lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190402075939.GA6560@localhost.localdomain>
Date:   Tue, 2 Apr 2019 15:59:39 +0800
From:   Chao Fan <fanc.fnst@...fujitsu.com>
To:     Pingfan Liu <kernelfans@...il.com>
CC:     <x86@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, Baoquan He <bhe@...hat.com>,
        Will Deacon <will.deacon@....com>,
        Nicolas Pitre <nico@...aro.org>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCHv3] x86/boot/KASLR: skip the specified crashkernel region

On Tue, Apr 02, 2019 at 02:58:53PM +0800, Pingfan Liu wrote:
>On Tue, Apr 2, 2019 at 1:20 PM Chao Fan <fanc.fnst@...fujitsu.com> wrote:
>>
>> On Tue, Apr 02, 2019 at 12:10:46PM +0800, Pingfan Liu wrote:
>> >crashkernel=x@y or or =range1:size1[,range2:size2,...]@offset option may
>> or or?
>> >fail to reserve the required memory region if KASLR puts kernel into the
>> >region. To avoid this uncertainty, asking KASLR to skip the required
>> >region.
>> >
>> >Signed-off-by: Pingfan Liu <kernelfans@...il.com>
>> >Cc: Thomas Gleixner <tglx@...utronix.de>
>> >Cc: Ingo Molnar <mingo@...hat.com>
>> >Cc: Borislav Petkov <bp@...en8.de>
>> >Cc: "H. Peter Anvin" <hpa@...or.com>
>> >Cc: Baoquan He <bhe@...hat.com>
>> >Cc: Will Deacon <will.deacon@....com>
>> >Cc: Nicolas Pitre <nico@...aro.org>
>> >Cc: Pingfan Liu <kernelfans@...il.com>
>> >Cc: Chao Fan <fanc.fnst@...fujitsu.com>
>> >Cc: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
>> >Cc: Ard Biesheuvel <ard.biesheuvel@...aro.org>
>> >Cc: linux-kernel@...r.kernel.org
>> >---
>> [...]
>> >+
>> >+/* handle crashkernel=x@y or =range1:size1[,range2:size2,...]@offset options */
>>
>> Before review, I want to say more about the background.
>> It's very hard to review the code for someone who is not so familiar
>> with kdump, so could you please explain more ahout
>> the uasge of crashkernel=range1:size1[,range2:size2,...]@offset.
>> And also there are so many jobs who are parsing string. So I really
>> need your help to understand the PATCH.
>>
>> >+static void mem_avoid_specified_crashkernel_region(char *option)
>> >+{
>> >+      unsigned long long crash_size, crash_base = 0;
>> >+      char    *first_colon, *first_space, *cur = option;
>> Is there a tab after char?
>> >+
>> >+      first_colon = strchr(option, ':');
>> >+      first_space = strchr(option, ' ');
>> >+      /* if contain ":" */
>> >+      if (first_colon && (!first_space || first_colon < first_space)) {
>> >+              int i;
>> >+              u64 total_sz = 0;
>> >+              struct boot_e820_entry *entry;
>> >+
>> >+              for (i = 0; i < boot_params->e820_entries; i++) {
>> >+                      entry = &boot_params->e820_table[i];
>> >+                      /* Skip non-RAM entries. */
>> >+                      if (entry->type != E820_TYPE_RAM)
>> >+                              continue;
>> >+                      total_sz += entry->size;
>> I wonder whether it's needed to consider the memory ranges here.
>> I think it's OK to only record the regions should to be avoid.
>Maybe not catch you exactly. In the case of
>crashkernel=range1:size1[,range2:size2,...]@offset, the size of avoid
>region depends on the size of total system ram.

Got it, I midunderstand it.

Thanks,
Chao Fan
>> I remeber I ever talked with Baoquan about the similiar problems.
>> @Baoquan, I am not sure if I misunderstand something.
>>
>> Thanks,
>> Chao Fan
>> >+              }
>> >+              handle_crashkernel_mem(option, total_sz, &crash_size,
>> >+                      &crash_base);
>> >+      } else {
>> >+              crash_size = memparse(option, &cur);
>> >+              if (option == cur)
>> >+                      return;
>> >+              while (*cur && *cur != ' ' && *cur != '@')
>> >+                      cur++;
>> >+              if (*cur == '@') {
>> >+                      option = cur + 1;
>> >+                      crash_base = memparse(option, &cur);
>> >+              }
>> >+      }
>> >+      if (crash_base) {
>> >+              mem_avoid[MEM_AVOID_CRASHKERNEL].start = crash_base;
>> >+              mem_avoid[MEM_AVOID_CRASHKERNEL].size = crash_size;
>> >+      } else {
>> >+              /*
>> >+               * Clearing mem_avoid if no offset is given. This is consistent
>> >+               * with kernel, which uses the last crashkernel= option.
>> >+               */
>> >+              mem_avoid[MEM_AVOID_CRASHKERNEL].start = 0;
>> >+              mem_avoid[MEM_AVOID_CRASHKERNEL].size = 0;
>> >+      }
>> >+}
>> >
>> > static void handle_mem_options(void)
>> > {
>> >@@ -248,7 +358,7 @@ static void handle_mem_options(void)
>> >       u64 mem_size;
>> >
>> >       if (!strstr(args, "memmap=") && !strstr(args, "mem=") &&
>> >-              !strstr(args, "hugepages"))
>> >+              !strstr(args, "hugepages") && !strstr(args, "crashkernel="))
>> >               return;
>> >
>> >       tmp_cmdline = malloc(len + 1);
>> >@@ -284,6 +394,8 @@ static void handle_mem_options(void)
>> >                               goto out;
>> >
>> >                       mem_limit = mem_size;
>> >+              } else if (strstr(param, "crashkernel")) {
>> >+                      mem_avoid_specified_crashkernel_region(val);
>> >               }
>> >       }
>> >
>> >@@ -412,7 +524,7 @@ static void mem_avoid_init(unsigned long input, unsigned long input_size,
>> >
>> >       /* We don't need to set a mapping for setup_data. */
>> >
>> >-      /* Mark the memmap regions we need to avoid */
>> >+      /* Mark the regions we need to avoid */
>> >       handle_mem_options();
>> >
>> >       /* Enumerate the immovable memory regions */
>> >--
>> >2.7.4
>> >
>> >
>> >
>>
>>
>
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ