| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 May 2024 14:42:05 -0700
From: Oreoluwa Babatunde <quic_obabatun@...cinc.com>
To: John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>,
<ysato@...rs.sourceforge.jp>, <dalias@...c.org>
CC: <akpm@...ux-foundation.org>, <linux-sh@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <robh+dt@...nel.org>,
<kernel@...cinc.com>, Rob Herring <robh@...nel.org>,
Rob Landley <rob@...dley.net>
Subject: Re: [PATCH v2] sh: Call paging_init() earlier in the init sequence
On 5/2/2024 3:29 AM, John Paul Adrian Glaubitz wrote:
> Hi Oreoluwa,
>
> On Wed, 2024-05-01 at 19:18 +0200, John Paul Adrian Glaubitz wrote:
>> Hi Oreoluwa,
>>
>> On Tue, 2024-04-23 at 16:31 -0700, Oreoluwa Babatunde wrote:
>>> The unflatten_device_tree() function contains a call to
>>> memblock_alloc(). This is a problem because this allocation is done
>>> before any of the reserved memory is set aside in paging_init().
>>> This means that there is a possibility for memblock to allocate from
>>> any of the memory regions that are supposed to be set aside as reserved.
>>>
>>> Hence, move the call to paging_init() to be earlier in the init
>>> sequence so that the reserved memory regions are set aside before any
>>> allocations are done using memblock.
>> I was just about to merge your patch when I ran a git blame on the code in
>> arch/sh/kernel/setup.c and noticed the following commit by Rich Felker:
>>
>> commit eb6b6930a70faefe04479a71088cc10366782d9a
>> Author: Rich Felker <dalias@...c.org>
>> Date: Mon Jul 31 01:27:50 2017 -0400
>>
>> sh: fix memory corruption of unflattened device tree
>>
>> unflatten_device_tree() makes use of memblock allocation, and
>> therefore must be called before paging_init() migrates the memblock
>> allocation data to the bootmem framework. Otherwise the record of the
>> allocation for the expanded device tree will be lost, and will
>> eventually be clobbered when allocated for another use.
>>
>> Signed-off-by: Rich Felker <dalias@...c.org>
>>
>> It looks like that the call to unflatten_device_tree() before paging_init()
>> is intentional and needed for the device tree to be preserved in memory
>> after running paging_init().
Hi John,
Thank you for pointing this out.
memblock_alloc() marks all its allocations as reserved by calling
memblock_reserve().
https://elixir.bootlin.com/linux/latest/source/mm/memblock.c#L1463
This should normally stop other users from allocating from within that
region of memory.
But in this case, since all the free memory regions have already been
transferred over to the bootmem framework by paging_init(), I am not
sure if that logic will still hold for the unflatten_deivcetree allocated memory.
The main goal of this patch is to make sure that the reserved memory
regions defined in the DT are set aside before any memblock allocations
are done (which includes the allocation done by unflatten_devicetree).
Hence, I can restructure the patch to only remove the portion of code that is
is responsible for setting aside the DT defined reserved memory regions from
within paging_init(), and move it above the unflatten_devicetree() call.
https://elixir.bootlin.com/linux/latest/source/arch/sh/mm/init.c#L292
I will explore further and possibly restructure this patch based on my findings.
Thank you!
Oreoluwa
>>
>> @Geert: Do you have any comments on this patch?
>> @Rob: Could you test this patch on your J2 board and report back?
Powered by blists - more mailing lists