On Fri, 2023-06-16 at 11:50 +0300, Mike Rapoport wrote:
> -void *module_alloc(unsigned long size)
> -{
> - gfp_t gfp_mask = GFP_KERNEL;
> - void *p;
> -
> - if (PAGE_ALIGN(size) > MODULES_LEN)
> - return NULL;
> +static struct execmem_params execmem_params = {
> + .modules = {
> + .flags = EXECMEM_KASAN_SHADOW,
> + .text = {
> + .alignment = MODULE_ALIGN,
> + },
> + },
> +};
Did you consider making these execmem_params's ro_after_init? Not that
it is security sensitive, but it's a nice hint to the reader that it is
only modified at init. And I guess basically free sanitizing of buggy
writes to it.
>
> - p = __vmalloc_node_range(size, MODULE_ALIGN,
> - MODULES_VADDR +
> get_module_load_offset(),
> - MODULES_END, gfp_mask, PAGE_KERNEL,
> - VM_FLUSH_RESET_PERMS |
> VM_DEFER_KMEMLEAK,
> - NUMA_NO_NODE,
> __builtin_return_address(0));
> +struct execmem_params __init *execmem_arch_params(void)
> +{
> + unsigned long start = MODULES_VADDR +
> get_module_load_offset();
I think we can drop the mutex's in get_module_load_offset() now, since
execmem_arch_params() should only be called once at init.
>
> - if (p && (kasan_alloc_module_shadow(p, size, gfp_mask) < 0))
> {
> - vfree(p);
> - return NULL;
> - }
> + execmem_params.modules.text.start = start;
> + execmem_params.modules.text.end = MODULES_END;
> + execmem_params.modules.text.pgprot = PAGE_KERNEL;
>
> - return p;
> + return &execmem_params;
> }
>
