| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Feb 2021 14:21:28 +0800
From: Lecopzer Chen <lecopzer.chen@...iatek.com>
To: <ardb@...nel.org>
CC: <akpm@...ux-foundation.org>, <andreyknvl@...gle.com>,
<aryabinin@...tuozzo.com>, <broonie@...nel.org>,
<catalin.marinas@....com>, <dan.j.williams@...el.com>,
<dvyukov@...gle.com>, <glider@...gle.com>, <gustavoars@...nel.org>,
<kasan-dev@...glegroups.com>, <lecopzer.chen@...iatek.com>,
<lecopzer@...il.com>, <linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>,
<linux-mediatek@...ts.infradead.org>, <linux-mm@...ck.org>,
<linux@...ck-us.net>, <robin.murphy@....com>, <rppt@...nel.org>,
<tyhicks@...ux.microsoft.com>, <vincenzo.frascino@....com>,
<will@...nel.org>, <yj.chiang@...iatek.com>
Subject: Re: [PATCH v2 1/4] arm64: kasan: don't populate vmalloc area for CONFIG_KASAN_VMALLOC
> On Sat, 9 Jan 2021 at 11:33, Lecopzer Chen <lecopzer@...il.com> wrote:
> >
> > Linux support KAsan for VMALLOC since commit 3c5c3cfb9ef4da9
> > ("kasan: support backing vmalloc space with real shadow memory")
> >
> > Like how the MODULES_VADDR does now, just not to early populate
> > the VMALLOC_START between VMALLOC_END.
> > similarly, the kernel code mapping is now in the VMALLOC area and
> > should keep these area populated.
> >
> > Signed-off-by: Lecopzer Chen <lecopzer.chen@...iatek.com>
>
>
> This commit log text is a bit hard to follow. You are saying that the
> vmalloc region is *not* backed with zero shadow or any default mapping
> at all, right, and everything gets allocated on demand, just like is
> the case for modules?
It's much more like:
before:
MODULE_VADDR: no mapping, no zoreo shadow at init
VMALLOC_VADDR: backed with zero shadow at init
after:
MODULE_VADDR: no mapping, no zoreo shadow at init
VMALLOC_VADDR: no mapping, no zoreo shadow at init
So it should be both "not backed with zero shadow" and
"not any mapping and everything gets allocated on demand".
And the "not backed with zero shadow" is like a subset of "not any mapping ...".
Is that being more clear if the commit revises to:
----------------------
Like how the MODULES_VADDR does now, just not to early populate
the VMALLOC_START between VMALLOC_END.
Before:
MODULE_VADDR: no mapping, no zoreo shadow at init
VMALLOC_VADDR: backed with zero shadow at init
After:
VMALLOC_VADDR: no mapping, no zoreo shadow at init
Thus the mapping will get allocate on demand by the core function
of KASAN vmalloc.
similarly, the kernel code mapping is now in the VMALLOC area and
should keep these area populated.
--------------------
Or would you have any suggestion?
Thanks a lot for your review!
BRs,
Lecopzer
Powered by blists - more mailing lists