lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Nov 2017 19:31:59 +0800 From: Chao Fan <fanc.fnst@...fujitsu.com> To: <linux-kernel@...r.kernel.org>, <x86@...nel.org>, <hpa@...or.com>, <tglx@...utronix.de>, <mingo@...hat.com>, <bhe@...hat.com>, <keescook@...omium.org>, <yasu.isimatu@...il.com> CC: <indou.takao@...fujitsu.com>, <caoj.fnst@...fujitsu.com>, <douly.fnst@...fujitsu.com>, Chao Fan <fanc.fnst@...fujitsu.com> Subject: [PATCH v2 0/4] kaslr: extend movable_node to movable_node=nn[KMG]@ss[KMG] Here is a problem: Here is a machine with several NUMA nodes and some of them are hot-pluggable. It's not good for kernel to be extracted in the memory region of movable node. But in current code, I print the address chosen by kaslr and found it may be placed in movable node sometimes. To solve this problem, it's better to limit the memory region chosen by kaslr to immovable node in kaslr.c. But the memory information about if it's hot-pluggable is stored in ACPI SRAT table, which is parsed after kernel is extracted. So we can't get the detail memory information before extracting kernel. So extend the movable_node to movable_node=nn@ss, in which nn means the size of memory in *immovable* node, and ss means the start position of this memory region. Then limit kaslr choose memory in these regions. There are two policies: 1. Specify the memory region in *movable* node to avoid: Then we can use the existing mem_avoid to handle. But if the memory on movable node was separated by memory hole or different movable nodes are discontinuous, we don't know how many regions need to avoid. OTOH, we must avoid all of the movable memory, otherwise, kaslr may choose the wrong place. 2. Specify the memory region in *immovable* node to select: Only support 4 regions in this parameter. Then user can use two nodes at least for kaslr to choose, it's enough for the kernel to extract. At the same time, because we need only 4 new mem_vector, the usage of memory here is not too big. So I think this way is better, and this patchset is based on this policy. PATCH 1/4 parse the extended movable_node=nn[KMG]@ss[KMG], then store the memory regions. PATCH 2/4 select the memory region in immovable node when process memmap. PATCH 3/4 add document. PATCH 4/4 cleans up some little problems. v1->v2: Follow Dou's suggestion: - Add the parse for movable_node=nn[KMG] without @ss[KMG] - Fix the bug for more than one "movable_node=" specified - Drop useless variables and use mem_vector region directely - Add more comments. Chao Fan (4): kaslr: parse the extended movable_node=nn[KMG]@ss[KMG] kaslr: select the memory region in immovable node to process document: change the document for the extended movable_node kaslr: clean up a useless variable and some usless space Documentation/admin-guide/kernel-parameters.txt | 9 ++ arch/x86/boot/compressed/kaslr.c | 141 ++++++++++++++++++++++-- 2 files changed, 138 insertions(+), 12 deletions(-) -- 2.13.6
Powered by blists - more mailing lists