Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2016-02-15 Thread Geert Uytterhoeven
On Fri, Feb 12, 2016 at 10:45 AM, Arnd Bergmann wrote: > On Thursday 11 February 2016 18:00:32 Russell King - ARM Linux wrote: >> On Fri, Jan 22, 2016 at 01:19:03PM -0800, Kees Cook wrote: >> > On Tue, Dec 8, 2015 at 10:38 AM, Kees Cook wrote: >> > > On Mon, Dec 7, 2015 at 11:47 PM, Ard Biesheuve

Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2016-02-12 Thread Arnd Bergmann
On Thursday 11 February 2016 18:00:32 Russell King - ARM Linux wrote: > On Fri, Jan 22, 2016 at 01:19:03PM -0800, Kees Cook wrote: > > On Tue, Dec 8, 2015 at 10:38 AM, Kees Cook wrote: > > > On Mon, Dec 7, 2015 at 11:47 PM, Ard Biesheuvel > > > wrote: > > >> On 7 December 2015 at 23:35, Kees Cook

Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2016-02-11 Thread Russell King - ARM Linux
On Fri, Jan 22, 2016 at 01:19:03PM -0800, Kees Cook wrote: > On Tue, Dec 8, 2015 at 10:38 AM, Kees Cook wrote: > > On Mon, Dec 7, 2015 at 11:47 PM, Ard Biesheuvel > > wrote: > >> On 7 December 2015 at 23:35, Kees Cook wrote: > >>> /* > >>> + * Without CONFIG_DEBUG_ALIGN_RODATA, __start_rodata_s

Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2016-01-22 Thread Ard Biesheuvel
On 22 January 2016 at 22:19, Kees Cook wrote: > On Tue, Dec 8, 2015 at 10:38 AM, Kees Cook wrote: >> On Mon, Dec 7, 2015 at 11:47 PM, Ard Biesheuvel >> wrote: >>> On 7 December 2015 at 23:35, Kees Cook wrote: When rodata is large enough that it crosses a section boundary after the ker

Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2016-01-22 Thread Kees Cook
On Tue, Dec 8, 2015 at 10:38 AM, Kees Cook wrote: > On Mon, Dec 7, 2015 at 11:47 PM, Ard Biesheuvel > wrote: >> On 7 December 2015 at 23:35, Kees Cook wrote: >>> When rodata is large enough that it crosses a section boundary after the >>> kernel text, mark the rest NX. This is as close to full N

Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2015-12-08 Thread Kees Cook
On Mon, Dec 7, 2015 at 11:47 PM, Ard Biesheuvel wrote: > On 7 December 2015 at 23:35, Kees Cook wrote: >> When rodata is large enough that it crosses a section boundary after the >> kernel text, mark the rest NX. This is as close to full NX of rodata as >> we can get without splitting page tables

Re: [PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2015-12-07 Thread Ard Biesheuvel
On 7 December 2015 at 23:35, Kees Cook wrote: > When rodata is large enough that it crosses a section boundary after the > kernel text, mark the rest NX. This is as close to full NX of rodata as > we can get without splitting page tables or doing section alignment via > CONFIG_DEBUG_ALIGN_RODATA.

[PATCH v2] ARM: mm: mark section-aligned portion of rodata NX

2015-12-07 Thread Kees Cook
When rodata is large enough that it crosses a section boundary after the kernel text, mark the rest NX. This is as close to full NX of rodata as we can get without splitting page tables or doing section alignment via CONFIG_DEBUG_ALIGN_RODATA. When the config is: CONFIG_DEBUG_RODATA=y # CONFIG_