From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751900AbdHGOBl (ORCPT ); Mon, 7 Aug 2017 10:01:41 -0400 Received: from usa-sjc-mx-foss1.foss.arm.com ([217.140.101.70]:49398 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750751AbdHGOBi (ORCPT ); Mon, 7 Aug 2017 10:01:38 -0400 Date: Mon, 7 Aug 2017 15:01:39 +0100 From: Will Deacon To: Ard Biesheuvel Cc: Miles Chen , Catalin Marinas , "linux-arm-kernel@lists.infradead.org" , "linux-kernel@vger.kernel.org" , linux-mediatek@lists.infradead.org, wsd_upstream@mediatek.com Subject: Re: [PATCH] arm64: correct modules range of kernel virtual memory layout Message-ID: <20170807140138.GB18817@arm.com> References: <1502103886-19725-1-git-send-email-miles.chen@mediatek.com> <20170807131608.GA18817@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Aug 07, 2017 at 02:18:00PM +0100, Ard Biesheuvel wrote: > On 7 August 2017 at 14:16, Will Deacon wrote: > > On Mon, Aug 07, 2017 at 07:04:46PM +0800, Miles Chen wrote: > >> The commit f80fb3a3d508 ("arm64: add support for kernel ASLR") > >> moved module virtual address to > >> [module_alloc_base, module_alloc_base + MODULES_VSIZE). > >> > >> Display module information of the virtual kernel > >> memory layout by using module_alloc_base. > >> > >> testing output: > >> 1) Current implementation: > >> Virtual kernel memory layout: > >> modules : 0xffffff8000000000 - 0xffffff8008000000 ( 128 MB) > >> 2) this patch + KASLR: > >> Virtual kernel memory layout: > >> modules : 0xffffff8000560000 - 0xffffff8008560000 ( 128 MB) > >> 3) this patch + KASLR and a dummy seed: > >> Virtual kernel memory layout: > >> modules : 0xffffffa7df637000 - 0xffffffa7e7637000 ( 128 MB) > >> > >> Signed-off-by: Miles Chen > >> --- > >> arch/arm64/mm/init.c | 5 +++-- > >> 1 file changed, 3 insertions(+), 2 deletions(-) > > > > Does this mean the modules code in our pt dumper is busted > > (arch/arm64/mm/dump.c)? Also, what about KASAN, which uses these addresses > > too (in kasan_init)? Should we just remove MODULES_VADDR and MODULES_END > > altogether? > > > > I don't think we need this patch. The 'module' line simply prints the > VA region that is reserved for modules. The fact that we end up > putting them elsewhere when running randomized does not necessarily > mean this line should reflect that. I was more concerned by other users of MODULES_VADDR tbh, although I see now that we don't randomize the module region if kasan is enabled. Still, the kcore code adds the modules region as a separate area (distinct from vmalloc) if MODULES_VADDR is defined, the page table dumping code uses MODULES_VADDR to identify the module region and I think we'll get false positives from is_vmalloc_or_module_addr, which again uses the static region. So, given that MODULES_VADDR never points at the module area, can't we get rid of it? Will