lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKv+Gu8U1=Yxo7Mw6WsJbe82sRpjAq91HGW5XJi77ee+=BkGeA@mail.gmail.com>
Date:   Fri, 14 Jun 2019 09:02:49 +0200
From:   Ard Biesheuvel <ard.biesheuvel@...aro.org>
To:     Florian Fainelli <f.fainelli@...il.com>
Cc:     linux-arm-kernel@...r.kernel.org,
        bcm-kernel-feedback-list@...adcom.com,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will.deacon@....com>,
        "moderated list:ARM64 PORT (AARCH64 ARCHITECTURE)" 
        <linux-arm-kernel@...ts.infradead.org>,
        open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] arm64: Allow user selection of ARM64_MODULE_PLTS

On Fri, 14 Jun 2019 at 04:59, Florian Fainelli <f.fainelli@...il.com> wrote:
>
> Make ARM64_MODULE_PLTS a selectable Kconfig symbol, since some people
> might have very big modules spilling out of the dedicated module area
> into vmalloc. Help text is copied from the ARM 32-bit counterpart.
>
> Signed-off-by: Florian Fainelli <f.fainelli@...il.com>
> ---
>  arch/arm64/Kconfig | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
>
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 697ea0510729..36befe987b73 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1418,8 +1418,20 @@ config ARM64_SVE
>           KVM in the same kernel image.
>
>  config ARM64_MODULE_PLTS
> -       bool
> +       bool "Use PLTs to allow module memory to spill over into vmalloc area"
>         select HAVE_MOD_ARCH_SPECIFIC
> +       help
> +         Allocate PLTs when loading modules so that jumps and calls whose
> +         targets are too far away for their relative offsets to be encoded
> +         in the instructions themselves can be bounced via veneers in the
> +         module's PLT. This allows modules to be allocated in the generic
> +         vmalloc area after the dedicated module memory area has been
> +         exhausted. The modules will use slightly more memory, but after
> +         rounding up to page size, the actual memory footprint is usually
> +         the same.
> +
> +         Disabling this is usually safe for small single-platform
> +         configurations. If unsure, say y.
>

I don't mind adding this, but it makes sense to add an explanation why
KASLR enables this. E.g.,

"""
When running with address space randomization (KASLR), the module
region itself may be too far away for ordinary relative jumps and
calls, and so in that case, module PLTs are required and cannot be
disabled.
"""

>  config ARM64_PSEUDO_NMI
>         bool "Support for NMI-like interrupts"
> --
> 2.17.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ