[PATCH 3/3] module: Make .static_call_sites read-only after init
From: Petr Pavlu
Date: Mon Dec 23 2024 - 04:39:46 EST
Section .static_call_sites holds data structures that need to be sorted and
processed only at module load time. This initial processing happens in
static_call_add_module(), which is invoked as a callback to the
MODULE_STATE_COMING notification from prepare_coming_module().
The section is never modified afterwards. Make it therefore read-only after
module initialization to avoid any (non-)accidental modifications.
Signed-off-by: Petr Pavlu <petr.pavlu@xxxxxxxx>
---
kernel/module/strict_rwx.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/kernel/module/strict_rwx.c b/kernel/module/strict_rwx.c
index 598f89195336..4ae5facab569 100644
--- a/kernel/module/strict_rwx.c
+++ b/kernel/module/strict_rwx.c
@@ -115,6 +115,15 @@ static const char *const ro_after_init[] = {
* section, which are marked as such at module load time.
*/
"__jump_table",
+
+#ifdef CONFIG_HAVE_STATIC_CALL_INLINE
+ /*
+ * Section .static_call_sites holds data structures that need to be
+ * sorted and processed at module load time but are never modified
+ * afterwards.
+ */
+ ".static_call_sites",
+#endif
};
void module_mark_ro_after_init(const Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
--
2.43.0