lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180904081314.gdhm55qchhl5irmv@kshutemo-mobl1>
Date:   Tue, 4 Sep 2018 11:13:14 +0300
From:   "Kirill A. Shutemov" <kirill@...temov.name>
To:     Baoquan He <bhe@...hat.com>
Cc:     tglx@...utronix.de, mingo@...nel.org, hpa@...or.com,
        thgarnie@...gle.com, kirill.shutemov@...ux.intel.com,
        x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] x86/mm/KASLR: Adjust the vmemmap size according to
 paging mode

On Mon, Sep 03, 2018 at 10:52:13PM +0800, Baoquan He wrote:
> On 09/03/18 at 01:26pm, Kirill A. Shutemov wrote:
> > On Mon, Sep 03, 2018 at 03:47:18PM +0800, Baoquan He wrote:
> > > On 09/02/18 at 11:52pm, Kirill A. Shutemov wrote:
> > > > On Thu, Aug 30, 2018 at 11:25:12PM +0800, Baoquan He wrote:
> > > > > Hi Kirill,
> > > > > 
> > > > > I made a new version according to your suggestion, just a little
> > > > > different, I didn't make 1TB as default, just calculate with the actual
> > > > > size, then align up to 1TB boundary.  Just found kcore is printing more
> > > > > entries than before, I thought it's caused by my code, later got it was
> > > > > touchde by other people.
> > > > > 
> > > > > Any comment about this? I can change accordingly.
> > > > 
> > > > Looks good to me.
> > > > 
> > > > But there's corner case when struct page is unreasonably large and
> > > > vmemmap_size will be way to large. We probably have to report an error if
> > > > we cannot fit vmemmap properly into virtual memory layout.
> > > 
> > > Hmm, sizeof(struct page) can't exceed one whole page surely, otherwise
> > > system bootup can't go over vmemmap initlization. Except of this, we may
> > > need think about the virtual memory layout which vmemmap can be allowed
> > > to occupy.
> > > 
> > > If KASAN enabled, KASLR disabled,
> > > 4-level 1TB + 1TB hole (2TB)
> > > 5-level 512TB + 2034TB hole (2.5PB)
> > > 
> > > If KASAN disabled, KASLR enabled,
> > > 4-level 1TB + 1TB hole + 16TB  (18TB)
> > > 5-level 512TB + 2034TB hole + 8PB (10.5PB)
> > > 
> > > So, as you can see, if add check in memory KASLR code, we should only
> > > consider KASLR enabled case. We possibly don't need to worry about
> > > 5-level case since the size 10.5PB is even bigger than the maximum
> > > physical RAM mapping size. For 4-level, 18TB align to multiples of 2, it
> > > will be 32 times of the current 1TB, then we usually assume 64 as the
> > > default value of sizeof(struct page), then 64*32 == 1024. So we can add
> > > check like this, what do you think? Or any other idea?
> > 
> > Looks reasonable to me.
> > 
> > But I would have the BUILD_BUG_ON() in generic code. If you struct page is
> > more than 1/4 of PAGE_SIZE something is horribly broken.
> 
> Just the 1/4 of PAGE_SIZE is based on analysis of KASLR case. If
> non-KASLR case, it may not be that value.

Even if it technically possible to have struct page larger than
PAGE_SIZE/4, it's just insane.

> Not sure if it's OK to put it in generic code, and haven't thought of a
> good place, maybe in setup_arch(), just at the beginning?

I don't see an obvious place too. Maybe free_area_init_nodes()?

-- 
 Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ