[PATCH] arm64: make CONFIG_DEBUG_RODATA non-optional
Kees Cook
keescook at chromium.org
Thu Jan 28 06:06:53 PST 2016
On Thu, Jan 28, 2016 at 3:06 AM, Mark Rutland <mark.rutland at arm.com> wrote:
> One thing I would like to do is to avoid the need for fixup_executable
> entirely, by mapping the kernel text RO from the outset. However, that
> requires rework of the alternatives patching (to use a temporary RW
> alias), and I haven't had the time to look into that yet.
This makes perfect sense for the rodata section, but the (future)
postinit_rodata section we'll still want to mark RO after init
finishes. x86 and ARM cheat by marking both RO after init, and they
don't have to pad sections. parisc will need to solve this too.
-Kees
--
Kees Cook
Chrome OS & Brillo Security
More information about the linux-arm-kernel
mailing list