrCeY818Dg= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Dan Li , Mark Rutland , Catalin Marinas , Sasha Levin Subject: [PATCH 5.10 094/103] arm64: Mark __stack_chk_guard as __ro_after_init Date: Mon, 27 Sep 2021 19:03:06 +0200 Message-Id: <20210927170229.016622645@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210927170225.702078779@linuxfoundation.org> References: <20210927170225.702078779@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Dan Li [ Upstream commit 9fcb2e93f41c07a400885325e7dbdfceba6efaec ] __stack_chk_guard is setup once while init stage and never changed after that. Although the modification of this variable at runtime will usually cause the kernel to crash (so does the attacker), it should be marked as __ro_after_init, and it should not affect performance if it is placed in the ro_after_init section. Signed-off-by: Dan Li Acked-by: Mark Rutland Link: https://lore.kernel.org/r/1631612642-102881-1-git-send-email-ashimida@linux.alibaba.com Signed-off-by: Catalin Marinas Signed-off-by: Sasha Levin --- arch/arm64/kernel/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c index ed919f633ed8..4999caff3281 100644 --- a/arch/arm64/kernel/process.c +++ b/arch/arm64/kernel/process.c @@ -60,7 +60,7 @@ #if defined(CONFIG_STACKPROTECTOR) && !defined(CONFIG_STACKPROTECTOR_PER_TASK) #include -unsigned long __stack_chk_guard __read_mostly; +unsigned long __stack_chk_guard __ro_after_init; EXPORT_SYMBOL(__stack_chk_guard); #endif -- 2.33.0