From patchwork Sat Oct 12 12:29:18 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Shyam Saini <mayhs11saini@gmail.com>
X-Patchwork-Id: 11186789
Return-Path: <SRS0=gBIz=YF=kvack.org=owner-linux-mm@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8D09976
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Sat, 12 Oct 2019 12:29:58 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 59B9D21850
	for <patchwork-linux-mm@patchwork.kernel.org>;
 Sat, 12 Oct 2019 12:29:58 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (2048-bit key)
 header.d=gmail.com header.i=@gmail.com header.b="ZEe0bJ+1"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 59B9D21850
Authentication-Results: mail.kernel.org;
 dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org;
 spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 84C228E0005; Sat, 12 Oct 2019 08:29:57 -0400 (EDT)
Delivered-To: linux-mm-outgoing@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 7FA0A8E0001; Sat, 12 Oct 2019 08:29:57 -0400 (EDT)
X-Original-To: int-list-linux-mm@kvack.org
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 7101E8E0005; Sat, 12 Oct 2019 08:29:57 -0400 (EDT)
X-Original-To: linux-mm@kvack.org
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0086.hostedemail.com
 [216.40.44.86])
	by kanga.kvack.org (Postfix) with ESMTP id 4FDAF8E0001
	for <linux-mm@kvack.org>; Sat, 12 Oct 2019 08:29:57 -0400 (EDT)
Received: from smtpin23.hostedemail.com (10.5.19.251.rfc1918.com
 [10.5.19.251])
	by forelay05.hostedemail.com (Postfix) with SMTP id E7BB2181AEF32
	for <linux-mm@kvack.org>; Sat, 12 Oct 2019 12:29:56 +0000 (UTC)
X-FDA: 76035064392.23.tramp57_39b6b2b8c0b48
X-Spam-Summary: 
 2,0,0,0be79e11b81b6da5,d41d8cd98f00b204,mayhs11saini@gmail.com,:kernel-hardening@lists.openwall.com:iommu@lists.linux-foundation.org:linux-kernel@vger.kernel.org::mayhs11saini@gmail.com:hch@lst.de:m.szyprowski@samsung.com:robin.murphy@arm.com:willy@infradead.org:cl@linux.com:keescook@chromium.org,RULES_HIT:41:355:379:541:800:960:967:973:988:989:1260:1311:1314:1345:1437:1515:1534:1541:1711:1730:1747:1777:1792:2393:2525:2559:2563:2682:2685:2693:2859:2902:2933:2937:2939:2942:2945:2947:2951:2954:3022:3138:3139:3140:3141:3142:3352:3865:3866:3867:3870:3934:3936:3938:3941:3944:3947:3950:3953:3956:3959:4250:4321:5007:6261:6653:7514:8603:9025:9413:10004:11026:11473:11658:11914:12043:12296:12297:12438:12517:12519:12555:12679:12895:13069:13311:13357:13894:14096:14181:14384:14394:14687:14721:21080:21444:21451:21627:21666:21939:30054,0,RBL:209.85.214.193:@gmail.com:.lbl8.mailshell.net-62.50.0.100
 66.100.201.100,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,
 MSF:not
X-HE-Tag: tramp57_39b6b2b8c0b48
X-Filterd-Recvd-Size: 4464
Received: from mail-pl1-f193.google.com (mail-pl1-f193.google.com
 [209.85.214.193])
	by imf10.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Sat, 12 Oct 2019 12:29:56 +0000 (UTC)
Received: by mail-pl1-f193.google.com with SMTP id u20so5758101plq.4
        for <linux-mm@kvack.org>; Sat, 12 Oct 2019 05:29:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=CUVTcUa5b8bKD7FsmBN2tFeSI1tiWWw4BFpLw9k7yCs=;
        b=ZEe0bJ+1FUWHAd7hQeuzlNX/YuaFs6XETmII7Fd2roFyVU7ZxUZYSJZhvRfCSh+oHF
         r8e8KobZ2Zq4aJTgsCnVidrK+K/dMHb5sBZjt10nA6Q9jNReWqzoN5bfqw4nUYd7fxQA
         Y1zLqclmF7IIT8xZCXLaBwjHUzcAUQXayGM1/rlc58V1KcjSqPQrLVs45eA2ylNa6LCp
         YbrrnOQxWJIi5GLbiiv2MhgkrevEbQMHw0FwbzryLbL/cYAqRlLMGBF0JQ5jDsS7cs38
         Swn1LU0gK6Uywm6QOej3PSgbkqGk8NUU9DofCGqnR4mvK/O31ju8G/C9VulR78+z3ElB
         IGjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=CUVTcUa5b8bKD7FsmBN2tFeSI1tiWWw4BFpLw9k7yCs=;
        b=Vv+Sr6qtueSfTBcCFj0CBGM907JvhF7PNgujKHsAd4kTHdLvJw1ckNudiaC0DZZSNk
         DTMvphVvoHsFgISR5qEZBuu1LZF9D2CzX4Cvwp4t8PH+UeGX/bsSmp0feuZzjFjdJ96O
         p2jv6cUJmNvlC4Azcbh+jks8ItAp9S4Bh9N9Vey6wD1oongPwJQQ2W07jbqpASIWeq8Z
         54cu96eLFGeNL5fGc/CYWDMbV1wJs4pUNGSTnIcILX4UjvPttymLwPyi1GKsBRLmdQN6
         EPDnOdlNNXLu2g4rsOq6QyNigTFQqdo4cmLGYhBg5k2/+rAn2Kb/ZCx5BX8S6fAPisy7
         xujw==
X-Gm-Message-State: APjAAAWtnI3JDluvc9HSl4Uu/GLAzeoakqKbUqekDJ4UawLRp73U77Xm
	nRejLqZhsznyWCGI8+/+WbY=
X-Google-Smtp-Source: 
 APXvYqyoYkM83GDHs5E3PNlXmZYrHsdzyiSKwuZ0dy6B4Pl7gdC+716gQxKin/hT8FITw6cUNd+2Dw==
X-Received: by 2002:a17:902:144:: with SMTP id
 62mr20399568plb.100.1570883395203;
        Sat, 12 Oct 2019 05:29:55 -0700 (PDT)
Received: from localhost.localdomain ([2402:3a80:95a:fd75:24a6:4bd:55a6:4f65])
        by smtp.gmail.com with ESMTPSA id
 v8sm33708697pje.6.2019.10.12.05.29.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 12 Oct 2019 05:29:54 -0700 (PDT)
From: Shyam Saini <mayhs11saini@gmail.com>
To: kernel-hardening@lists.openwall.com
Cc: iommu@lists.linux-foundation.org,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	Shyam Saini <mayhs11saini@gmail.com>,
	Christoph Hellwig <hch@lst.de>,
	Marek Szyprowski <m.szyprowski@samsung.com>,
	Robin Murphy <robin.murphy@arm.com>,
	Matthew Wilcox <willy@infradead.org>,
	Christopher Lameter <cl@linux.com>,
	Kees Cook <keescook@chromium.org>
Subject: [PATCH] kernel: dma: Make CMA boot parameters __ro_after_init
Date: Sat, 12 Oct 2019 17:59:18 +0530
Message-Id: <20191012122918.8066-1-mayhs11saini@gmail.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

This parameters are not changed after early boot.
By making them __ro_after_init will reduce any attack surface in the
kernel.

Link: https://lwn.net/Articles/676145/
Cc: Christoph Hellwig <hch@lst.de>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Robin Murphy <robin.murphy@arm.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Christopher Lameter <cl@linux.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Shyam Saini <mayhs11saini@gmail.com>
---
 kernel/dma/contiguous.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c
index 69cfb4345388..1b689b1303cd 100644
--- a/kernel/dma/contiguous.c
+++ b/kernel/dma/contiguous.c
@@ -42,10 +42,10 @@ struct cma *dma_contiguous_default_area;
  * Users, who want to set the size of global CMA area for their system
  * should use cma= kernel parameter.
  */
-static const phys_addr_t size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M;
-static phys_addr_t size_cmdline = -1;
-static phys_addr_t base_cmdline;
-static phys_addr_t limit_cmdline;
+static const phys_addr_t __ro_after_init size_bytes = (phys_addr_t)CMA_SIZE_MBYTES * SZ_1M;
+static phys_addr_t __ro_after_init size_cmdline = -1;
+static phys_addr_t __ro_after_init base_cmdline;
+static phys_addr_t __ro_after_init limit_cmdline;
 
 static int __init early_cma(char *p)
 {