Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-25 Thread AKASHI Takahiro
Rusty, Jessica On Wed, Oct 26, 2016 at 10:43:32AM +1030, Rusty Russell wrote: > AKASHI Takahiro writes: > > On Thu, Oct 20, 2016 at 01:48:15PM -0700, Kees Cook wrote: > >> On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro > >> wrote: > >>

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-25 Thread AKASHI Takahiro
Rusty, Jessica On Wed, Oct 26, 2016 at 10:43:32AM +1030, Rusty Russell wrote: > AKASHI Takahiro writes: > > On Thu, Oct 20, 2016 at 01:48:15PM -0700, Kees Cook wrote: > >> On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro > >> wrote: > >> > The current "rodata=off" parameter disables read-only

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-25 Thread Rusty Russell
AKASHI Takahiro writes: > On Thu, Oct 20, 2016 at 01:48:15PM -0700, Kees Cook wrote: >> On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro >> wrote: >> > The current "rodata=off" parameter disables read-only kernel mappings >> > under

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-25 Thread Rusty Russell
AKASHI Takahiro writes: > On Thu, Oct 20, 2016 at 01:48:15PM -0700, Kees Cook wrote: >> On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro >> wrote: >> > The current "rodata=off" parameter disables read-only kernel mappings >> > under CONFIG_DEBUG_RODATA: >> > commit d2aa1acad22f ("mm/init:

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-20 Thread AKASHI Takahiro
On Thu, Oct 20, 2016 at 01:48:15PM -0700, Kees Cook wrote: > On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro > wrote: > > The current "rodata=off" parameter disables read-only kernel mappings > > under CONFIG_DEBUG_RODATA: > > commit d2aa1acad22f ("mm/init: Add

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-20 Thread AKASHI Takahiro
On Thu, Oct 20, 2016 at 01:48:15PM -0700, Kees Cook wrote: > On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro > wrote: > > The current "rodata=off" parameter disables read-only kernel mappings > > under CONFIG_DEBUG_RODATA: > > commit d2aa1acad22f ("mm/init: Add 'rodata=off' boot cmdline

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-20 Thread Kees Cook
On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro wrote: > The current "rodata=off" parameter disables read-only kernel mappings > under CONFIG_DEBUG_RODATA: > commit d2aa1acad22f ("mm/init: Add 'rodata=off' boot cmdline parameter > to disable read-only kernel

Re: [kernel-hardening] [PATCH] module: extend 'rodata=off' boot cmdline parameter to module mappings

2016-10-20 Thread Kees Cook
On Wed, Oct 19, 2016 at 11:24 PM, AKASHI Takahiro wrote: > The current "rodata=off" parameter disables read-only kernel mappings > under CONFIG_DEBUG_RODATA: > commit d2aa1acad22f ("mm/init: Add 'rodata=off' boot cmdline parameter > to disable read-only kernel mappings") > > This patch is