Re: [PATCH v3 15/23] ARM: linker script: create separate PT_LOAD segments for text, rodata, and data

Mon, 12 Jan 2026 05:20:55 -0800 

On 1/8/26 4:50 PM, Sascha Hauer wrote:
> Fix the linker scripts to generate three distinct PT_LOAD segments with
> correct permissions instead of combining .rodata with .data.
> 
> Before this fix, the linker auto-generated only two PT_LOAD segments:
> 1. Text segment (PF_R|PF_X)
> 2. Data segment (PF_R|PF_W) - containing .rodata, .data, .bss, etc.
> 
> This caused .rodata to be mapped with write permissions when
> pbl_mmu_setup_from_elf() set up MMU permissions based on ELF segments,
> defeating the W^X protection that commit d9ccb0cf14 intended to provide.

Remove references to commits within this series.

> 
> With explicit PHDRS directives, we now generate three segments:
> 1. text segment (PF_R|PF_X): .text and related code sections
> 2. rodata segment (PF_R): .rodata and unwind tables
> 3. data segment (PF_R|PF_W): .data, .bss, and related sections
> 
> This ensures pbl_mmu_setup_from_elf() correctly maps .rodata as
> read-only (MAP_CACHED_RO) instead of read-write (MAP_CACHED).
> 
> 🤖 Generated with [Claude Code](https://claude.com/claude-code)
> 
> Co-Authored-By: Claude Sonnet 4.5 <[email protected]>
> Signed-off-by: Sascha Hauer <[email protected]>
> ---
>  arch/arm/lib32/barebox.lds.S | 34 ++++++++++++++++++++++------------
>  arch/arm/lib64/barebox.lds.S | 29 +++++++++++++++++++----------
>  2 files changed, 41 insertions(+), 22 deletions(-)
> 
> diff --git a/arch/arm/lib32/barebox.lds.S b/arch/arm/lib32/barebox.lds.S
> index 
> c704dd6d70f3ab157ceb67dfb14760e03f2a5d62..2fb43b4619ff29d8d21dd579d3a3002b7134ff71
>  100644
> --- a/arch/arm/lib32/barebox.lds.S
> +++ b/arch/arm/lib32/barebox.lds.S
> @@ -7,14 +7,23 @@
>  OUTPUT_FORMAT(BAREBOX_OUTPUT_FORMAT)
>  OUTPUT_ARCH(BAREBOX_OUTPUT_ARCH)
>  ENTRY(start)
> +
> +PHDRS
> +{
> +     text PT_LOAD FLAGS(5);     /* PF_R | PF_X */
> +     rodata PT_LOAD FLAGS(4);   /* PF_R */
> +     data PT_LOAD FLAGS(6);     /* PF_R | PF_W */
> +     dynamic PT_DYNAMIC FLAGS(4); /* PF_R */

Move one up for readability (segments with same permissions listed next
to each other).

> +}
> +
>  SECTIONS
>  {
>       . = 0x0;
> -     .image_start : { *(.__image_start) }
> +     .image_start : { *(.__image_start) } :text
>  
>       . = ALIGN(4);
>  
> -     ._text : { *(._text) }
> +     ._text : { *(._text) } :text
>       .text      :
>       {
>               _stext = .;
> @@ -27,7 +36,7 @@ SECTIONS
>               KEEP(*(.text_exceptions*))
>               __exceptions_stop = .;
>               *(.text*)
> -     }
> +     } :text
>       BAREBOX_BARE_INIT_SIZE
>  
>       . = ALIGN(4096);
> @@ -35,7 +44,7 @@ SECTIONS
>       .rodata : {
>               *(.rodata*)
>               RO_DATA_SECTION
> -     }
> +     } :rodata
>  
>  #ifdef CONFIG_ARM_UNWIND
>       /*
> @@ -46,20 +55,21 @@ SECTIONS
>               __start_unwind_idx = .;
>               *(.ARM.exidx*)
>               __stop_unwind_idx = .;
> -     }
> +     } :rodata
>       .ARM.unwind_tab : {
>               __start_unwind_tab = .;
>               *(.ARM.extab*)
>               __stop_unwind_tab = .;
> -     }
> +     } :rodata
>  #endif
>       . = ALIGN(4096);
>       __end_rodata = .;
>       _etext = .;
>       _sdata = .;
>  
> -     . = ALIGN(4);
> -     .data : { *(.data*) }
> +     .data : { *(.data*) } :data
> +
> +     .dynamic : { *(.dynamic) } :data :dynamic

Replace :data with :rodata and move it up just before
__end_rodata, so it's actually read-only.

> --- a/arch/arm/lib64/barebox.lds.S
> +++ b/arch/arm/lib64/barebox.lds.S
> @@ -6,14 +6,23 @@
>  OUTPUT_FORMAT(BAREBOX_OUTPUT_FORMAT)
>  OUTPUT_ARCH(BAREBOX_OUTPUT_ARCH)
>  ENTRY(start)
> +
> +PHDRS
> +{
> +     text PT_LOAD FLAGS(5);     /* PF_R | PF_X */
> +     rodata PT_LOAD FLAGS(4);   /* PF_R */
> +     data PT_LOAD FLAGS(6);     /* PF_R | PF_W */
> +     dynamic PT_DYNAMIC FLAGS(4); /* PF_R */

Same feedback as for arm32.

> -     BAREBOX_RELOCATION_TABLE
> +     .dynamic : { *(.dynamic) } :data :dynamic

Ditto.

Cheers,
Ahmad
-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

Reply via email to