lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20201028194355.GB27112@zn.tnic>
Date:   Wed, 28 Oct 2020 20:43:55 +0100
From:   Borislav Petkov <bp@...en8.de>
To:     Arvind Sankar <nivedita@...m.mit.edu>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/build: Fix vmlinux size check on 64-bit

On Wed, Oct 28, 2020 at 12:45:51PM -0400, Arvind Sankar wrote:
> You don't want to try to run the kernel from physical address 0 in any
> case. The default is set to 16MiB to avoid low memory, historically to
> avoid the 24-bit ISA DMA range.

Sure, that's why I wrote:

"... so I guess this should be a range > 0 specification but I guess not
important."

So how about a sentence or two alluding to that fact in the help text of
that option?

> This doesn't matter for the 64-bit kernel, which can be run from any
> physical address independent of the RELOCATABLE/PHYSICAL_START settings.
> It only matters on 32-bit, where VA and PA are tied together by
> 	VA == __PAGE_OFFSET + PA

You mean the kernel text mapping I assume because we do

#define __va(x)                 ((void *)((unsigned long)(x)+PAGE_OFFSET))

on 64-bit too but that's the direct mapping of all physical memory.

> On 64-bit, the kernel's location in VA space and physical space can be
> independently moved around, so a kernel that starts at 16MiB in VA space
> can be loaded anywhere above 16MiB in physical space.

Right.

> KERNEL_IMAGE_SIZE is _not_ the size of the kernel image, the name is
> misleading.

So that needs fixing too, I guess.

> It is the maximum VA that the kernel can occupy, it is used
> to prepopulate the PMD-level pagetable for initial boot (level2_kernel_pgt)
> and is also used to define MODULES_VADDR, so it _is_ talking about
> mappings. If you have a 30MiB kernel that is placed at a starting VA of
> 510MiB when KERNEL_IMAGE_SIZE is 512MiB, it won't boot.

... because not the whole kernel will be mapped, sure. There's a comment
above KERNEL_IMAGE_SIZE which could use some of that explanation.

> Increasing vmlinux size can trigger the problem by pushing _end
> beyond KERNEL_IMAGE_SIZE, but the problem occurs once _end -
> __START_KERNEL_map exceeds KERNEL_IMAGE_SIZE, not when _end - _text
> exceeds it, hence this patch.

Understood - in both cases, once _end goes beyond the 512MiB end of the
PMD mapping, we've lost. Please add that part to the commit message too
because we will forget.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ