lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20231026102438.GA6924@willie-the-truck> Date: Thu, 26 Oct 2023 11:24:39 +0100 From: Will Deacon <will@...nel.org> To: Mike Rapoport <rppt@...nel.org> Cc: linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Björn Töpel <bjorn@...nel.org>, Catalin Marinas <catalin.marinas@....com>, Christophe Leroy <christophe.leroy@...roup.eu>, "David S. Miller" <davem@...emloft.net>, Dinh Nguyen <dinguyen@...nel.org>, Heiko Carstens <hca@...ux.ibm.com>, Helge Deller <deller@....de>, Huacai Chen <chenhuacai@...nel.org>, Kent Overstreet <kent.overstreet@...ux.dev>, Luis Chamberlain <mcgrof@...nel.org>, Mark Rutland <mark.rutland@....com>, Michael Ellerman <mpe@...erman.id.au>, Nadav Amit <nadav.amit@...il.com>, "Naveen N. Rao" <naveen.n.rao@...ux.ibm.com>, Palmer Dabbelt <palmer@...belt.com>, Puranjay Mohan <puranjay12@...il.com>, Rick Edgecombe <rick.p.edgecombe@...el.com>, Russell King <linux@...linux.org.uk>, Song Liu <song@...nel.org>, Steven Rostedt <rostedt@...dmis.org>, Thomas Bogendoerfer <tsbogend@...ha.franken.de>, Thomas Gleixner <tglx@...utronix.de>, bpf@...r.kernel.org, linux-arm-kernel@...ts.infradead.org, linux-mips@...r.kernel.org, linux-mm@...ck.org, linux-modules@...r.kernel.org, linux-parisc@...r.kernel.org, linux-riscv@...ts.infradead.org, linux-s390@...r.kernel.org, linux-trace-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org, loongarch@...ts.linux.dev, netdev@...r.kernel.org, sparclinux@...r.kernel.org, x86@...nel.org Subject: Re: [PATCH v3 04/13] mm/execmem, arch: convert remaining overrides of module_alloc to execmem On Thu, Oct 26, 2023 at 11:58:00AM +0300, Mike Rapoport wrote: > On Mon, Oct 23, 2023 at 06:14:20PM +0100, Will Deacon wrote: > > On Mon, Sep 18, 2023 at 10:29:46AM +0300, Mike Rapoport wrote: > > > diff --git a/arch/arm64/kernel/module.c b/arch/arm64/kernel/module.c > > > index dd851297596e..cd6320de1c54 100644 > > > --- a/arch/arm64/kernel/module.c > > > +++ b/arch/arm64/kernel/module.c > > > @@ -20,6 +20,7 @@ > > > #include <linux/random.h> > > > #include <linux/scs.h> > > > #include <linux/vmalloc.h> > > > +#include <linux/execmem.h> > > > > > > #include <asm/alternative.h> > > > #include <asm/insn.h> > > > @@ -108,46 +109,38 @@ static int __init module_init_limits(void) > > > > > > return 0; > > > } > > > -subsys_initcall(module_init_limits); > > > > > > -void *module_alloc(unsigned long size) > > > +static struct execmem_params execmem_params __ro_after_init = { > > > + .ranges = { > > > + [EXECMEM_DEFAULT] = { > > > + .flags = EXECMEM_KASAN_SHADOW, > > > + .alignment = MODULE_ALIGN, > > > + }, > > > + }, > > > +}; > > > + > > > +struct execmem_params __init *execmem_arch_params(void) > > > { > > > - void *p = NULL; > > > + struct execmem_range *r = &execmem_params.ranges[EXECMEM_DEFAULT]; > > > > > > - /* > > > - * Where possible, prefer to allocate within direct branch range of the > > > - * kernel such that no PLTs are necessary. > > > - */ > > > > Why are you removing this comment? I think you could just move it next > > to the part where we set a 128MiB range. > > Oops, my bad. Will add it back. Thanks. > > > - if (module_direct_base) { > > > - p = __vmalloc_node_range(size, MODULE_ALIGN, > > > - module_direct_base, > > > - module_direct_base + SZ_128M, > > > - GFP_KERNEL | __GFP_NOWARN, > > > - PAGE_KERNEL, 0, NUMA_NO_NODE, > > > - __builtin_return_address(0)); > > > - } > > > + module_init_limits(); > > > > Hmm, this used to be run from subsys_initcall(), but now you're running > > it _really_ early, before random_init(), so randomization of the module > > space is no longer going to be very random if we don't have early entropy > > from the firmware or the CPU, which is likely to be the case on most SoCs. > > Well, it will be as random as KASLR. Won't that be enough? I don't think that's true -- we have the 'kaslr-seed' property for KASLR, but I'm not seeing anything like that for the module randomisation and I also don't see why we need to set these limits so early. Will
Powered by blists - more mailing lists