lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 18 Dec 2017 15:37:53 +0100
From:   Borislav Petkov <>
To:     Baoquan He <>
Cc:     Jiri Bohac <>, Toshi Kani <>,
        David Airlie <>,
        Dave Young <>,,,,
        Ingo Molnar <>,
        "H. Peter Anvin" <>,
        Bjorn Helgaas <>,
        Thomas Gleixner <>,,
        Vivek Goyal <>
Subject: Re: [PATCH v2] x86/kexec: Exclude GART aperture from vmcore

On Mon, Dec 18, 2017 at 09:47:36PM +0800, Baoquan He wrote:
>                 pr_info("Your BIOS doesn't leave an aperture memory hole\n");
>                 pr_info("Please enable the IOMMU option in the BIOS setup\n");
>                 pr_info("This costs you %dMB of RAM\n",
>                         32 << fallback_aper_order);
> 	...
> }

There are BIOSen where there's not even an IOMMU option to enable in the
first place. So forget fixing the firmware.

> Previously people added gart region to iomem to notice that even though
> there's ram mapped, while it's occupied by gart, please don't dump it.
> Later it's reverted commit 707d4eefbdb3 ("Revert [PATCH] Insert GART
> region into resource map").

Yes, I read Jiri's commit message, TYVM.

> The other is not to tell kdump kernel that there's ram mapped into the
> region. In the mail I replied to Jiri's v1 post, I meant the 2nd way.
> Remove the ram region occupied by gart from iomem, then kdump kernel
> won't see it and won't dump it.

That's the wrong approach. Because this way you're lying in iomem about
the layout by hiding the gart range.

What needs to happen is to *exclude* the region from the dumping side
only, so that it doesn't touch it. Because the second kernel still needs
to show a *correct* iomem ranges list. Imagine someone looks at it
during debugging...

So I think Jiri's approach is the right thing to do.


Good mailing practices for 400: avoid top-posting and trim the reply.

Powered by blists - more mailing lists