Re: [PATCH v8] RO/NX protection for loadable kernel modules

From: Andi Kleen
Date: Tue Feb 02 2010 - 18:05:50 EST

Next message: Jeff Garzik: "Re: [PATCH 00/68] ide2libata"
Previous message: Jeff Garzik: "Re: [PATCH 1/2] move host drivers for VLB IDE controllers to staging/out"
In reply to: Siarhei Liakh: "Re: [PATCH v8] RO/NX protection for loadable kernel modules"
Next in thread: Siarhei Liakh: "Re: [PATCH v8] RO/NX protection for loadable kernel modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Siarhei Liakh <sliakh.lkml@xxxxxxxxx> writes:

> This patch is a logical extension of the protection provided by
> CONFIG_DEBUG_RODATA to LKMs. The protection is provided by splitting
> module_core and module_init into three logical parts each and setting
> appropriate page access permissions for each individual section:

My current kernel has 52 modules loaded, most of them very small.
Assuming the additional alignment of the data section cost two more
pages on average (I think that's a good assumption), that's roughly
424KB of additional memory, plus associated runtime costs in increased
TLB usage.

What would I get for that if I applied the patch and enabled the option?

That information seems to be missing in this patch submission.

Did you find any bugs with this option?

-Andi

--
ak@xxxxxxxxxxxxxxx -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jeff Garzik: "Re: [PATCH 00/68] ide2libata"
Previous message: Jeff Garzik: "Re: [PATCH 1/2] move host drivers for VLB IDE controllers to staging/out"
In reply to: Siarhei Liakh: "Re: [PATCH v8] RO/NX protection for loadable kernel modules"
Next in thread: Siarhei Liakh: "Re: [PATCH v8] RO/NX protection for loadable kernel modules"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]