From patchwork Thu Jan 31 19:24:29 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Garnier X-Patchwork-Id: 10791365 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 776F81390 for ; Thu, 31 Jan 2019 19:46:05 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6D92E3102E for ; Thu, 31 Jan 2019 19:46:05 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6046131793; Thu, 31 Jan 2019 19:46:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.3 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 8EA8E3102E for ; Thu, 31 Jan 2019 19:46:03 +0000 (UTC) Received: (qmail 15570 invoked by uid 550); 31 Jan 2019 19:44:12 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Delivered-To: moderator for kernel-hardening@lists.openwall.com Received: (qmail 21553 invoked from network); 31 Jan 2019 19:29:31 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MFJ2wRRAA6IcXGO+/YjG1KwDtDZI3ZJyGSkT8C93+ng=; b=bummAweVarfI8k6oygDBubQOq0LmgOcN0J+QZblexpy8/IhsmXIWhZQep1j4JxBHCi 9M3wp41b1RA0JpXrPwzKUXMe2wlknzlm38/yVJxZ2VisEsShjKcd37T3/XgmFxqWOxEH mrkHCwpMgxQiKPgnIa990XbwbI1+A6HThvwIk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MFJ2wRRAA6IcXGO+/YjG1KwDtDZI3ZJyGSkT8C93+ng=; b=btz0jQmfpxRKYtb1Zn6MTe6qUfbJAjLhnTcB3YpcDTjg6I0SYecPzJBVFMPUFxi0gk ToFU0ymx5McELhanuFT2qHpwmMulOuXsIki/3r8P3WK0BgG6E0bkQO5UDWVZuocluXp0 NpnVE6/IN7wjYSURLncPvyU3kLKxhDss+h62EDp0g41lvzPefQ3ACM8snpqZ64aKP34z TjL9965xZxh7gb0rwgz1Svl7gWdCu2EaSBjcE4F1F+HmefdsvvxSL2njIMEVWysJX4Xv 9QIyRE0ShQw3la5YwxXc+ZUHyS+eIy0tA4HOryzKuAe7XT6EqwlOplqBvtK4oZVMukci D0Qw== X-Gm-Message-State: AJcUukeqYErsjQe0zPwujLwbxJIfWvjKWzoe4sKDR7+zbE1laZNK+r0B RmH32UJDRRavMG2ziBweV4uMW7+D/wU= X-Google-Smtp-Source: ALg8bN620UGZSWSXLJlom6YH/iGy7rMQgOcXdIpYO/yDV0hBkdq6i4rBx/QaIGQWhCFld0FOFHOD0w== X-Received: by 2002:a17:902:704b:: with SMTP id h11mr36294891plt.157.1548962959435; Thu, 31 Jan 2019 11:29:19 -0800 (PST) From: Thomas Garnier To: kernel-hardening@lists.openwall.com Cc: kristen@linux.intel.com, Thomas Garnier , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , x86@kernel.org, Jonathan Corbet , Dave Hansen , Andy Lutomirski , Peter Zijlstra , "Kirill A. Shutemov" , Baoquan He , Thomas Garnier , Alexander Popov , Joerg Roedel , Juergen Gross , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org Subject: [PATCH v6 22/27] x86/modules: Add option to start module section after kernel Date: Thu, 31 Jan 2019 11:24:29 -0800 Message-Id: <20190131192533.34130-23-thgarnie@chromium.org> X-Mailer: git-send-email 2.20.1.495.gaa96b0ce6b-goog In-Reply-To: <20190131192533.34130-1-thgarnie@chromium.org> References: <20190131192533.34130-1-thgarnie@chromium.org> MIME-Version: 1.0 X-Virus-Scanned: ClamAV using ClamSMTP Add an option so the module section is just after the mapped kernel. It will ensure position independent modules are always at the right distance from the kernel and do not require mcmodule=large. It also optimize the available size for modules by getting rid of the empty space on kernel randomization range. Signed-off-by: Thomas Garnier --- Documentation/x86/x86_64/mm.txt | 3 +++ arch/x86/Kconfig | 4 ++++ arch/x86/include/asm/pgtable_64_types.h | 6 ++++++ arch/x86/kernel/head64.c | 5 ++++- arch/x86/mm/dump_pagetables.c | 3 ++- 5 files changed, 19 insertions(+), 2 deletions(-) diff --git a/Documentation/x86/x86_64/mm.txt b/Documentation/x86/x86_64/mm.txt index 804f9426ed17..35b845d695d5 100644 --- a/Documentation/x86/x86_64/mm.txt +++ b/Documentation/x86/x86_64/mm.txt @@ -151,3 +151,6 @@ correct as KASAN disables KASLR. For both 4- and 5-level layouts, the STACKLEAK_POISON value in the last 2MB hole: ffffffffffff4111 + +If CONFIG_DYNAMIC_MODULE_BASE is enabled, the module section follows the end of +the mapped kernel. diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 263d81c570b2..c3ad1b0ae1a1 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2221,6 +2221,10 @@ config RANDOMIZE_MEMORY_PHYSICAL_PADDING If unsure, leave at the default value. +# Module section starts just after the end of the kernel module +config DYNAMIC_MODULE_BASE + bool + config X86_GLOBAL_STACKPROTECTOR bool "Stack cookie using a global variable" depends on CC_STACKPROTECTOR_AUTO diff --git a/arch/x86/include/asm/pgtable_64_types.h b/arch/x86/include/asm/pgtable_64_types.h index 88bca456da99..d1bb676ec376 100644 --- a/arch/x86/include/asm/pgtable_64_types.h +++ b/arch/x86/include/asm/pgtable_64_types.h @@ -7,6 +7,7 @@ #ifndef __ASSEMBLY__ #include #include +#include /* * These are used to make use of C type-checking.. @@ -141,7 +142,12 @@ extern unsigned int ptrs_per_p4d; #define VMALLOC_END (VMALLOC_START + (VMALLOC_SIZE_TB << 40) - 1) +#ifdef CONFIG_DYNAMIC_MODULE_BASE +#define MODULES_VADDR ALIGN(((unsigned long)_end + PAGE_SIZE), PMD_SIZE) +#else #define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE) +#endif + /* The module sections ends with the start of the fixmap */ #define MODULES_END _AC(0xffffffffff000000, UL) #define MODULES_LEN (MODULES_END - MODULES_VADDR) diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index 22e81275495b..ca2f6ff431af 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -411,12 +411,15 @@ asmlinkage __visible void __init x86_64_start_kernel(char * real_mode_data) * Build-time sanity checks on the kernel image and module * area mappings. (these are purely build-time and produce no code) */ +#ifndef CONFIG_DYNAMIC_MODULE_BASE BUILD_BUG_ON(MODULES_VADDR < __START_KERNEL_map); BUILD_BUG_ON(MODULES_VADDR - __START_KERNEL_map < KERNEL_IMAGE_SIZE); - BUILD_BUG_ON(MODULES_LEN + KERNEL_IMAGE_SIZE > 2*PUD_SIZE); + BUILD_BUG_ON(!IS_ENABLED(CONFIG_RANDOMIZE_BASE_LARGE) && + MODULES_LEN + KERNEL_IMAGE_SIZE > 2*PUD_SIZE); BUILD_BUG_ON((__START_KERNEL_map & ~PMD_MASK) != 0); BUILD_BUG_ON((MODULES_VADDR & ~PMD_MASK) != 0); BUILD_BUG_ON(!(MODULES_VADDR > __START_KERNEL)); +#endif MAYBE_BUILD_BUG_ON(!(((MODULES_END - 1) & PGDIR_MASK) == (__START_KERNEL & PGDIR_MASK))); BUILD_BUG_ON(__fix_to_virt(__end_of_fixed_addresses) <= MODULES_END); diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c index e3cdc85ce5b6..3172bd968215 100644 --- a/arch/x86/mm/dump_pagetables.c +++ b/arch/x86/mm/dump_pagetables.c @@ -104,7 +104,7 @@ static struct addr_marker address_markers[] = { [EFI_END_NR] = { EFI_VA_END, "EFI Runtime Services" }, #endif [HIGH_KERNEL_NR] = { __START_KERNEL_map, "High Kernel Mapping" }, - [MODULES_VADDR_NR] = { MODULES_VADDR, "Modules" }, + [MODULES_VADDR_NR] = { 0/*MODULES_VADDR*/, "Modules" }, [MODULES_END_NR] = { MODULES_END, "End Modules" }, [FIXADDR_START_NR] = { FIXADDR_START, "Fixmap Area" }, [END_OF_SPACE_NR] = { -1, NULL } @@ -623,6 +623,7 @@ static int __init pt_dump_init(void) address_markers[KASAN_SHADOW_START_NR].start_address = KASAN_SHADOW_START; address_markers[KASAN_SHADOW_END_NR].start_address = KASAN_SHADOW_END; #endif + address_markers[MODULES_VADDR_NR].start_address = MODULES_VADDR; #endif #ifdef CONFIG_X86_32 address_markers[VMALLOC_START_NR].start_address = VMALLOC_START;