Google Git
Sign in
kernel/pub/scm/linux/kernel/git/ardb/linux.git/72c190908f7e8415180d9e3c406b9e41336aee2f
commit
72c190908f7e8415180d9e3c406b9e41336aee2f
[log] [tgz]
author
Ard Biesheuvel <ardb@kernel.org>
Mon Jan 19 13:37:59 2026 +0100
committer
Ard Biesheuvel <ardb@kernel.org>
Mon Jan 26 10:18:18 2026 +0100
tree
0da7b96d536dea89a91e0ba654b5c725db39db4a
parent
a43de3d7ba568f9eea6fddf64f07e7e3dfbb5315 [diff]
arm64: mm: Map the kernel data/bss read-only in the linear map

On systems where the bootloader adheres to the original arm64 boot
protocol, the placement of the kernel in the physical address space is
highly predictable, and this makes the placement of its linear alias in
the kernel virtual address space equally predictable, given the lack of
randomization of the linear map.

The linear aliases of the kernel text and rodata regions are already
mapped read-only, but the kernel data and bss are mapped read-write in
this region. This is not needed, so map them read-only as well.

Note that the statically allocated kernel page tables do need to be
modifiable via the linear map, so leave these mapped read-write.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
2 files changed
tree: 0da7b96d536dea89a91e0ba654b5c725db39db4a
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .clippy.toml
  27. .cocciconfig
  28. .editorconfig
  29. .get_maintainer.ignore
  30. .gitattributes
  31. .gitignore
  32. .mailmap
  33. .pylintrc
  34. .rustfmt.toml
  35. COPYING
  36. CREDITS
  37. Kbuild
  38. Kconfig
  39. MAINTAINERS
  40. Makefile
  41. README