[PATCH v2 0/2] KVM: arm64: Prevent kmemleak from accessing HYP data
Marc Zyngier
maz at kernel.org
Mon Aug 2 05:38:28 PDT 2021
This is a rework of the patch previously posted at [1].
The gist of the problem is that kmemleak can legitimately access data
that has been removed from the kernel view, for two reasons:
(1) .hyp.rodata is lumped together with the BSS
(2) there is no separation of the HYP BSS from the kernel BSS
(1) can easily be addressed by moving the .hyp.rodata section into the
kernel's RO zone, which avoids any kmemleak into that section.
(2) must be addressed by telling kmemleak about the address range.
Tested on a SC2A11 system, in protected and non-protected modes with
kmemleak active. Both patches are stable candidates.
[1] https://lore.kernel.org/r/20210729135016.3037277-1-maz@kernel.org
Marc Zyngier (2):
arm64: Move .hyp.rodata outside of the _sdata.._edata range
KVM: arm64: Unregister HYP sections from kmemleak in protected mode
arch/arm64/kernel/vmlinux.lds.S | 4 ++--
arch/arm64/kvm/arm.c | 7 +++++++
2 files changed, 9 insertions(+), 2 deletions(-)
--
2.30.2
More information about the linux-arm-kernel
mailing list