lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202502061145.8AFAF053E4@keescook>
Date: Thu, 6 Feb 2025 11:59:17 -0800
From: Kees Cook <kees@...nel.org>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Balbir Singh <balbirs@...dia.com>, x86@...nel.org,
	linux-kernel@...r.kernel.org, apopple@...dia.com, jgg@...dia.com,
	jhubbard@...dia.com, Dave Hansen <dave.hansen@...ux.intel.com>,
	Andy Lutomirski <luto@...nel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
	"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH] x86/kaslr: Revisit entropy when CONFIG_PCI_P2PDMA is
 enabled

On Thu, Feb 06, 2025 at 09:10:58AM +0100, Peter Zijlstra wrote:
> On Thu, Feb 06, 2025 at 01:32:01PM +1100, Balbir Singh wrote:
> > When CONFIG_PCI_P2PDMA is enabled, it maps the PFN's via a
> > ZONE_DEVICE mapping using devm_memremap_pages(). The mapped
> > virtual address range corresponds to the pci_resource_start()
> > of the BAR address and size corresponding to the BAR length.
> > 
> > When KASLR is enabled, the direct map range of the kernel is
> > reduced to the size of physical memory plus additional padding.
> > If the BAR address is beyond this limit, PCI peer to peer DMA
> > mappings fail.
> > 
> > Fix this by not shrinking the size of direct map when CONFIG_PCI_P2PDMA
> > is enabled. This reduces the total available entropy, but it's
> > better than the current work around of having to disable KASLR
> > completely.

So, just to restate my understanding: this is about only the direct map
(i.e. kaslr_region[0]). The notes (which I think should be left in the
commit log) say that the entropy dropped from 49 TiB (46 bits) to 20 TiB
(45 bits). If I'm reading right, the offset granularity is in PUD_SIZE
(30 bits) steps, so the entropy is going from 16 bits to 15 bits. I don't
see any general problem with that. Especially if the alternative is 0
bits of entropy. :)

> I'm thinking this CONFIG is going to be on by default for pretty much
> all distro kernels? As such, does it make sense to have this depend on
> this config symbol?

If checking the CONFIG means we get back the 1 bit of entropy, I'd say
keep the check. Some folks will want that bit over P2PDMA.

> Also +Kees

Thanks for CCing me! :)

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ