Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1313202imm; Wed, 20 Jun 2018 15:47:06 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJCCIUxv1RM/oFxEWTWk/MJz0q+e0aCN3mlKaHgsE0RY5OR5Ofwzyls3ik7K5e17Zx1iqMt X-Received: by 2002:a63:6107:: with SMTP id v7-v6mr20649472pgb.264.1529534826186; Wed, 20 Jun 2018 15:47:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1529534826; cv=none; d=google.com; s=arc-20160816; b=HauTZi81QXYEpDSiQoHcAzYYzSYC8hAxWRl8tBZKQNlz3IoE/3JoOLN0XIiPzxVliu +ebtvm3pBgR84SDizPC3QHAqIfyy4AYoJJ3ghpnl4kzPMkezJR7890DuVNVFZoSiORKA EBcM3dHm128q4U2XAnpHtDfvl3OXJoE3Z+2QzY3h1tI3GpchPIkKJfQCeHd+Ra96Wz96 5sVxh/69mhB1G652aS/PkTmuZrnORHYrXoW0z03u//9gpQOcLT/z0cBefP5ViJXvx72k zSVhcRxJoYJ6428lNjg/MbyzmjYYztPuhNM9z584S1234p9vrYb/fJRXnx1kIj1HcDDc TqRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=gz6a9MAKUcUHj8vgXPbGcTLfhPrshJj7FYOD2kJNTEs=; b=Wme/feqGSzoGolvNFZJAtpsLh2UjpCm3pkLcredtKXDJqPDkvV0pgKWiK1qRjFaz4r ReaWpZooaUc4K5CnyFN66uBWJO59BEHPU5k8b6S/Qf92raoxjp780OP9HheRQVFsD6J4 VEWmWzW6OCP0j2hZ6cZuMytckT06/85zLubzw/MfnLxWNpGQBuXLG6exkSCv/X9EFgUd EK2qEvDy4kc97wh9V6EnCp5naeheY1poYbevHqOJ6eKZfhxxXy+mic31L7OAssaw3dv0 rvpW7HtcSXAUEL3cJHvrSnTgAMOXWZB5IwYghBgyHJST3pCr1LLoHCrlIe88AB7arM5q RGPg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=Ards8LJN; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p5-v6si3255859pls.53.2018.06.20.15.46.52; Wed, 20 Jun 2018 15:47:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=Ards8LJN; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754177AbeFTWo5 (ORCPT + 99 others); Wed, 20 Jun 2018 18:44:57 -0400 Received: from bombadil.infradead.org ([198.137.202.133]:52608 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753938AbeFTWo4 (ORCPT ); Wed, 20 Jun 2018 18:44:56 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=Content-Transfer-Encoding: Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To: Subject:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=gz6a9MAKUcUHj8vgXPbGcTLfhPrshJj7FYOD2kJNTEs=; b=Ards8LJN+SIbgZxsdgW+DVPFC v+CECLPhBClEWFPy3xukuj+0Z2jN23AhUGJUA1SU45NihHYBUxwiwBSL0CboJy+HlbocQo7jEPffb iAOfC2S8/cXFMQRD7sKhZEFzzCN2KKvKAVYQQ/I6y6N26wjNVRd46sANE7dEc95twUSIGSutiKQ04 fdDDMloqLvPP2zzQIbTpiCq+aXobt9KyAy2Ljl0LUQvxTEZqW9HqcecG9PcpTLZTPCsjc/jZysNOI NvqKtJGMj5kWbGoV4v+3Bxdv05pfcjpp2RUNtzyr584yu9HQ22x0jafRyM6QzV0wr1AIo91o7tlCo 1jRPgdqQA==; Received: from static-50-53-52-16.bvtn.or.frontiernet.net ([50.53.52.16] helo=dragon.dunlab) by bombadil.infradead.org with esmtpsa (Exim 4.90_1 #2 (Red Hat Linux)) id 1fVlqQ-0007RG-8j; Wed, 20 Jun 2018 22:44:54 +0000 Subject: Re: [PATCH 1/3] vmalloc: Add __vmalloc_node_try_addr function To: Kees Cook Cc: Rick Edgecombe , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , X86 ML , LKML , Linux-MM , Kernel Hardening , kristen Accardi , Dave Hansen , "Van De Ven, Arjan" References: <1529532570-21765-1-git-send-email-rick.p.edgecombe@intel.com> <1529532570-21765-2-git-send-email-rick.p.edgecombe@intel.com> <12014310-19f7-dc31-d983-9c7e00c8b446@infradead.org> From: Randy Dunlap Message-ID: <778b2a1b-d810-815b-0fba-8a1d191acd49@infradead.org> Date: Wed, 20 Jun 2018 15:44:51 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/20/2018 03:35 PM, Kees Cook wrote: > On Wed, Jun 20, 2018 at 3:16 PM, Randy Dunlap wrote: >> On 06/20/2018 03:09 PM, Rick Edgecombe wrote: >>> +void *__vmalloc_node_try_addr(unsigned long addr, unsigned long size, >>> + gfp_t gfp_mask, pgprot_t prot, unsigned long vm_flags, >>> + int node, const void *caller) >>> +{ >> >> so this isn't optional, eh? You are going to force it on people because? > > RANDOMIZE_BASE isn't optional either. :) This improves the module > address entropy with (what seems to be) no down-side, so yeah, I think > it should be non-optional. :) In what kernel tree is RANDOMIZE_BASE not optional? x86: config RANDOMIZE_BASE bool "Randomize the address of the kernel image (KASLR)" depends on RELOCATABLE default y mips: config RANDOMIZE_BASE bool "Randomize the address of the kernel image" depends on RELOCATABLE arm64: config RANDOMIZE_BASE bool "Randomize the address of the kernel image" select ARM64_MODULE_PLTS if MODULES select RELOCATABLE thanks, -- ~Randy