| Message ID | 20241021053948.5848-1-shijie@os.amperecomputing.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | arm64: set "rodata=on" as default | expand |
On Mon, Oct 21, 2024 at 01:39:48PM +0800, Huang Shijie wrote: > From Documentation/admin-guide/kernel-parameters.txt, we know that: > rodata= [KNL,EARLY] > on Mark read-only kernel memory as read-only (default). > off Leave read-only kernel memory writable for debugging. > full Mark read-only kernel memory and aliases as read-only > [arm64] > > So the "rodata=on" is the default. > > But the current code does not follow the document, it makes "rodata=full" > as the default. > > After patch > commit acfa60dbe038 ("arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y") > the "rodata=on" can works fine now. > > The "rodata=on" can provide us more block mappings and contiguous hits > to map the linear region which minimize the TLB footprint. And the > linear aliases of pages belonging to read-only mappings in vmalloc > region are also marked as read-only now. > > This patch disables RODATA_FULL_DEFAULT_ENABLED by default, > so the default value: > rodata_full=false, rodata_enabled=true > then the default behavior follows the "rodata=on". > And we can get better performance with the "rodata=on" as the default > too. > > Signed-off-by: Huang Shijie <shijie@os.amperecomputing.com> > --- > arch/arm64/Kconfig | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig > index fd9df6dcc593..6f30f749156e 100644 > --- a/arch/arm64/Kconfig > +++ b/arch/arm64/Kconfig > @@ -1649,7 +1649,6 @@ config MITIGATE_SPECTRE_BRANCH_HISTORY > > config RODATA_FULL_DEFAULT_ENABLED > bool "Apply r/o permissions of VM areas also to their linear aliases" > - default y > help > Apply read-only attributes of VM areas to the linear alias of > the backing pages as well. This prevents code or read-only data I think this is the wrong approach. The "full" behaviour on arm64 is equivalent to the "on" behaviour on x86 so the more consistent change to make would be: - Make our "on" behaviour be what is currently done by "full" - Remove RODATA_FULL_DEFAULT_ENABLED - Introduce a new option (e.g. "rodata=noalias") which would match the current "on" behaviour - Update (simplify) the documentation That way, the default behaviour and the "on"/"off" options follow the x86 behaviour and expert users can fine-tune the security/performance trade-off using the "noalias" option. Will
On 2024/10/24 0:35, Will Deacon wrote: > The "full" behaviour on arm64 is equivalent to the "on" behaviour on x86 > so the more consistent change to make would be: > > - Make our "on" behaviour be what is currently done by "full" > - Remove RODATA_FULL_DEFAULT_ENABLED > - Introduce a new option (e.g. "rodata=noalias") which would match the > current "on" behaviour > - Update (simplify) the documentation > > That way, the default behaviour and the "on"/"off" options follow the > x86 behaviour and expert users can fine-tune the security/performance > trade-off using the "noalias" option. Okay. I will do it in the next version. Thanks Huang Shijie
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index fd9df6dcc593..6f30f749156e 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1649,7 +1649,6 @@ config MITIGATE_SPECTRE_BRANCH_HISTORY config RODATA_FULL_DEFAULT_ENABLED bool "Apply r/o permissions of VM areas also to their linear aliases" - default y help Apply read-only attributes of VM areas to the linear alias of the backing pages as well. This prevents code or read-only data
From Documentation/admin-guide/kernel-parameters.txt, we know that: rodata= [KNL,EARLY] on Mark read-only kernel memory as read-only (default). off Leave read-only kernel memory writable for debugging. full Mark read-only kernel memory and aliases as read-only [arm64] So the "rodata=on" is the default. But the current code does not follow the document, it makes "rodata=full" as the default. After patch commit acfa60dbe038 ("arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y") the "rodata=on" can works fine now. The "rodata=on" can provide us more block mappings and contiguous hits to map the linear region which minimize the TLB footprint. And the linear aliases of pages belonging to read-only mappings in vmalloc region are also marked as read-only now. This patch disables RODATA_FULL_DEFAULT_ENABLED by default, so the default value: rodata_full=false, rodata_enabled=true then the default behavior follows the "rodata=on". And we can get better performance with the "rodata=on" as the default too. Signed-off-by: Huang Shijie <shijie@os.amperecomputing.com> --- arch/arm64/Kconfig | 1 - 1 file changed, 1 deletion(-)