Re: [patch 02/02] Debug option to write-protect rodata: the writeprotect logic and config option

[Arjan van de Ven]

On Mon, 2005-11-07 at 08:06 -0600, Josh Boyer wrote:
> On Mon, 2005-11-07 at 10:58 +0000, arjan@xxxxxxxxxxxxx wrote:
> > Hi,
> > 
> > I've been working on a patch that turns the kernel's .rodata section to be
> > actually read only, eg any write attempts to it cause a segmentation fault.
> > 
> > This patch introduces the actual debug option to catch any writes to rodata
> 
> Why a debug option?  From what I can tell, it doesn't impact runtime
> performance much and it provides good protection.  Any reason not to
> make it an always-on feature?

personally I'd like that but there is a chance of a tiny perf regression
and usually there are people objecting to that.

(It's not clear cut: while the last bit of the kernel no longer is
covered by a 2Mb tlb, most intel cpus have very few of such tlbs in the
first place and this would free up one such tlb for other things (say
the stack data) or even the userspace database), so it's not all that
clear cut what the cost of this is)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/