lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <56AA13D6.20808@redhat.com>
Date:	Thu, 28 Jan 2016 21:12:54 +0800
From:	Xunlei Pang <xpang@...hat.com>
To:	Michael Holzheu <holzheu@...ux.vnet.ibm.com>, xlpang@...hat.com
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	linux-s390@...r.kernel.org,
	Dmitry Safonov <dsafonov@...tuozzo.com>,
	heiko.carstens@...ibm.com, linux-kernel@...r.kernel.org,
	ebiederm@...ssion.com, 0x7f454c46@...il.com,
	schwidefsky@...ibm.com, dyoung@...hat.com,
	kexec@...ts.infradead.org
Subject: Re: [PATCH] kexec: unmap reserved pages for each error-return way

On 2016/01/28 at 20:44, Michael Holzheu wrote:
> On Thu, 28 Jan 2016 19:56:56 +0800
> Xunlei Pang <xpang@...hat.com> wrote:
>
>> On 2016/01/28 at 18:32, Michael Holzheu wrote:
>>> On Wed, 27 Jan 2016 11:15:46 -0800
>>> Andrew Morton <akpm@...ux-foundation.org> wrote:
>>>
>>>> On Wed, 27 Jan 2016 14:48:31 +0300 Dmitry Safonov <dsafonov@...tuozzo.com> wrote:
>>>>
>>>>> For allocation of kimage failure or kexec_prepare or load segments
>>>>> errors there is no need to keep crashkernel memory mapped.
>>>>> It will affect only s390 as map/unmap hook defined only for it.
>>>>> As on unmap s390 also changes os_info structure let's check return code
>>>>> and add info only on success.
>>>>>
>>>> This conflicts (both mechanically and somewhat conceptually) with
>>>> Xunlei Pang's "kexec: Introduce a protection mechanism for the
>>>> crashkernel reserved memory" and "kexec: provide
>>>> arch_kexec_protect(unprotect)_crashkres()".
>>>>
>>>> http://ozlabs.org/~akpm/mmots/broken-out/kexec-introduce-a-protection-mechanism-for-the-crashkernel-reserved-memory.patch
>>>> http://ozlabs.org/~akpm/mmots/broken-out/kexec-introduce-a-protection-mechanism-for-the-crashkernel-reserved-memory-v4.patch
>>>>
>>>> and
>>>>
>>>> http://ozlabs.org/~akpm/mmots/broken-out/kexec-provide-arch_kexec_protectunprotect_crashkres.patch
>>>> http://ozlabs.org/~akpm/mmots/broken-out/kexec-provide-arch_kexec_protectunprotect_crashkres-v4.patch
>>> Hmm, It looks to me that arch_kexec_(un)protect_crashkres() has exactly
>>> the same semantics as crash_(un)map_reserved_pages().
>>>
>>> On s390 we don't have the crashkernel memory mapped and therefore need
>>> crash_map_reserved_pages() before loading something into crashkernel
>>> memory.
>> I don't know s390, just curious, if s390 doesn't have crash kernel memory mapped,
>> what's the purpose of the commit(558df7209e)  for s390 as the reserved crash memory
>> with no kernel mapping already means the protection is on?
> When we reserve crashkernel memory on s390 ("crashkernel=" kernel parameter),
> we create a memory hole without page tables.
>
> Commit (558df7209e) was necessary to load a kernel/ramdisk into
> the memory hole with the kexec() system call.
>
> We create a temporary mapping with crash_map_reserved_pages(), then
> copy the kernel/ramdisk and finally remove the mapping again
> via crash_unmap_reserved_pages().

Thanks for the explanation.
So, on s390 the physical memory address has the same value as its kernel virtual address,
and kmap() actually returns the value of the physical address of the page, right?

>
> We did that all in order to protect the preloaded kernel and ramdisk.
>
> I forgot the details why commit(558df7209e) wasn't necessary before.
> AFAIK it became necessary because of some kdump (mmap?) rework.

Uh, this is indeed strange.

Regards,
Xunlei

>
> Michael
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ