[tip:x86/boot] x86/mm: Enable KASLR for vmalloc memory regions

[tip-bot for Thomas Garnier]

Commit-ID:  a95ae27c2ee1cba5f4f6b9dea43ffe88252e79b1
Gitweb: http://git.kernel.org/tip/a95ae27c2ee1cba5f4f6b9dea43ffe88252e79b1
Author: Thomas Garnier 
AuthorDate: Tue, 21 Jun 2016 17:47:04 -0700
Committer:  Ingo Molnar 
CommitDate: Fri, 8 Jul 2016 17:35:21 +0200

x86/mm: Enable KASLR for vmalloc memory regions

Add vmalloc to the list of randomized memory regions.

The vmalloc memory region contains the allocation made through the vmalloc()
API. The allocations are done sequentially to prevent fragmentation and
each allocation address can easily be deduced especially from boot.

Signed-off-by: Thomas Garnier 
Signed-off-by: Kees Cook 
Cc: Alexander Kuleshov 
Cc: Alexander Popov 
Cc: Andrew Morton 
Cc: Andy Lutomirski 
Cc: Aneesh Kumar K.V 
Cc: Baoquan He 
Cc: Boris Ostrovsky 
Cc: Borislav Petkov 
Cc: Borislav Petkov 
Cc: Brian Gerst 
Cc: Christian Borntraeger 
Cc: Dan Williams 
Cc: Dave Hansen 
Cc: Dave Young 
Cc: Denys Vlasenko 
Cc: Dmitry Vyukov 
Cc: H. Peter Anvin 
Cc: Jan Beulich 
Cc: Joerg Roedel 
Cc: Jonathan Corbet 
Cc: Josh Poimboeuf 
Cc: Juergen Gross 
Cc: Kirill A. Shutemov 
Cc: Linus Torvalds 
Cc: Lv Zheng 
Cc: Mark Salter 
Cc: Martin Schwidefsky 
Cc: Matt Fleming 
Cc: Peter Zijlstra 
Cc: Stephen Smalley 
Cc: Thomas Gleixner 
Cc: Toshi Kani 
Cc: Xiao Guangrong 
Cc: Yinghai Lu 
Cc: kernel-harden...@lists.openwall.com
Cc: linux-...@vger.kernel.org
Link: 
http://lkml.kernel.org/r/1466556426-32664-8-git-send-email-keesc...@chromium.org
Signed-off-by: Ingo Molnar 
---
 arch/x86/include/asm/kaslr.h|  1 +
 arch/x86/include/asm/pgtable_64_types.h | 15 +++
 arch/x86/mm/kaslr.c |  5 -
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/arch/x86/include/asm/kaslr.h b/arch/x86/include/asm/kaslr.h
index 62b1b81..2674ee3 100644
--- a/arch/x86/include/asm/kaslr.h
+++ b/arch/x86/include/asm/kaslr.h
@@ -5,6 +5,7 @@ unsigned long kaslr_get_random_long(const char *purpose);
 
 #ifdef CONFIG_RANDOMIZE_MEMORY
 extern unsigned long page_offset_base;
+extern unsigned long vmalloc_base;
 
 void kernel_randomize_memory(void);
 #else
diff --git a/arch/x86/include/asm/pgtable_64_types.h 
b/arch/x86/include/asm/pgtable_64_types.h
index e6844df..6fdef9e 100644
--- a/arch/x86/include/asm/pgtable_64_types.h
+++ b/arch/x86/include/asm/pgtable_64_types.h
@@ -5,6 +5,7 @@
 
 #ifndef __ASSEMBLY__
 #include 
+#include 
 
 /*
  * These are used to make use of C type-checking..
@@ -53,10 +54,16 @@ typedef struct { pteval_t pte; } pte_t;
 #define PGDIR_MASK (~(PGDIR_SIZE - 1))
 
 /* See Documentation/x86/x86_64/mm.txt for a description of the memory map. */
-#define MAXMEM  _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
-#define VMALLOC_START_AC(0xc900, UL)
-#define VMALLOC_END  _AC(0xe8ff, UL)
-#define VMEMMAP_START   _AC(0xea00, UL)
+#define MAXMEM _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
+#define VMALLOC_SIZE_TB_AC(32, UL)
+#define __VMALLOC_BASE _AC(0xc900, UL)
+#define VMEMMAP_START  _AC(0xea00, UL)
+#ifdef CONFIG_RANDOMIZE_MEMORY
+#define VMALLOC_START  vmalloc_base
+#else
+#define VMALLOC_START  __VMALLOC_BASE
+#endif /* CONFIG_RANDOMIZE_MEMORY */
+#define VMALLOC_END(VMALLOC_START + _AC((VMALLOC_SIZE_TB << 40) - 1, UL))
 #define MODULES_VADDR(__START_KERNEL_map + KERNEL_IMAGE_SIZE)
 #define MODULES_END  _AC(0xff00, UL)
 #define MODULES_LEN   (MODULES_END - MODULES_VADDR)
diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c
index 609ecf2..c939cfe 100644
--- a/arch/x86/mm/kaslr.c
+++ b/arch/x86/mm/kaslr.c
@@ -44,11 +44,13 @@
  * ensure that this order is correct and won't be changed.
  */
 static const unsigned long vaddr_start = __PAGE_OFFSET_BASE;
-static const unsigned long vaddr_end = VMALLOC_START;
+static const unsigned long vaddr_end = VMEMMAP_START;
 
 /* Default values */
 unsigned long page_offset_base = __PAGE_OFFSET_BASE;
 EXPORT_SYMBOL(page_offset_base);
+unsigned long vmalloc_base = __VMALLOC_BASE;
+EXPORT_SYMBOL(vmalloc_base);
 
 /*
  * Memory regions randomized by KASLR (except modules that 

[tip:x86/boot] x86/mm: Enable KASLR for vmalloc memory regions

[tip-bot for Thomas Garnier]

Commit-ID:  a95ae27c2ee1cba5f4f6b9dea43ffe88252e79b1
Gitweb: http://git.kernel.org/tip/a95ae27c2ee1cba5f4f6b9dea43ffe88252e79b1
Author: Thomas Garnier 
AuthorDate: Tue, 21 Jun 2016 17:47:04 -0700
Committer:  Ingo Molnar 
CommitDate: Fri, 8 Jul 2016 17:35:21 +0200

x86/mm: Enable KASLR for vmalloc memory regions

Add vmalloc to the list of randomized memory regions.

The vmalloc memory region contains the allocation made through the vmalloc()
API. The allocations are done sequentially to prevent fragmentation and
each allocation address can easily be deduced especially from boot.

Signed-off-by: Thomas Garnier 
Signed-off-by: Kees Cook 
Cc: Alexander Kuleshov 
Cc: Alexander Popov 
Cc: Andrew Morton 
Cc: Andy Lutomirski 
Cc: Aneesh Kumar K.V 
Cc: Baoquan He 
Cc: Boris Ostrovsky 
Cc: Borislav Petkov 
Cc: Borislav Petkov 
Cc: Brian Gerst 
Cc: Christian Borntraeger 
Cc: Dan Williams 
Cc: Dave Hansen 
Cc: Dave Young 
Cc: Denys Vlasenko 
Cc: Dmitry Vyukov 
Cc: H. Peter Anvin 
Cc: Jan Beulich 
Cc: Joerg Roedel 
Cc: Jonathan Corbet 
Cc: Josh Poimboeuf 
Cc: Juergen Gross 
Cc: Kirill A. Shutemov 
Cc: Linus Torvalds 
Cc: Lv Zheng 
Cc: Mark Salter 
Cc: Martin Schwidefsky 
Cc: Matt Fleming 
Cc: Peter Zijlstra 
Cc: Stephen Smalley 
Cc: Thomas Gleixner 
Cc: Toshi Kani 
Cc: Xiao Guangrong 
Cc: Yinghai Lu 
Cc: kernel-harden...@lists.openwall.com
Cc: linux-...@vger.kernel.org
Link: 
http://lkml.kernel.org/r/1466556426-32664-8-git-send-email-keesc...@chromium.org
Signed-off-by: Ingo Molnar 
---
 arch/x86/include/asm/kaslr.h|  1 +
 arch/x86/include/asm/pgtable_64_types.h | 15 +++
 arch/x86/mm/kaslr.c |  5 -
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/arch/x86/include/asm/kaslr.h b/arch/x86/include/asm/kaslr.h
index 62b1b81..2674ee3 100644
--- a/arch/x86/include/asm/kaslr.h
+++ b/arch/x86/include/asm/kaslr.h
@@ -5,6 +5,7 @@ unsigned long kaslr_get_random_long(const char *purpose);
 
 #ifdef CONFIG_RANDOMIZE_MEMORY
 extern unsigned long page_offset_base;
+extern unsigned long vmalloc_base;
 
 void kernel_randomize_memory(void);
 #else
diff --git a/arch/x86/include/asm/pgtable_64_types.h 
b/arch/x86/include/asm/pgtable_64_types.h
index e6844df..6fdef9e 100644
--- a/arch/x86/include/asm/pgtable_64_types.h
+++ b/arch/x86/include/asm/pgtable_64_types.h
@@ -5,6 +5,7 @@
 
 #ifndef __ASSEMBLY__
 #include 
+#include 
 
 /*
  * These are used to make use of C type-checking..
@@ -53,10 +54,16 @@ typedef struct { pteval_t pte; } pte_t;
 #define PGDIR_MASK (~(PGDIR_SIZE - 1))
 
 /* See Documentation/x86/x86_64/mm.txt for a description of the memory map. */
-#define MAXMEM  _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
-#define VMALLOC_START_AC(0xc900, UL)
-#define VMALLOC_END  _AC(0xe8ff, UL)
-#define VMEMMAP_START   _AC(0xea00, UL)
+#define MAXMEM _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
+#define VMALLOC_SIZE_TB_AC(32, UL)
+#define __VMALLOC_BASE _AC(0xc900, UL)
+#define VMEMMAP_START  _AC(0xea00, UL)
+#ifdef CONFIG_RANDOMIZE_MEMORY
+#define VMALLOC_START  vmalloc_base
+#else
+#define VMALLOC_START  __VMALLOC_BASE
+#endif /* CONFIG_RANDOMIZE_MEMORY */
+#define VMALLOC_END(VMALLOC_START + _AC((VMALLOC_SIZE_TB << 40) - 1, UL))
 #define MODULES_VADDR(__START_KERNEL_map + KERNEL_IMAGE_SIZE)
 #define MODULES_END  _AC(0xff00, UL)
 #define MODULES_LEN   (MODULES_END - MODULES_VADDR)
diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c
index 609ecf2..c939cfe 100644
--- a/arch/x86/mm/kaslr.c
+++ b/arch/x86/mm/kaslr.c
@@ -44,11 +44,13 @@
  * ensure that this order is correct and won't be changed.
  */
 static const unsigned long vaddr_start = __PAGE_OFFSET_BASE;
-static const unsigned long vaddr_end = VMALLOC_START;
+static const unsigned long vaddr_end = VMEMMAP_START;
 
 /* Default values */
 unsigned long page_offset_base = __PAGE_OFFSET_BASE;
 EXPORT_SYMBOL(page_offset_base);
+unsigned long vmalloc_base = __VMALLOC_BASE;
+EXPORT_SYMBOL(vmalloc_base);
 
 /*
  * Memory regions randomized by KASLR (except modules that use a separate logic
@@ -60,6 +62,7 @@ static __initdata struct kaslr_memory_region {
unsigned long size_tb;
 } kaslr_regions[] = {
{ _offset_base, 64/* Maximum */ },
+   { _base, VMALLOC_SIZE_TB },
 };
 
 /* Get size in bytes used by the memory region */