-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support CONFIG_RANDOMIZE_BASE=y #4828
Conversation
847a622
to
c05ba08
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files
|
CONFIG_RANDOMIZE_BASE does not work for kernel modules since we subtract vmlinux's kaslr_offset() from modules as well, right?
Why do we need this? This will increase size of all these objects that embed KernelModule by value. |
There was a recent change to getModuleTextAddr, so the modules offsets are pulled directly from /sys/module which already includes the offset. This change included removing the kaslr offset in |
Fixed to use ptr only |
Right, there are two kinds of offset for modules:
|
Do we remove kaslr offset from module address twice now? Overall it's hard to move forward with you PRs because they mix lots of different fixes, large refactorings, and performance optimizations, and individual commit don't have any explanation. For example this one: This one: This commit: The KernelModule pointer refactorting also seems to be unrelated to the rest, I can't understand reasons behind it, and it just makes progressing with the rest of PR more difficult. |
let me see if I can split it into several smaller PRs. |
6f9030e
to
7c70de3
Compare
@dvyukov updated, pls check again. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Otherwise looks good to me.
Thanks for splitting other changes from this PR, it now looks much simpler.
Module size from /proc/modules is bigger than that from .text size in elf.
All gvisor instances started failing with:
|
Sent #4974 |
@@ -318,6 +318,10 @@ func generateReport(t *testing.T, target *targets.Target, test *Test) (*reports, | |||
}, | |||
}, | |||
} | |||
modules, err := backend.DiscoverModules(cfg.SysTarget, cfg.KernelObj, cfg.ModuleObj) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change broke syzkaller for gVisor:
2024/07/03 22:52:34 serving http on http://:8888
2024/07/03 22:52:34 [FATAL] failed to create rpc server: open vmlinux: no such file or directory
The current implementation doesn't work well when CONFIG_RANDOMIZE_BASE enabled.
Taken some arm64 devices for example:
kaslr_offset is diff at bits 12-40, and kernel modules are loaded at 2GB space,
so we have
ffffffd342e10000 T _stext
where uppper 32bit is ffffffd3. However,if we check modules range, the 1st module is loaded at 0xffffffd2eeb2a000,
while the last module is loaded at 0xffffffd2f42c4000.
We can see the upper 32bits are diff for core kernel and modules.
If we use current 32bits for covered PC, we will get wrong module address
recovered, which uses pcBase from core kernel + lower 32bits offset.
So we need to move to 64bit cover and signal.
Besides, there are some other fixes and improvement in the PR to align with the 64bits support: