lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 1 Sep 2022 10:41:58 +0200
From:   Alexander Sverdlin <alexander.sverdlin@...ia.com>
To:     Linus Walleij <linus.walleij@...aro.org>
Cc:     kasan-dev@...glegroups.com,
        Lecopzer Chen <lecopzer.chen@...iatek.com>,
        Andrey Ryabinin <ryabinin.a.a@...il.com>,
        Alexander Potapenko <glider@...gle.com>,
        Andrey Konovalov <andreyknvl@...il.com>,
        Dmitry Vyukov <dvyukov@...gle.com>,
        Vincenzo Frascino <vincenzo.frascino@....com>,
        Russell King <linux@...linux.org.uk>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ARM: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n

Hello Linus,

On 31/08/2022 11:30, Linus Walleij wrote:
>> -       create_mapping((void *)MODULES_VADDR, (void *)(PKMAP_BASE + PMD_SIZE));
>> +       if (!IS_ENABLED(CONFIG_KASAN_VMALLOC) && IS_ENABLED(CONFIG_MODULES))
>> +               create_mapping((void *)MODULES_VADDR, (void *)(MODULES_END));
> So the way I understand it is that modules are first and foremost loaded into
> the area MODULES_VADDR .. MODULES_END, and then after that is out,
> they get loaded into VMALLOC. See arch/arm/kernel/module.c, module_alloc().

yes, but both areas are managed by __vmalloc_node_range().
 
> If you do this, how are the addresses between MODULES_VADDR..MODULES_END
> shadowed when using CONFIG_KASAN_VMALLOC?

That's the thing, __vmalloc_node_range() doesn't differentiate between address
ranges and tries first to recreate [already existing] shadow mapping, and then
vfree() unconditionally frees the mapping and the page.

vmalloc() KASAN handling is generic, module_alloc() implemented via vmalloc()
is however ARM-specific. Even though we could teach vmalloc() about MODULES_VADDR
and MODULES_END (and don't call kasan_ instrumentation on these), but, this is
ARM-specifics that it's used for this range.
 
>> +       create_mapping((void *)PKMAP_BASE, (void *)(PKMAP_BASE + PMD_SIZE));
> (Splitting this in two steps if probably good in any case.)
> 
> Pls keep me on CC for Kasan ARM patches, thanks! (Maybe I should add some
> MAINTAINERS blurb.)

-- 
Best regards,
Alexander Sverdlin.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ