imer_setup() is not compatible with PaX's RAP

PaX Team pageexec at
Tue Nov 14 12:12:24 CET 2017

On 14 Nov 2017 at 10:29, Jason A. Donenfeld wrote:

> I fixed things up here:

works fine, thanks.

> > speaking of PaX support, you recently added some __ro_after_init wrapper
> > to wireguard which breaks under KERNEXEC when it's used on ops structs
> > (my __read_only has different semantics) so i have to revert it here but
> > it'd be nicer if you didn't define it when KERNEXEC is active.
> So what exactly should I be fixing? I think in that last patch I
> forgot to redefine it to be empty. Would this do what you have in
> mind:

i said 'don't define it', not 'redefine it' ;). the difference is that the
latter removes the definition provided under KERNEXEC.

More information about the WireGuard mailing list