forked from mirrors/linux
f2b9ba871b
We currently have to rely on the GCC large code model for KASLR for two distinct but related reasons: - if we enable full randomization, modules will be loaded very far away from the core kernel, where they are out of range for ADRP instructions, - even without full randomization, the fact that the 128 MB module region is now no longer fully reserved for kernel modules means that there is a very low likelihood that the normal bottom-up allocation of other vmalloc regions may collide, and use up the range for other things. Large model code is suboptimal, given that each symbol reference involves a literal load that goes through the D-cache, reducing cache utilization. But more importantly, literals are not instructions but part of .text nonetheless, and hence mapped with executable permissions. So let's get rid of our dependency on the large model for KASLR, by: - reducing the full randomization range to 4 GB, thereby ensuring that ADRP references between modules and the kernel are always in range, - reduce the spillover range to 4 GB as well, so that we fallback to a region that is still guaranteed to be in range - move the randomization window of the core kernel to the middle of the VMALLOC space Note that KASAN always uses the module region outside of the vmalloc space, so keep the kernel close to that if KASAN is enabled. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Will Deacon <will.deacon@arm.com>
51 lines
1.3 KiB
C
51 lines
1.3 KiB
C
/*
|
|
* include/linux/sizes.h
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2 as
|
|
* published by the Free Software Foundation.
|
|
*/
|
|
#ifndef __LINUX_SIZES_H__
|
|
#define __LINUX_SIZES_H__
|
|
|
|
#include <linux/const.h>
|
|
|
|
#define SZ_1 0x00000001
|
|
#define SZ_2 0x00000002
|
|
#define SZ_4 0x00000004
|
|
#define SZ_8 0x00000008
|
|
#define SZ_16 0x00000010
|
|
#define SZ_32 0x00000020
|
|
#define SZ_64 0x00000040
|
|
#define SZ_128 0x00000080
|
|
#define SZ_256 0x00000100
|
|
#define SZ_512 0x00000200
|
|
|
|
#define SZ_1K 0x00000400
|
|
#define SZ_2K 0x00000800
|
|
#define SZ_4K 0x00001000
|
|
#define SZ_8K 0x00002000
|
|
#define SZ_16K 0x00004000
|
|
#define SZ_32K 0x00008000
|
|
#define SZ_64K 0x00010000
|
|
#define SZ_128K 0x00020000
|
|
#define SZ_256K 0x00040000
|
|
#define SZ_512K 0x00080000
|
|
|
|
#define SZ_1M 0x00100000
|
|
#define SZ_2M 0x00200000
|
|
#define SZ_4M 0x00400000
|
|
#define SZ_8M 0x00800000
|
|
#define SZ_16M 0x01000000
|
|
#define SZ_32M 0x02000000
|
|
#define SZ_64M 0x04000000
|
|
#define SZ_128M 0x08000000
|
|
#define SZ_256M 0x10000000
|
|
#define SZ_512M 0x20000000
|
|
|
|
#define SZ_1G 0x40000000
|
|
#define SZ_2G 0x80000000
|
|
|
|
#define SZ_4G _AC(0x100000000, ULL)
|
|
|
|
#endif /* __LINUX_SIZES_H__ */
|