[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen staging] xen/arm: Support properly __ro_after_init on Arm

commit ace403022358b736755e3042e949540e775c65f1
Author:     Julien Grall <jgrall@xxxxxxxxxx>
AuthorDate: Tue Aug 16 19:59:54 2022 +0100
Commit:     Julien Grall <julien@xxxxxxx>
CommitDate: Wed Aug 31 19:53:06 2022 +0100

    xen/arm: Support properly __ro_after_init on Arm
    
    __ro_after_init was introduced recently to prevent modifying
    some variables after init.
    
    At the moment, on Arm, the variables will still be accessible
    because the region permission is not updated.
    
    Address that by moving the sections .data.ro_after_init
    out of .data and then map the region read-only once we finish
    to boot.
    
    Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
    Reviewed-by: Penny Zheng <penny.zheng@xxxxxxx>
    Reviewed-by: Bertrand Marquis <bertrand.marquis@xxxxxxx>
    Tested-by: Henry Wang <Henry.Wang@xxxxxxx>
---
 xen/arch/arm/include/asm/setup.h |  2 ++
 xen/arch/arm/setup.c             | 14 ++++++++++++++
 xen/arch/arm/xen.lds.S           |  7 +++++++
 3 files changed, 23 insertions(+)

diff --git a/xen/arch/arm/include/asm/setup.h b/xen/arch/arm/include/asm/setup.h
index 2bb01ecfa8..5815ccf8c5 100644
--- a/xen/arch/arm/include/asm/setup.h
+++ b/xen/arch/arm/include/asm/setup.h
@@ -137,6 +137,8 @@ u32 device_tree_get_u32(const void *fdt, int node,
 int map_range_to_domain(const struct dt_device_node *dev,
                         u64 addr, u64 len, void *data);
 
+extern const char __ro_after_init_start[], __ro_after_init_end[];
+
 #endif
 /*
  * Local variables:
diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
index 500307edc0..6e0398f3f6 100644
--- a/xen/arch/arm/setup.c
+++ b/xen/arch/arm/setup.c
@@ -75,10 +75,24 @@ domid_t __read_mostly max_init_domid;
 
 static __used void init_done(void)
 {
+    int rc;
+
     /* Must be done past setting system_state. */
     unregister_init_virtual_region();
 
     free_init_memory();
+
+    /*
+     * We have finished booting. Mark the section .data.ro_after_init
+     * read-only.
+     */
+    rc = modify_xen_mappings((unsigned long)&__ro_after_init_start,
+                             (unsigned long)&__ro_after_init_end,
+                             PAGE_HYPERVISOR_RO);
+    if ( rc )
+        panic("Unable to mark the .data.ro_after_init section read-only (rc = 
%d)\n",
+              rc);
+
     startup_cpu_idle_loop();
 }
 
diff --git a/xen/arch/arm/xen.lds.S b/xen/arch/arm/xen.lds.S
index 1e986e211f..92c2984052 100644
--- a/xen/arch/arm/xen.lds.S
+++ b/xen/arch/arm/xen.lds.S
@@ -83,6 +83,13 @@ SECTIONS
   _erodata = .;                /* End of read-only data */
 
   . = ALIGN(PAGE_SIZE);
+  .data.ro_after_init : {
+      __ro_after_init_start = .;
+      *(.data.ro_after_init)
+      . = ALIGN(PAGE_SIZE);
+      __ro_after_init_end = .;
+  } : text
+
   .data.read_mostly : {
        /* Exception table */
        __start___ex_table = .;
--
generated by git-patchbot for /home/xen/git/xen.git#staging

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.