| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Apr 2019 10:18:35 +0800
From: Baoquan He <bhe@...hat.com>
To: linux-kernel@...r.kernel.org, kirill.shutemov@...ux.intel.com
Cc: dave.hansen@...ux.intel.com, luto@...nel.org, peterz@...radead.org,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, hpa@...or.com,
x86@...nel.org, keescook@...omium.org, thgarnie@...gle.com
Subject: Re: [PATCH v3 0/2] x86/mm/KASLR: Change the granularity of
randomization to PUD size in 5-level
PING
Is there any comment for this patchset, or could we consider to merge
them?
On 03/08/19 at 10:56am, Baoquan He wrote:
> This is v3 post, v2 post is here:
> http://lkml.kernel.org/r/20190228003522.9957-1-bhe@redhat.com
> v1 can be found here:
> http://lkml.kernel.org/r/20190224132231.4878-1-bhe@redhat.com
>
> Background:
> ***
> Earlier, during a series of KASLR patch reviewing, Ingo got the current
> memory region KASLR only has granularity of randomization in PUD size in
> 4-level paging mode, and P4D size in 5-level paging mode, He suggested
> me to try to change both of them to be PMD size at granularity:
>
> http://lkml.kernel.org/r/20180912100135.GB3333@gmail.com
>
> Later, I changed code to support PMD level of randomization for both
> 4-level and 5-level.
>
> https://github.com/baoquan-he/linux/commits/mm-kaslr-2m-aligned
>
> The test passed on my KVM guest with 1 GB RAM, but failed when I
> increased the RAM to 4 GB, and failed either on larger RAM.
>
> After analyzing, it's because that 1 GB page mapping need be mapped at 1
> GB aligned physical address for intel CPU. The 2 MB level of randomization
> will break it and cause error. Please check below table in intel IA32 manual.
>
> Table 4-15. Format of an IA-32e Page-Directory-Pointer-Table Entry (PDPTE) that Maps a 1-GByte Page
>
> So PMD level of randomization for mm KASLR is not doable.
>
> However, during investigation and testing above code, it turns out that the
> current code is misleading to build identity mapping for the real mode
> trampoline in case KASLR enabled. From code, only a small area (which is
> smaller than 1 MB) need be identity mapped. Please check below patch which
> is from above mm-kaslr-2m-aligned patch series. it only builds up 2 MB
> identity maping for real mode trampoline, and test passed on machines
> with 32 GB RAM of 4-level and on KVM guest of 5-level.
>
> https://github.com/baoquan-he/linux/commit/e120e67fbf9a5aa818d20084d8dea5b4a27ecf97
>
> Result:
> Make a patchset to:
> 1)change code to only build 1 GB of area for real mode trampoline,
> namely only copy one PUD entry where physical address 0 resides;
>
> 2)improve the randomization granularity of 5-level from P4D size to PUD size.
>
> Changelog:
> v2->v3:
> Improve patch 1/2 according to Kirill's comments:
> *) Adjust code change of 1/2;
> *) Add code comment to explain the two kinds of mapping thing for
> real mode;
>
> v1->v2:
> Improve patch according to Kirill's suggestions:
> *)Add more information to code comment for better understanding;
> *)Improve code to save one low memory page in 4-level;
>
> Baoquan He (2):
> x86/mm/KASLR: Only build one PUD entry of area for real mode
> trampoline
> x86/mm/KASLR: Change the granularity of randomization to PUD size in
> 5-level
>
> arch/x86/mm/kaslr.c | 98 ++++++++++++++++++++-------------------------
> 1 file changed, 43 insertions(+), 55 deletions(-)
>
> --
> 2.17.2
>
Powered by blists - more mailing lists