On 30.11.2021 11:04, Andrew Cooper wrote: > For security hardening reasons, it advantageous to make setup-once data > immutable after boot. Borrow __ro_after_init from Linux. > > On x86, place .data.ro_after_init at the start of .rodata, excluding it from > the early permission restrictions. Re-apply RO restrictions to the whole of > .rodata in init_done(), attempting to reform the superpage if possible. > > For architectures which don't implement __ro_after_init explicitly, variables > merges into .data. > > Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
Reviewed-by: Jan Beulich <jbeul...@suse.com>
