| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230617061015.GO52412@kernel.org>
Date: Sat, 17 Jun 2023 09:10:15 +0300
From: Mike Rapoport <rppt@...nel.org>
To: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mcgrof@...nel.org" <mcgrof@...nel.org>,
"deller@....de" <deller@....de>,
"davem@...emloft.net" <davem@...emloft.net>,
"nadav.amit@...il.com" <nadav.amit@...il.com>,
"linux@...linux.org.uk" <linux@...linux.org.uk>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>,
"linux-riscv@...ts.infradead.org" <linux-riscv@...ts.infradead.org>,
"hca@...ux.ibm.com" <hca@...ux.ibm.com>,
"catalin.marinas@....com" <catalin.marinas@....com>,
"kent.overstreet@...ux.dev" <kent.overstreet@...ux.dev>,
"puranjay12@...il.com" <puranjay12@...il.com>,
"linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>,
"palmer@...belt.com" <palmer@...belt.com>,
"chenhuacai@...nel.org" <chenhuacai@...nel.org>,
"tsbogend@...ha.franken.de" <tsbogend@...ha.franken.de>,
"linux-trace-kernel@...r.kernel.org" <linux-trace-kernel@...r.kernel.org>,
"linux-parisc@...r.kernel.org" <linux-parisc@...r.kernel.org>,
"christophe.leroy@...roup.eu" <christophe.leroy@...roup.eu>,
"x86@...nel.org" <x86@...nel.org>,
"mpe@...erman.id.au" <mpe@...erman.id.au>,
"mark.rutland@....com" <mark.rutland@....com>,
"rostedt@...dmis.org" <rostedt@...dmis.org>,
"linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>,
"will@...nel.org" <will@...nel.org>,
"dinguyen@...nel.org" <dinguyen@...nel.org>,
"naveen.n.rao@...ux.ibm.com" <naveen.n.rao@...ux.ibm.com>,
"sparclinux@...r.kernel.org" <sparclinux@...r.kernel.org>,
"linux-modules@...r.kernel.org" <linux-modules@...r.kernel.org>,
"bpf@...r.kernel.org" <bpf@...r.kernel.org>,
"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>,
"song@...nel.org" <song@...nel.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
"loongarch@...ts.linux.dev" <loongarch@...ts.linux.dev>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>
Subject: Re: [PATCH v2 04/12] mm/execmem, arch: convert remaining overrides
of module_alloc to execmem
On Fri, Jun 16, 2023 at 04:16:28PM +0000, Edgecombe, Rick P wrote:
> On Fri, 2023-06-16 at 11:50 +0300, Mike Rapoport wrote:
> > -void *module_alloc(unsigned long size)
> > -{
> > - gfp_t gfp_mask = GFP_KERNEL;
> > - void *p;
> > -
> > - if (PAGE_ALIGN(size) > MODULES_LEN)
> > - return NULL;
> > +static struct execmem_params execmem_params = {
> > + .modules = {
> > + .flags = EXECMEM_KASAN_SHADOW,
> > + .text = {
> > + .alignment = MODULE_ALIGN,
> > + },
> > + },
> > +};
>
> Did you consider making these execmem_params's ro_after_init? Not that
> it is security sensitive, but it's a nice hint to the reader that it is
> only modified at init. And I guess basically free sanitizing of buggy
> writes to it.
Makes sense.
> >
> > - p = __vmalloc_node_range(size, MODULE_ALIGN,
> > - MODULES_VADDR +
> > get_module_load_offset(),
> > - MODULES_END, gfp_mask, PAGE_KERNEL,
> > - VM_FLUSH_RESET_PERMS |
> > VM_DEFER_KMEMLEAK,
> > - NUMA_NO_NODE,
> > __builtin_return_address(0));
> > +struct execmem_params __init *execmem_arch_params(void)
> > +{
> > + unsigned long start = MODULES_VADDR +
> > get_module_load_offset();
>
> I think we can drop the mutex's in get_module_load_offset() now, since
> execmem_arch_params() should only be called once at init.
Right. Even more, the entire get_module_load_offset() can be folded into
execmem_arch_params() as
if (IS_ENABLED(CONFIG_RANDOMIZE_BASE) && kaslr_enabled())
module_load_offset =
get_random_u32_inclusive(1, 1024) * PAGE_SIZE;
> >
> > - if (p && (kasan_alloc_module_shadow(p, size, gfp_mask) < 0))
> > {
> > - vfree(p);
> > - return NULL;
> > - }
> > + execmem_params.modules.text.start = start;
> > + execmem_params.modules.text.end = MODULES_END;
> > + execmem_params.modules.text.pgprot = PAGE_KERNEL;
> >
> > - return p;
> > + return &execmem_params;
> > }
> >
>
--
Sincerely yours,
Mike.
Powered by blists - more mailing lists