lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180827053507.GA1748@MiWiFi-R3L-srv>
Date:   Mon, 27 Aug 2018 13:35:07 +0800
From:   Baoquan He <bhe@...hat.com>
To:     Chao Fan <fanc.fnst@...fujitsu.com>
Cc:     tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        x86@...nel.org, linux-kernel@...r.kernel.org,
        keescook@...omium.org, n-horiguchi@...jp.nec.com,
        indou.takao@...fujitsu.com, caoj.fnst@...fujitsu.com,
        douly.fnst@...fujitsu.com
Subject: Re: [PATCH v5 4/4] x86/boot/KASLR: Limit kaslr to choosing the
 immovable memory

On 08/07/18 at 02:50pm, Chao Fan wrote:
> If 'CONFIG_MEMORY_HOTREMOVE' specified and the account of immovable
> memory regions is not zero. Calculate the intersection between memory
> regions from e820/efi memory table and immovable memory regions.
> Or go on the old code.
> 
> Rename process_mem_region to slots_count to match slots_fetch_random,
> and name new function as process_mem_region.
> 
> Signed-off-by: Chao Fan <fanc.fnst@...fujitsu.com>
> ---
>  arch/x86/boot/compressed/kaslr.c | 66 ++++++++++++++++++++++++++------
>  1 file changed, 55 insertions(+), 11 deletions(-)
> 
> diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
> index 720878f967a3..9c6e24a23a2d 100644
> --- a/arch/x86/boot/compressed/kaslr.c
> +++ b/arch/x86/boot/compressed/kaslr.c
> @@ -635,9 +635,9 @@ static unsigned long slots_fetch_random(void)
>  	return 0;
>  }
>  
> -static void process_mem_region(struct mem_vector *entry,
> -			       unsigned long minimum,
> -			       unsigned long image_size)
> +static void slots_count(struct mem_vector *entry,
> +			unsigned long minimum,
> +			unsigned long image_size)
>  {
>  	struct mem_vector region, overlap;
>  	struct slot_area slot_area;
> @@ -714,6 +714,56 @@ static void process_mem_region(struct mem_vector *entry,
>  	}
>  }
>  
> +static bool process_mem_region(struct mem_vector *region,
> +			       unsigned long long minimum,
> +			       unsigned long long image_size)
> +{
> +#ifdef CONFIG_MEMORY_HOTREMOVE
> +	/*
> +	 * If immovable memory found, filter the intersection between
> +	 * immovable memory and region to slots_count.
> +	 * Otherwise, go on old code.
> +	 */
> +	if (num_immovable_mem > 0) {

Is it possible to take num_immovable_mem out from the #ifdef
CONFIG_MEMORY_HOTREMOVE region so that you can check it earlier to see
if the old way need be taken? This way, we can reduce one level of
indentation in the for loop. Just personal thought.

static bool process_mem_region(struct mem_vector *region,
                            unsigned long long minimum,
                            unsigned long long image_size)
{
	if (!num_immovable_mem) {
		slots_count(region, minimum, image_size);
		
		if (slot_area_index == MAX_SLOT_AREA) {
			debug_putstr("Aborted e820/efi memmap scan (slot_areas full)!\n");
			return 1;
		}
		return 0;
	}


#ifdef CONFIG_MEMORY_HOTREMOVE
	for (i = 0; i < num_immovable_mem; i++) {
		......
	}
#endif
}

> +		int i;
> +
> +		for (i = 0; i < num_immovable_mem; i++) {
> +			struct mem_vector entry;
> +			unsigned long long start, end, entry_end, region_end;
> +
> +			start = immovable_mem[i].start;
> +			end = start + immovable_mem[i].size;
> +			region_end = region->start + region->size;
> +
> +			entry.start = clamp(region->start, start, end);
> +			entry_end = clamp(region_end, start, end);
> +
> +			if (entry.start + image_size < entry_end) {
> +				entry.size = entry_end - entry.start;
> +				slots_count(&entry, minimum, image_size);
> +
> +				if (slot_area_index == MAX_SLOT_AREA) {
> +					debug_putstr("Aborted e820/efi memmap scan (slot_areas full)!\n");
> +					return 1;
> +				}
> +			}
> +		}
> +		return 0;
> +	}
> +#endif
> +	/*
> +	 * If no immovable memory found, or MEMORY_HOTREMOVE disabled,
> +	 * walk all the regions, so use region directely.
> +	 */
> +	slots_count(region, minimum, image_size);
> +
> +	if (slot_area_index == MAX_SLOT_AREA) {
> +		debug_putstr("Aborted e820/efi memmap scan (slot_areas full)!\n");
> +		return 1;
> +	}
> +	return 0;
> +}
> +
>  #ifdef CONFIG_EFI
>  /*
>   * Returns true if mirror region found (and must have been processed
> @@ -779,11 +829,8 @@ process_efi_entries(unsigned long minimum, unsigned long image_size)
>  
>  		region.start = md->phys_addr;
>  		region.size = md->num_pages << EFI_PAGE_SHIFT;
> -		process_mem_region(&region, minimum, image_size);
> -		if (slot_area_index == MAX_SLOT_AREA) {
> -			debug_putstr("Aborted EFI scan (slot_areas full)!\n");
> +		if (process_mem_region(&region, minimum, image_size))
>  			break;
> -		}
>  	}
>  	return true;
>  }
> @@ -810,11 +857,8 @@ static void process_e820_entries(unsigned long minimum,
>  			continue;
>  		region.start = entry->addr;
>  		region.size = entry->size;
> -		process_mem_region(&region, minimum, image_size);
> -		if (slot_area_index == MAX_SLOT_AREA) {
> -			debug_putstr("Aborted e820 scan (slot_areas full)!\n");
> +		if (process_mem_region(&region, minimum, image_size))
>  			break;
> -		}
>  	}
>  }
>  
> -- 
> 2.17.1
> 
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ