lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20201112092558.GC29613@gaia>
Date:   Thu, 12 Nov 2020 09:25:58 +0000
From:   Catalin Marinas <catalin.marinas@....com>
To:     Anshuman Khandual <anshuman.khandual@....com>
Cc:     linux-arm-kernel@...ts.infradead.org,
        Ard Biesheuvel <ardb@...nel.org>,
        Will Deacon <will@...nel.org>, linux-kernel@...r.kernel.org,
        Mark Rutland <mark.rutland@....com>,
        Steve Capper <steve.capper@....com>,
        Mark Brown <broonie@...nel.org>, Marc Zyngier <maz@...nel.org>,
        gshan@...hat.com, Robin Murphy <robin.murphy@....com>,
        Steven Price <steven.price@....com>,
        David Hildenbrand <david@...hat.com>
Subject: Re: [PATCH] arm64: mm: account for hotplug memory when randomizing
 the linear region

Hi Anshuman,

On Wed, Nov 11, 2020 at 09:18:56AM +0530, Anshuman Khandual wrote:
> On 11/11/20 12:44 AM, Catalin Marinas wrote:
> > On Wed, 14 Oct 2020 10:18:57 +0200, Ard Biesheuvel wrote:
> >> As a hardening measure, we currently randomize the placement of
> >> physical memory inside the linear region when KASLR is in effect.
> >> Since the random offset at which to place the available physical
> >> memory inside the linear region is chosen early at boot, it is
> >> based on the memblock description of memory, which does not cover
> >> hotplug memory. The consequence of this is that the randomization
> >> offset may be chosen such that any hotplugged memory located above
> >> memblock_end_of_DRAM() that appears later is pushed off the end of
> >> the linear region, where it cannot be accessed.
> >>
> >> [...]
> > 
> > Applied to arm64 (for-next/mem-hotplug), thanks!
> > 
> > [1/1] arm64: mm: account for hotplug memory when randomizing the linear region
> >       https://git.kernel.org/arm64/c/97d6786e0669
> 
> Got delayed and never made here in time, sorry about that. Nonetheless,
> I have got something working with respect to the generic mechanism that
> David Hildenbrand had asked for earlier.
> 
> https://patchwork.kernel.org/project/linux-arm-kernel/patch/1600332402-30123-1-git-send-email-anshuman.khandual@arm.com/

There was a lot of discussion around this patch but I haven't seen any
new version posted.

> I am wondering if we could instead consider merging the above patch with
> a small change that Ard had pointed out earlier [1], I will send out a
> revision if required.

If your patch fixes the randomisation issue that Ard addressed, I'm
happy to replace that with your patch. But please post a new version and
get some acks in place from the parties involved in the discussion.

Thanks.

-- 
Catalin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ