| From foo@baz Mon May 21 22:23:32 CEST 2018 |
| From: Kees Cook <keescook@chromium.org> |
| Date: Thu, 3 May 2018 15:03:30 -0700 |
| Subject: x86/bugs: Make boot modes __ro_after_init |
| |
| From: Kees Cook <keescook@chromium.org> |
| |
| commit f9544b2b076ca90d887c5ae5d74fab4c21bb7c13 upstream |
| |
| There's no reason for these to be changed after boot. |
| |
| Signed-off-by: Kees Cook <keescook@chromium.org> |
| Signed-off-by: Thomas Gleixner <tglx@linutronix.de> |
| Signed-off-by: David Woodhouse <dwmw@amazon.co.uk> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| arch/x86/kernel/cpu/bugs.c | 5 +++-- |
| 1 file changed, 3 insertions(+), 2 deletions(-) |
| |
| --- a/arch/x86/kernel/cpu/bugs.c |
| +++ b/arch/x86/kernel/cpu/bugs.c |
| @@ -128,7 +128,8 @@ static const char *spectre_v2_strings[] |
| #undef pr_fmt |
| #define pr_fmt(fmt) "Spectre V2 : " fmt |
| |
| -static enum spectre_v2_mitigation spectre_v2_enabled = SPECTRE_V2_NONE; |
| +static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init = |
| + SPECTRE_V2_NONE; |
| |
| void x86_spec_ctrl_set(u64 val) |
| { |
| @@ -406,7 +407,7 @@ retpoline_auto: |
| #undef pr_fmt |
| #define pr_fmt(fmt) "Speculative Store Bypass: " fmt |
| |
| -static enum ssb_mitigation ssb_mode = SPEC_STORE_BYPASS_NONE; |
| +static enum ssb_mitigation ssb_mode __ro_after_init = SPEC_STORE_BYPASS_NONE; |
| |
| /* The kernel command line selection */ |
| enum ssb_mitigation_cmd { |