| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20190106062733.GA3728@rapoport-lnx>
Date: Sun, 6 Jan 2019 08:27:34 +0200
From: Mike Rapoport <rppt@...ux.ibm.com>
To: Baoquan He <bhe@...hat.com>
Cc: Tejun Heo <tj@...nel.org>, Pingfan Liu <kernelfans@...il.com>,
linux-acpi@...r.kernel.org, linux-mm@...ck.org,
kexec@...ts.infradead.org, Tang Chen <tangchen@...fujitsu.com>,
"Rafael J. Wysocki" <rjw@...ysocki.net>,
Len Brown <lenb@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Mike Rapoport <rppt@...ux.vnet.ibm.com>,
Michal Hocko <mhocko@...e.com>,
Jonathan Corbet <corbet@....net>,
Yaowei Bai <baiyaowei@...s.chinamobile.com>,
Pavel Tatashin <pasha.tatashin@...cle.com>,
Nicholas Piggin <npiggin@...il.com>,
Naoya Horiguchi <n-horiguchi@...jp.nec.com>,
Daniel Vacek <neelx@...hat.com>,
Mathieu Malaterre <malat@...ian.org>,
Stefan Agner <stefan@...er.ch>, Dave Young <dyoung@...hat.com>,
yinghai@...nel.org, vgoyal@...hat.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCHv3 1/2] mm/memblock: extend the limit inferior of
bottom-up after parsing hotplug attr
On Sat, Jan 05, 2019 at 11:44:50AM +0800, Baoquan He wrote:
> On 01/04/19 at 05:09pm, Mike Rapoport wrote:
> > On Thu, Jan 03, 2019 at 10:47:06AM -0800, Tejun Heo wrote:
> > > Hello,
> > >
> > > On Wed, Jan 02, 2019 at 07:05:38PM +0200, Mike Rapoport wrote:
> > > > I agree that currently the bottom-up allocation after the kernel text has
> > > > issues with KASLR. But this issues are not necessarily related to the
> > > > memory hotplug. Even with a single memory node, a bottom-up allocation will
> > > > fail if KASLR would put the kernel near the end of node0.
> > > >
> > > > What I am trying to understand is whether there is a fundamental reason to
> > > > prevent allocations from [0, kernel_start)?
> > > >
> > > > Maybe Tejun can recall why he suggested to start bottom-up allocations from
> > > > kernel_end.
> > >
> > > That's from 79442ed189ac ("mm/memblock.c: introduce bottom-up
> > > allocation mode"). I wasn't involved in that patch, so no idea why
> > > the restrictions were added, but FWIW it doesn't seem necessary to me.
> >
> > I should have added the reference [1] at the first place :)
> > Thanks!
> >
> > [1] https://lore.kernel.org/lkml/20130904192215.GG26609@mtj.dyndns.org/
>
> With my understanding, we may not be able to discard the bottom-up
> method for the current kernel. It's related to hotplug feature when
> 'movable_node' kernel parameter is specified. With 'movable_node',
> system relies on reading hotplug information from firmware, on x86 it's
> acpi SRAT table. In the current system, we allocate memblock region
> top-down by default. However, before that hotplug information retrieving,
> there are several places of memblock allocating, top-down memblock
> allocation must break hotplug feature since it will allocate kernel data
> in movable zone which is usually at the end node on bare metal system.
I do not suggest to discard the bottom-up method, I merely suggest to allow
it to use [0, kernel_start).
> This bottom-up way is taken on many ARCHes, it works well on system if
> KASLR is not enabled. Below is the searching result in the current linux
> kernel, we can see that all ARCHes have this mechanism, except of
> arm/arm64. But now only arm64/mips/x86 have KASLR.
>
> W/o KASLR, allocating memblock region above kernle end when hotplug info
> is not parsed, looks very reasonable. Since kernel is usually put at
> lower address, e.g on x86, it's 16M. My thought is that we need do
> memblock allocation around kernel before hotplug info parsed. That is
> for system w/o KASLR, we will keep the current bottom-up way; for system
> with KASLR, we should allocate memblock region top-down just below
> kernel start.
I completely agree. I was thinking about making
memblock_find_in_range_node() to do something like
if (memblock_bottom_up()) {
bottom_up_start = max(start, kernel_end);
ret = __memblock_find_range_bottom_up(bottom_up_start, end,
size, align, nid, flags);
if (ret)
return ret;
bottom_up_start = max(start, 0);
end = kernel_start;
ret = __memblock_find_range_top_down(bottom_up_start, end,
size, align, nid, flags);
if (ret)
return ret;
}
> This issue must break hotplug, just because currently bare metal system
> need add 'nokaslr' to disable KASLR since another bug fix is under
> discussion as below, so this issue is covered up.
>
> [PATCH v14 0/5] x86/boot/KASLR: Parse ACPI table and limit KASLR to choosing immovable memory
> lkml.kernel.org/r/20181214093013.13370-1-fanc.fnst@...fujitsu.com
>
> [~ ]$ git grep memblock_set_bottom_up
> arch/alpha/kernel/setup.c: memblock_set_bottom_up(true);
> arch/m68k/mm/motorola.c: memblock_set_bottom_up(true);
> arch/mips/kernel/setup.c: memblock_set_bottom_up(true);
> arch/mips/kernel/traps.c: memblock_set_bottom_up(false);
> arch/nds32/kernel/setup.c: memblock_set_bottom_up(true);
> arch/powerpc/kernel/paca.c: memblock_set_bottom_up(true);
> arch/powerpc/kernel/paca.c: memblock_set_bottom_up(false);
> arch/s390/kernel/setup.c: memblock_set_bottom_up(true);
> arch/s390/kernel/setup.c: memblock_set_bottom_up(false);
> arch/sparc/mm/init_32.c: memblock_set_bottom_up(true);
> arch/x86/kernel/setup.c: memblock_set_bottom_up(true);
> arch/x86/mm/numa.c: memblock_set_bottom_up(false);
> include/linux/memblock.h:static inline void __init memblock_set_bottom_up(bool enable)
>
--
Sincerely yours,
Mike.
Powered by blists - more mailing lists