module: Make .static_call_sites read-only after init

Section .static_call_sites holds data structures that need to be sorted and
processed only at module load time. This initial processing happens in
static_call_add_module(), which is invoked as a callback to the
MODULE_STATE_COMING notification from prepare_coming_module().

The section is never modified afterwards. Make it therefore read-only after
module initialization to avoid any (non-)accidental modifications.

Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Link: https://lore.kernel.org/r/20250306131430.7016-4-petr.pavlu@suse.com
Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>

diff --git a/kernel/module/strict_rwx.c b/kernel/module/strict_rwx.c
index 7aab6a524eccc67ecc4dd12c687c9847c9f6d9b4..8fd438529fbc09da121c1208703bf7eca4355931 100644 (file)
--- a/kernel/module/strict_rwx.c
+++ b/kernel/module/strict_rwx.c
@@ -121,6 +121,15 @@ static const char *const ro_after_init[] = {
         * section, which are marked as such at module load time.
         */
        "__jump_table",
+
+#ifdef CONFIG_HAVE_STATIC_CALL_INLINE
+       /*
+        * Section .static_call_sites holds data structures that need to be
+        * sorted and processed at module load time but are never modified
+        * afterwards.
+        */
+       ".static_call_sites",
+#endif
 };
 
 void module_mark_ro_after_init(const Elf_Ehdr *hdr, Elf_Shdr *sechdrs,