[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160108152738.GG16432@e104818-lin.cambridge.arm.com>
Date: Fri, 8 Jan 2016 15:27:38 +0000
From: Catalin Marinas <catalin.marinas@....com>
To: Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc: linux-arm-kernel@...ts.infradead.org,
kernel-hardening@...ts.openwall.com, will.deacon@....com,
mark.rutland@....com, leif.lindholm@...aro.org,
keescook@...omium.org, linux-kernel@...r.kernel.org, arnd@...db.de,
bhupesh.sharma@...escale.com, stuart.yoder@...escale.com,
marc.zyngier@....com, christoffer.dall@...aro.org
Subject: Re: [PATCH v2 11/13] arm64: allow kernel Image to be loaded anywhere
in physical memory
On Wed, Dec 30, 2015 at 04:26:10PM +0100, Ard Biesheuvel wrote:
> +static void __init enforce_memory_limit(void)
> +{
> + const phys_addr_t kbase = round_down(__pa(_text), MIN_KIMG_ALIGN);
> + u64 to_remove = memblock_phys_mem_size() - memory_limit;
> + phys_addr_t max_addr = 0;
> + struct memblock_region *r;
> +
> + if (memory_limit == (phys_addr_t)ULLONG_MAX)
> + return;
> +
> + /*
> + * The kernel may be high up in physical memory, so try to apply the
> + * limit below the kernel first, and only let the generic handling
> + * take over if it turns out we haven't clipped enough memory yet.
> + */
> + for_each_memblock(memory, r) {
> + if (r->base + r->size > kbase) {
> + u64 rem = min(to_remove, kbase - r->base);
> +
> + max_addr = r->base + rem;
> + to_remove -= rem;
> + break;
> + }
> + if (to_remove <= r->size) {
> + max_addr = r->base + to_remove;
> + to_remove = 0;
> + break;
> + }
> + to_remove -= r->size;
> + }
> +
> + memblock_remove(0, max_addr);
> +
> + if (to_remove)
> + memblock_enforce_memory_limit(memory_limit);
> +}
IIUC, this is changing the user expectations a bit. There are people
using the mem= limit to hijack some top of the RAM for other needs
(though they could do it in a saner way like changing the DT memory
nodes). Your patch first tries to remove the memory below the kernel
image and only remove the top if additional limitation is necessary.
Can you not remove memory from the top and block the limit if it goes
below the end of the kernel image, with some warning that memory limit
was not entirely fulfilled?
--
Catalin
Powered by blists - more mailing lists