mm/init: Add 'rodata=off' boot cmdline parameter to disable read-only kernel mappings

It may be useful to debug writes to the readonly sections of memory, so provide a cmdline "rodata=off" to allow for this. This can be expanded in the future to support "log" and "write" modes, but that will need to be architecture-specific. This also makes KDB software breakpoints more usable, as read-only mappings can now be disabled on any kernel. Suggested-by: H. Peter Anvin <hpa@zytor.com> Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: David Brown <david.brown@linaro.org> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Emese Revfy <re.emese@gmail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mathias Krause <minipli@googlemail.com> Cc: Michael Ellerman <mpe@ellerman.id.au> Cc: PaX Team <pageexec@freemail.hu> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: kernel-hardening@lists.openwall.com Cc: linux-arch <linux-arch@vger.kernel.org> Link: http://lkml.kernel.org/r/1455748879-21872-3-git-send-email-keescook@chromium.org Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Kees Cook <keescook@chromium.org> 2016-02-17 17:41:13 -0500
committer: Ingo Molnar <mingo@kernel.org> 2016-02-22 02:51:37 -0500
commit: d2aa1acad22f1bdd0cfa67b3861800e392254454 (patch)
tree: 1f3b88086e364e87714dfcaeb66add3bbca81800 /init/main.c
parent: e267d97b83d9cecc16c54825f9f3ac7f72dc1e1e (diff)
1 files changed, 23 insertions, 4 deletions
diff --git a/init/main.c b/init/main.c
index 58c9e374704b..928a3438f7ac 100644
--- a/init/main.c
+++ b/init/main.c
@@ -93,9 +93,6 @@ static int kernel_init(void *);
 extern void init_IRQ(void);
 extern void fork_init(void);
 extern void radix_tree_init(void);
-#ifndef CONFIG_DEBUG_RODATA
-static inline void mark_rodata_ro(void) { }
-#endif
 /*
 * Debug helper: via this flag we know that we are in 'early bootup code'
@@ -929,6 +926,28 @@ static int try_to_run_init_process(const char *init_filename)
 static noinline void __init kernel_init_freeable(void);
+#ifdef CONFIG_DEBUG_RODATA
+static bool rodata_enabled = true;
+static int __init set_debug_rodata(char *str)
+{
+        return strtobool(str, &rodata_enabled);
+}
+__setup("rodata=", set_debug_rodata);
+static void mark_readonly(void)
+{
+        if (rodata_enabled)
+                mark_rodata_ro();
+        else
+                pr_info("Kernel memory protection disabled.\n");
+}
+#else
+static inline void mark_readonly(void)
+{
+        pr_warn("This architecture does not have kernel memory protection.\n");
+}
+#endif
 static int __ref kernel_init(void *unused)
 {
        int ret;
@@ -937,7 +956,7 @@ static int __ref kernel_init(void *unused)
        /* need to finish all async __init code before freeing the memory */
        async_synchronize_full();
        free_initmem();
-        mark_rodata_ro();
+        mark_readonly();
        system_state = SYSTEM_RUNNING;
        numa_default_policy();
author	Kees Cook <keescook@chromium.org>	2016-02-17 17:41:13 -0500
committer	Ingo Molnar <mingo@kernel.org>	2016-02-22 02:51:37 -0500
commit	d2aa1acad22f1bdd0cfa67b3861800e392254454 (patch)
tree	1f3b88086e364e87714dfcaeb66add3bbca81800 /init/main.c
parent	e267d97b83d9cecc16c54825f9f3ac7f72dc1e1e (diff)