From patchwork Thu Mar 3 14:10:59 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 63482 Delivered-To: patch@linaro.org Received: by 10.112.199.169 with SMTP id jl9csp2971713lbc; Thu, 3 Mar 2016 06:13:01 -0800 (PST) X-Received: by 10.66.191.202 with SMTP id ha10mr3993077pac.8.1457014381329; Thu, 03 Mar 2016 06:13:01 -0800 (PST) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id ah10si3007101pad.118.2016.03.03.06.13.01 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Mar 2016 06:13:01 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dkim=neutral (body hash did not verify) header.i=@linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1abTyU-0001zL-Sh; Thu, 03 Mar 2016 14:11:30 +0000 Received: from mail-wm0-x22d.google.com ([2a00:1450:400c:c09::22d]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1abTyR-0001yM-10 for linux-arm-kernel@lists.infradead.org; Thu, 03 Mar 2016 14:11:28 +0000 Received: by mail-wm0-x22d.google.com with SMTP id l68so36684245wml.0 for ; Thu, 03 Mar 2016 06:11:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=DOjkjNQvk+K5RhMgiFz/lTrjsNPnAVL+jwFeNpKsSs8=; b=Szfdj8bsBoryY5pFqa8us2w4sHbdNvilcGV/Z0NDjELARRIhNhbGycxfQSfdl3UFRs 3jbs8GNztx+APkZTH/hAJsB/xfDvvuftc6ZoqQNGKsnuidmjSQSHRmXi7bjcoh5xSo3x Qv8qAzAHsbfi58GHvFYGwEx5Dt8IMvAxakSCs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=DOjkjNQvk+K5RhMgiFz/lTrjsNPnAVL+jwFeNpKsSs8=; b=SCea8NTWfo3mhloXWE5AvHPgAe68Xojr+uLWH7vka5afAoplVQvcofXVcVPUBmJdGw wGnUJgxPp9uCCygf8T7MZJ2fF+ggFGS9+CZCwYXipynua1KoIsUsgHe7pP7mVtYicitG 4pspqfboIvGbv9p6rdMe7xIkIkIP12l3Z80NuSe602B6FmrJ8ZOyIj5UkhxQuVfQbp9J OKJ1q7DQd1GoiWq4pZJm+V0AfbviTIponW+zarG8RVmKhkgZ9+szJN0vPVu/kkrwyqe+ zRlJ8uJGSbO4vLEfSLCWwuhh6U3E1zl2DOLCYFXFBmTwG1F4hCaoDqYg4kYfm8YTNvwj dwBw== X-Gm-Message-State: AD7BkJIcgUU9a76ouWyp7VqHSy0o6wHP5NOAWTt6julNSkO0HXkaA/sKBqGZUXEFxp9h1FDO X-Received: by 10.28.4.210 with SMTP id 201mr5682230wme.51.1457014265004; Thu, 03 Mar 2016 06:11:05 -0800 (PST) Received: from localhost.localdomain ([195.55.142.58]) by smtp.gmail.com with ESMTPSA id i2sm40842355wje.22.2016.03.03.06.11.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 03 Mar 2016 06:11:03 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, catalin.marinas@arm.com, mark.rutland@arm.com, jeremy.linton@arm.com, labbott@fedoraproject.org, keescook@chromium.org Subject: [PATCH] arm64: enable CONFIG_DEBUG_RODATA by default Date: Thu, 3 Mar 2016 15:10:59 +0100 Message-Id: <1457014259-32015-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160303_061127_370475_CE89D7BC X-CRM114-Status: GOOD ( 11.91 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:22d listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org In spite of its name, CONFIG_DEBUG_RODATA is an important hardening feature for production kernels, and distros all enable it by default in their kernel configs. However, since enabling it used to result in more granular, and thus less efficient kernel mappings, it is not enabled by default for performance reasons. However, since commit 2f39b5f91eb4 ("arm64: mm: Mark .rodata as RO"), the various kernel segments (.text, .rodata, .init and .data) are already mapped individually, and the only effect of setting CONFIG_DEBUG_RODATA is that the existing .text and .rodata mappings are updated late in the boot sequence to have their read-only attributes set, which means that any performance concerns related to enabling CONFIG_DEBUG_RODATA are no longer valid. So from now on, make CONFIG_DEBUG_RODATA default to 'y' Signed-off-by: Ard Biesheuvel --- arch/arm64/Kconfig.debug | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- 2.5.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel Acked-by: Mark Rutland diff --git a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug index e13c4bf84d9e..7e76845a0434 100644 --- a/arch/arm64/Kconfig.debug +++ b/arch/arm64/Kconfig.debug @@ -50,13 +50,13 @@ config DEBUG_SET_MODULE_RONX config DEBUG_RODATA bool "Make kernel text and rodata read-only" + default y help If this is set, kernel text and rodata will be made read-only. This is to help catch accidental or malicious attempts to change the - kernel's executable code. Additionally splits rodata from kernel - text so it can be made explicitly non-executable. + kernel's executable code. - If in doubt, say Y + If in doubt, say Y config DEBUG_ALIGN_RODATA depends on DEBUG_RODATA && ARM64_4K_PAGES