decruft the vmalloc API v2
Hi all, Peter noticed that with some dumb luck you can toast the kernel address space with exported vmalloc symbols. I used this as an opportunity to decruft the vmalloc.c API and make it much more systematic. This also removes any chance to create vmalloc mappings outside the designated areas or using executable permissions from modules. Besides that it removes more than 300 lines of code. A git tree is also available here: git://git.infradead.org/users/hch/misc.git sanitize-vmalloc-api.2 Gitweb: http://git.infradead.org/users/hch/misc.git/shortlog/refs/heads/sanitize-vmalloc-api.2 Changes since v1: - implement pgprot_nx for arm64 (Mark Rutland) - fix a patch description - properly pass pgprot to vmap in ion - add a new patch to fix vmap() API misuse - fix a vmap argument in x86 - two more vmalloc cleanups - cleanup use of the unmap_kernel_range API - rename ioremap_pbh to ioremap_phb
Re: decruft the vmalloc API
On Wed, Apr 08, 2020 at 05:03:24PM +0100, Russell King - ARM Linux admin wrote: > I haven't read all your patches yet. > > Have you tested it on 32-bit ARM, where the module area is located > _below_ PAGE_OFFSET and outside of the vmalloc area? I have not tested it. However existing in-kernel users that use different areas (and we have quite a few of those) have not been changed at all. I think the arm32 module loader (like various other module loaders) falls into that category.
Re: decruft the vmalloc API
On Wed, Apr 08, 2020 at 01:58:58PM +0200, Christoph Hellwig wrote: > Hi all, > > Peter noticed that with some dumb luck you can toast the kernel address > space with exported vmalloc symbols. > > I used this as an opportunity to decruft the vmalloc.c API and make it > much more systematic. This also removes any chance to create vmalloc > mappings outside the designated areas or using executable permissions > from modules. Besides that it removes more than 300 lines of code. I haven't read all your patches yet. Have you tested it on 32-bit ARM, where the module area is located _below_ PAGE_OFFSET and outside of the vmalloc area? -- RMK's Patch system: https://www.armlinux.org.uk/developer/patches/ FTTC broadband for 0.8mile line in suburbia: sync at 10.2Mbps down 587kbps up
Re: decruft the vmalloc API
On Wed, Apr 08, 2020 at 01:58:58PM +0200, Christoph Hellwig wrote: > Hi all, > > Peter noticed that with some dumb luck you can toast the kernel address > space with exported vmalloc symbols. > > I used this as an opportunity to decruft the vmalloc.c API and make it > much more systematic. This also removes any chance to create vmalloc > mappings outside the designated areas or using executable permissions > from modules. Besides that it removes more than 300 lines of code. > Looks great, thanks for doing this! Acked-by: Peter Zijlstra (Intel)
decruft the vmalloc API
Hi all, Peter noticed that with some dumb luck you can toast the kernel address space with exported vmalloc symbols. I used this as an opportunity to decruft the vmalloc.c API and make it much more systematic. This also removes any chance to create vmalloc mappings outside the designated areas or using executable permissions from modules. Besides that it removes more than 300 lines of code. A git tree is also available here: git://git.infradead.org/users/hch/misc.git sanitize-vmalloc-api Gitweb: http://git.infradead.org/users/hch/misc.git/shortlog/refs/heads/sanitize-vmalloc-api
