lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190421035058.943630505@redhat.com>
Date:   Sun, 21 Apr 2019 11:50:59 +0800
From:   Dave Young <dyoung@...hat.com>
To:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
        linux-kernel@...r.kernel.org, vgoyal@...hat.com, bhe@...hat.com,
        piliu@...hat.com, Yinghai Lu <yinghai@...nel.org>,
        Eric Biederman <ebiederm@...ssion.com>
Subject: [PATCH 1/2] X86/kdump: move crashkernel=X to reserve under 4G by default

The kdump crashkernel low reservation is limited to under 896M even for
X86_64. This obscure and miserable limitation exists for old kexec-tools
compatibility, but the reason is not documented anywhere.

Some more tests/investigations about the background:
a) Previously old kexec-tools can only load purgatory to memory under 2G,
   Eric remove that limitation in 2012 in kexec-tools:
   Commit b4f9f8599679 ("kexec x86_64: Make purgatory relocatable anywhere
   in the 64bit address space.")

b) back in 2013 Yinghai removed all the limitations in new kexec-tools,
   bzImage64 can be loaded to anywhere.
   Commit 82c3dd2280d2 ("kexec, x86_64: Load bzImage64 above 4G")

c) test results with old kexec-tools with old and latest kernels.
  1. old kexec-tools can not build with modern toolchain anymore,
     I built it in a RHEL6 vm
  2. 2.0.0 kexec-tools does not work with latest kernel even with
     memory under 896M and give an error:
     "ELF core (kcore) parse failed", it needs below kexec-tools fix 
     Commit ed15ba1b9977 ("build_mem_phdrs(): check if p_paddr is invalid")
  3. even with patched kexec-tools which fixes 2),  it still needs some
     other fixes to work correctly for kaslr enabled kernels.

So the situation is:
* old kexec-tools is already broken with latest kernels
* we can not keep this limitations forever just for compatibility of very
  old kexec-tools.
* If one must use old tools then he/she can choose crashkernel=X@Y
* people have reported bugs crashkernel=384M failed because kaslr makes
  the 0-896M space sparse, 
* crashkernel can reserve in low or high area, it is natural to understand 
  low as memory under 4G

Hence drop the 896M limitation, and change crashkernel low reservation to
reserve under 4G by default.

Signed-off-by: Dave Young <dyoung@...hat.com>
---
 arch/x86/kernel/setup.c |   10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

--- linux-x86.orig/arch/x86/kernel/setup.c
+++ linux-x86/arch/x86/kernel/setup.c
@@ -71,6 +71,7 @@
 #include <linux/tboot.h>
 #include <linux/jiffies.h>
 #include <linux/mem_encrypt.h>
+#include <linux/sizes.h>
 
 #include <linux/usb/xhci-dbgp.h>
 #include <video/edid.h>
@@ -448,18 +449,17 @@ static void __init memblock_x86_reserve_
 #ifdef CONFIG_KEXEC_CORE
 
 /* 16M alignment for crash kernel regions */
-#define CRASH_ALIGN		(16 << 20)
+#define CRASH_ALIGN		SZ_16M
 
 /*
  * Keep the crash kernel below this limit.  On 32 bits earlier kernels
  * would limit the kernel to the low 512 MiB due to mapping restrictions.
- * On 64bit, old kexec-tools need to under 896MiB.
  */
 #ifdef CONFIG_X86_32
-# define CRASH_ADDR_LOW_MAX	(512 << 20)
-# define CRASH_ADDR_HIGH_MAX	(512 << 20)
+# define CRASH_ADDR_LOW_MAX	SZ_512M
+# define CRASH_ADDR_HIGH_MAX	SZ_512M
 #else
-# define CRASH_ADDR_LOW_MAX	(896UL << 20)
+# define CRASH_ADDR_LOW_MAX	SZ_4G
 # define CRASH_ADDR_HIGH_MAX	MAXMEM
 #endif
 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ