lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190406015547.GZ7627@MiWiFi-R3L-srv>
Date:   Sat, 6 Apr 2019 09:55:47 +0800
From:   Baoquan He <bhe@...hat.com>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     Borislav Petkov <bp@...en8.de>, linux-kernel@...r.kernel.org,
        x86@...nel.org, mingo@...nel.org, hpa@...or.com,
        kirill@...temov.name, keescook@...omium.org,
        yamada.masahiro@...ionext.com, dave.hansen@...ux.intel.com,
        luto@...nel.org, peterz@...radead.org, thgarnie@...gle.com,
        mike.travis@....com, frank.ramsay@....com
Subject: Re: [PATCH 1/2] x86/mm/KASLR: Fix the wrong calculation of memory
 region initial size

On 04/05/19 at 07:22pm, Thomas Gleixner wrote:
> On Fri, 5 Apr 2019, Borislav Petkov wrote:
> > On Thu, Apr 04, 2019 at 10:03:13AM +0800, Baoquan He wrote:
> > > In memory region KASLR, __PHYSICAL_MASK_SHIFT is taken to calculate
> > 
> > What is "memory region KASLR"?
> > 
> > > the initial size of the direct mapping region. This is correct in
> > > the old code where __PHYSICAL_MASK_SHIFT was equal to MAX_PHYSMEM_BITS,
> > > 46 bits, and only 4-level mode was supported.
> > > 
> > > Later, in commit:
> > > b83ce5ee91471d ("x86/mm/64: Make __PHYSICAL_MASK_SHIFT always 52"),
> > > __PHYSICAL_MASK_SHIFT was changed to be always 52 bits, no matter it's
> > > 5-level or 4-level.
> > > 
> > > This is wrong for 4-level paging since it may cause randomness of KASLR
> > > being greatly weakened in 4-level. For KASLR, we compare the sum of RAM
> > > size and CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING with the size of the
> > > max RAM which can be supported by system, then choose the bigger one as
> > > the value to reserve space for the direct mapping region. The max RAM
> > > supported in 4-level is 64 TB according to MAX_PHYSMEM_BITS. However,
> > > here it's 4 PB in code to be compared with when __PHYSICAL_MASK_SHIFT is
> > > mistakenly used. E.g in a system owning 64 TB RAM, it will reserve 74 TB
> > > (which is 64 TB plus CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING). In fact
> > > it should reserve 64 TB according to the algorithm which is supposed to
> > > do. Obviously the extra 10 TB space should be saved to join randomization.
> > 
> > It is not a trivial situation you're trying to explain and that
> > paragraph is very very hard to understand. I can only rhyme up what
> > you're trying to say.
> > 
> > So please rewrite it using simple declarative sentences. Don't try to
> > say three things in one sentence but say one thing in three sentences.
> > Keep it simple.
> 
> For complex scenarios a simple ascii scheme is often helpful
> 
> Situation A
> 
>     ------- LIMIT1
> 
>     ------- LIMIT2
> 			<- unused area
>     -------
> 
>     ------- 0
> 
> Situation B
> 
>     ------- LIMIT1
> 
> 
> 		
>     ------- LIMIT2
> 
>     ------- 0
> 
> 
> I was not trying to depict your problem, it's just a random thing, but you get
> the idea.

OK, got it. Will rewrite with simpler sentences, and some more
understandable ways to depict. Thanks a lot.

Thanks
Baoquan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ