| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210128085326.22553-1-lecopzer.chen@mediatek.com>
Date: Thu, 28 Jan 2021 16:53:26 +0800
From: Lecopzer Chen <lecopzer.chen@...iatek.com>
To: <will@...nel.org>
CC: <akpm@...ux-foundation.org>, <andreyknvl@...gle.com>,
<ardb@...nel.org>, <aryabinin@...tuozzo.com>, <broonie@...nel.org>,
<catalin.marinas@....com>, <dan.j.williams@...el.com>,
<dvyukov@...gle.com>, <glider@...gle.com>, <gustavoars@...nel.org>,
<kasan-dev@...glegroups.com>, <lecopzer.chen@...iatek.com>,
<lecopzer@...il.com>, <linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>,
<linux-mediatek@...ts.infradead.org>, <linux-mm@...ck.org>,
<linux@...ck-us.net>, <robin.murphy@....com>, <rppt@...nel.org>,
<tyhicks@...ux.microsoft.com>, <vincenzo.frascino@....com>,
<yj.chiang@...iatek.com>
Subject: Re: [PATCH v2 4/4] arm64: kaslr: support randomized module area with KASAN_VMALLOC
> On Sat, Jan 09, 2021 at 06:32:52PM +0800, Lecopzer Chen wrote:
> > After KASAN_VMALLOC works in arm64, we can randomize module region
> > into vmalloc area now.
> >
> > Test:
> > VMALLOC area ffffffc010000000 fffffffdf0000000
> >
> > before the patch:
> > module_alloc_base/end ffffffc008b80000 ffffffc010000000
> > after the patch:
> > module_alloc_base/end ffffffdcf4bed000 ffffffc010000000
> >
> > And the function that insmod some modules is fine.
> >
> > Suggested-by: Ard Biesheuvel <ardb@...nel.org>
> > Signed-off-by: Lecopzer Chen <lecopzer.chen@...iatek.com>
> > ---
> > arch/arm64/kernel/kaslr.c | 18 ++++++++++--------
> > arch/arm64/kernel/module.c | 16 +++++++++-------
> > 2 files changed, 19 insertions(+), 15 deletions(-)
> >
> > diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c
> > index 1c74c45b9494..a2858058e724 100644
> > --- a/arch/arm64/kernel/kaslr.c
> > +++ b/arch/arm64/kernel/kaslr.c
> > @@ -161,15 +161,17 @@ u64 __init kaslr_early_init(u64 dt_phys)
> > /* use the top 16 bits to randomize the linear region */
> > memstart_offset_seed = seed >> 48;
> >
> > - if (IS_ENABLED(CONFIG_KASAN_GENERIC) ||
> > - IS_ENABLED(CONFIG_KASAN_SW_TAGS))
> > + if (!IS_ENABLED(CONFIG_KASAN_VMALLOC) &&
> > + (IS_ENABLED(CONFIG_KASAN_GENERIC) ||
>
> CONFIG_KASAN_VMALLOC depends on CONFIG_KASAN_GENERIC so why is this
> necessary?
>
> Will
CONFIG_KASAN_VMALLOC=y means CONFIG_KASAN_GENERIC=y
but CONFIG_KASAN_GENERIC=y doesn't means CONFIG_KASAN_VMALLOC=y
So this if-condition allows only KASAN rather than
KASAN + KASAN_VMALLOC enabled.
Please correct me if I'm wrong.
thanks,
Lecopzer
Powered by blists - more mailing lists