| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201028164551.GA1989568@rani.riverdale.lan>
Date: Wed, 28 Oct 2020 12:45:51 -0400
From: Arvind Sankar <nivedita@...m.mit.edu>
To: Borislav Petkov <bp@...en8.de>
Cc: Arvind Sankar <nivedita@...m.mit.edu>, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/build: Fix vmlinux size check on 64-bit
On Wed, Oct 28, 2020 at 02:39:09PM +0100, Borislav Petkov wrote:
> On Tue, Oct 27, 2020 at 05:14:22PM -0400, Arvind Sankar wrote:
> > This is indeed just a small correctness fixlet, but I'm not following
> > the rest of your comments.
>
> I'm just trying to make sense of that house of cards we have here.
>
> > PHYSICAL_START has an effect independent of the setting of
> > RELOCATABLE.
>
> Theoretically you can set PHYSICAL_START to 0x0:
>
> config PHYSICAL_START
> hex "Physical address where the kernel is loaded" if (EXPERT || CRASH_DUMP)
> default "0x1000000"
> help
> This gives the physical address where the kernel is loaded.
>
> If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then
> bzImage will decompress itself to above physical address and
> run from there.
> ^^^^^^^^^^^^^^
>
> and disable RELOCATABLE:
>
> CONFIG_PHYSICAL_START=0x0
> # CONFIG_RELOCATABLE is not set
>
> but then you hit this:
>
> ld: per-CPU data too large - increase CONFIG_PHYSICAL_START
>
> full output at the end of the mail.
You don't want to try to run the kernel from physical address 0 in any
case. The default is set to 16MiB to avoid low memory, historically to
avoid the 24-bit ISA DMA range.
> > That said, AFAICT, RELOCATABLE and PHYSICAL_START look like historical
> > artifacts at this point: RELOCATABLE should be completely irrelevant for
> > the 64-bit kernel, and there's really no reason to be able to configure
> > the start VA of the kernel, that should just be constant independent of
> > PHYSICAL_START.
>
> See the CONFIG_PHYSICAL_START help text. Apparently there has been a
> use case where one can set PHYSICAL_START to the region where a kdump
> kernel is going to be loaded and that kdump kernel is a vmlinux and not
> a bzImage and thus not relocatable.
This doesn't matter for the 64-bit kernel, which can be run from any
physical address independent of the RELOCATABLE/PHYSICAL_START settings.
It only matters on 32-bit, where VA and PA are tied together by
VA == __PAGE_OFFSET + PA
On 64-bit, the kernel's location in VA space and physical space can be
independently moved around, so a kernel that starts at 16MiB in VA space
can be loaded anywhere above 16MiB in physical space.
>
> Going back to the question at hand, if you think about it, the kernel
> image *is* between _text or _stext and _end. And KERNEL_IMAGE_SIZE is
> exactly what it is - the size of the kernel image.
>
> Now, if you were talking about a kernel *mapping* size, then I'd
> understand but this check is for the kernel *image* size.
>
KERNEL_IMAGE_SIZE is _not_ the size of the kernel image, the name is
misleading. It is the maximum VA that the kernel can occupy, it is used
to prepopulate the PMD-level pagetable for initial boot (level2_kernel_pgt)
and is also used to define MODULES_VADDR, so it _is_ talking about
mappings. If you have a 30MiB kernel that is placed at a starting VA of
510MiB when KERNEL_IMAGE_SIZE is 512MiB, it won't boot.
> But reading that commit message again:
>
> these build-time and link-time checks would have prevented the
> vmlinux size regression.
>
> this *is* talking about vmlinux size and that starts at _text...
>
Increasing vmlinux size can trigger the problem by pushing _end beyond
KERNEL_IMAGE_SIZE, but the problem occurs once _end - __START_KERNEL_map
exceeds KERNEL_IMAGE_SIZE, not when _end - _text exceeds it, hence this
patch.
Powered by blists - more mailing lists