summaryrefslogtreecommitdiff
path: root/kernel/module/strict_rwx.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/module/strict_rwx.c')
-rw-r--r--kernel/module/strict_rwx.c33
1 files changed, 33 insertions, 0 deletions
diff --git a/kernel/module/strict_rwx.c b/kernel/module/strict_rwx.c
index 9c20a2f3eaa4..7aab6a524ecc 100644
--- a/kernel/module/strict_rwx.c
+++ b/kernel/module/strict_rwx.c
@@ -107,3 +107,36 @@ int module_enforce_rwx_sections(const Elf_Ehdr *hdr, const Elf_Shdr *sechdrs,
return 0;
}
+
+static const char *const ro_after_init[] = {
+ /*
+ * Section .data..ro_after_init holds data explicitly annotated by
+ * __ro_after_init.
+ */
+ ".data..ro_after_init",
+
+ /*
+ * Section __jump_table holds data structures that are never modified,
+ * with the exception of entries that refer to code in the __init
+ * section, which are marked as such at module load time.
+ */
+ "__jump_table",
+};
+
+void module_mark_ro_after_init(const Elf_Ehdr *hdr, Elf_Shdr *sechdrs,
+ const char *secstrings)
+{
+ int i, j;
+
+ for (i = 1; i < hdr->e_shnum; i++) {
+ Elf_Shdr *shdr = &sechdrs[i];
+
+ for (j = 0; j < ARRAY_SIZE(ro_after_init); j++) {
+ if (strcmp(secstrings + shdr->sh_name,
+ ro_after_init[j]) == 0) {
+ shdr->sh_flags |= SHF_RO_AFTER_INIT;
+ break;
+ }
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.39.0) at 2025-08-01 08:24:27 +0300