lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210204062128.27692-1-lecopzer.chen@mediatek.com>
Date:   Thu, 4 Feb 2021 14:21:28 +0800
From:   Lecopzer Chen <lecopzer.chen@...iatek.com>
To:     <ardb@...nel.org>
CC:     <akpm@...ux-foundation.org>, <andreyknvl@...gle.com>,
        <aryabinin@...tuozzo.com>, <broonie@...nel.org>,
        <catalin.marinas@....com>, <dan.j.williams@...el.com>,
        <dvyukov@...gle.com>, <glider@...gle.com>, <gustavoars@...nel.org>,
        <kasan-dev@...glegroups.com>, <lecopzer.chen@...iatek.com>,
        <lecopzer@...il.com>, <linux-arm-kernel@...ts.infradead.org>,
        <linux-kernel@...r.kernel.org>,
        <linux-mediatek@...ts.infradead.org>, <linux-mm@...ck.org>,
        <linux@...ck-us.net>, <robin.murphy@....com>, <rppt@...nel.org>,
        <tyhicks@...ux.microsoft.com>, <vincenzo.frascino@....com>,
        <will@...nel.org>, <yj.chiang@...iatek.com>
Subject: Re: [PATCH v2 1/4] arm64: kasan: don't populate vmalloc area for CONFIG_KASAN_VMALLOC

> On Sat, 9 Jan 2021 at 11:33, Lecopzer Chen <lecopzer@...il.com> wrote:
> >
> > Linux support KAsan for VMALLOC since commit 3c5c3cfb9ef4da9
> > ("kasan: support backing vmalloc space with real shadow memory")
> >
> > Like how the MODULES_VADDR does now, just not to early populate
> > the VMALLOC_START between VMALLOC_END.
> > similarly, the kernel code mapping is now in the VMALLOC area and
> > should keep these area populated.
> >
> > Signed-off-by: Lecopzer Chen <lecopzer.chen@...iatek.com>
> 
> 
> This commit log text is a bit hard to follow. You are saying that the
> vmalloc region is *not* backed with zero shadow or any default mapping
> at all, right, and everything gets allocated on demand, just like is
> the case for modules?

It's much more like:

before:

MODULE_VADDR: no mapping, no zoreo shadow at init
VMALLOC_VADDR: backed with zero shadow at init

after:

MODULE_VADDR: no mapping, no zoreo shadow at init
VMALLOC_VADDR: no mapping, no zoreo shadow at init

So it should be both "not backed with zero shadow" and
"not any mapping and everything gets allocated on demand".

And the "not backed with zero shadow" is like a subset of "not any mapping ...".


Is that being more clear if the commit revises to:

----------------------
Like how the MODULES_VADDR does now, just not to early populate
the VMALLOC_START between VMALLOC_END.

Before:

MODULE_VADDR: no mapping, no zoreo shadow at init
VMALLOC_VADDR: backed with zero shadow at init

After:

VMALLOC_VADDR: no mapping, no zoreo shadow at init

Thus the mapping will get allocate on demand by the core function
of KASAN vmalloc.

similarly, the kernel code mapping is now in the VMALLOC area and
should keep these area populated.
--------------------

Or would you have any suggestion?


Thanks a lot for your review!

BRs,
Lecopzer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ