Kees Cook <keesc...@google.com> writes: > Hi Rusty, > > I'd love to get your thoughts on the best way to support > __ro_after_init markings for modules. Are the r/o markings done after > module __init runs? If so, this should make things easy, and then we > just need to move .data..ro_after_init into .rodata at link time. If > not, then we'd need to explicitly make this section read-only after > _init.
As you might expect, the sections are made read-only before anything runs. We'll need to do the latter, which means it needs to be page-aligned. (Well we could put it in the same page as .rodata, and just not protect that fully until after init). Jessica might have more thoughts... Rusty.
