| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180911075946.GA97454@gmail.com>
Date: Tue, 11 Sep 2018 09:59:46 +0200
From: Ingo Molnar <mingo@...nel.org>
To: Baoquan He <bhe@...hat.com>
Cc: tglx@...utronix.de, hpa@...or.com, thgarnie@...gle.com,
kirill.shutemov@...ux.intel.com, x86@...nel.org,
linux-kernel@...r.kernel.org,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH v2 2/3] x86/mm/KASLR: Calculate the actual size of
vmemmap region
* Baoquan He <bhe@...hat.com> wrote:
> /*
> + * Memory regions randomized by KASLR (except modules that use a separate
> + * logic earlier during boot). Currently they are the physical memory
> + * mapping, vmalloc and vmemmap regions, are ordered based on virtual
> + * addresses. The order is kept after randomization.
> + *
> + * @base: points to various global variables used by the MM to get the
> + * virtual base address of the above regions, which base addresses can
> + * thus be modified by the very early KASLR code to dynamically shape
> + * the virtual memory layout of these kernel memory regions on a per
> + * bootup basis.
> + *
> + * @size_tb: size in TB of each memory region. Thereinto, the size of
> + * the physical memory mapping region is variable, calculated according
> + * to the actual size of system RAM in order to save more space for
> + * randomization. The rest are fixed values related to paging mode.
> */
> static __initdata struct kaslr_memory_region {
> unsigned long *base;
LGTM mostly, except the @size_tb field, see my comments further below.
Here's an edited version:
/*
* 'struct kasl_memory_region' entries represent continuous chunks of
* kernel virtual memory regions, to be randomized by KASLR.
*
* ( The exception is the module space virtual memory window which
* uses separate logic earlier during bootup. )
*
* Currently there are three such regions: the physical memory mapping,
* vmalloc and vmemmap regions.
*
* The array below has the entries ordered based on virtual addresses.
* The order is kept after randomization, i.e. the randomized
* virtual addresses of these regions are still ascending.
*
* Here are the fields:
*
* @base: points to a global variable used by the MM to get the
* virtual base address of any of the above regions. This allows the
* early KASLR code to modify these base addresses early during bootup,
* on a per bootup basis, without the MM code even being aware of whether
* it got changed and to what value.
*
* When KASLR is active then the MM code makes sure that for each region
* there's such a single, dynamic, global base address 'unsigned long'
* variable available for the KASLR code to point to and modify directly:
*
* { &page_offset_base, 0 },
* { &vmalloc_base, 0 },
* { &vmemmap_base, 1 },
*
* @size_tb: size in TB of each memory region. Thereinto, the size of
* the physical memory mapping region is variable, calculated according
* to the actual size of system RAM in order to save more space for
* randomization. The rest are fixed values related to paging mode.
*/
The role of @size_tb is still murky to me. What is it telling us?
Maximum virtual memory range to randomize into? Why does this depend
on system RAM at all - aren't these all virtual addresses in a 64-bit
(well, 48-bit or 56-bit) address ranges?
I could read the code to figure this out, but the comment should already
explain this and it doesn't.
Thanks,
Ingo
Powered by blists - more mailing lists