| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 Feb 2017 20:54:34 +0800
From: Baoquan He <bhe@...hat.com>
To: tglx@...utronix.de, hpa@...or.com, mingo@...hat.com
Cc: linux-kernel@...r.kernel.org, x86@...nel.org,
keescook@...omium.org, yinghai@...nel.org, bp@...e.de,
anderson@...hat.com, luto@...nel.org, thgarnie@...gle.com,
kuleshovmail@...il.com, Baoquan He <bhe@...hat.com>
Subject: [PATCH v4 0/3] x86/64/KASLR: Change kernel mapping size to 1G unconditionally
This is v4 post.
In the previous 3 versions I tried to detect and determine kernel image
mapping size at runtime for x86_64. With this the inconsistency between
KASLR code is not compiled in by disabling CONFIG_RANDOMIZE_BASE and
KASLR code is compiled in but add 'nokaslr' kernel option can be fixed.
When review v3 Boris suggested we should change kernel mapping size to
1G directly, but not an option. Kees explained he made kernel mapping
size as an option mainly because he woried about kernel module space.
He said it wasn't clear to him at the time if enough space remained for
modules in all use-cases. Then Boris pointed out that practically kaslr
will be enabled on the majority of the systems anyway, and the reduction
of kernel modules mapping space has been there for a while now, if so we
probably whould've heard complaints already. Kees agreed.
So in this version of post change kernel mapping size of x86 64 to 1G
as Boris suggested. Then the inconsistency will naturally disappear.
And I still keep patch 1/3 which introduces the new constant
KERNEL_MAPPING_SIZE. And let KERNEL_IMAGE_SIZE stay for restricting kernel
image size during linking stage.
v3->v4:
Change kernel mapping size to 1G unconditionally as Boris suggested.
v2->v3:
Boris pointed out patch log is not good for reviewing and understanding.
So split the old patch 2/2 into 2 parts and rewrite the patch log,
patch 2/3 is introducing the new constant KERNEL_MAPPING_SIZE which
differs from the old KERNEL_IMAGE_SIZE, patch 3/3 gets the kernel mapping
size at runtime.
v1->v2:
Kbuild test threw build warning because of code bug.
Baoquan He (3):
x86: Introduce a new constant KERNEL_MAPPING_SIZE
x86/64/KASLR: Change kernel mapping size to 1G unconditionally
x86/64/doc: Update the ranges of kernel text and modules mapping
Documentation/x86/x86_64/mm.txt | 4 ++--
arch/x86/boot/compressed/kaslr.c | 10 +++++-----
arch/x86/include/asm/page_32_types.h | 6 ++++++
arch/x86/include/asm/page_64_types.h | 17 ++++++++---------
arch/x86/include/asm/pgtable_64_types.h | 2 +-
arch/x86/kernel/head64.c | 4 ++--
arch/x86/kernel/head_64.S | 12 +++++-------
arch/x86/kernel/machine_kexec_64.c | 2 +-
arch/x86/mm/init_64.c | 2 +-
arch/x86/mm/physaddr.c | 6 +++---
10 files changed, 34 insertions(+), 31 deletions(-)
--
2.5.5
Powered by blists - more mailing lists