lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+KhAHYDui3VkebjxZLnN_ijMUzJf2BRMqtPqqos+rCbf8J7Ww@mail.gmail.com>
Date: Fri, 28 Feb 2025 09:55:44 +0400
From: Keun-O Park <kpark3469@...il.com>
To: Ard Biesheuvel <ardb@...nel.org>
Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, 
	catalin.marinas@....com, will@...nel.org, Keuno Park <keun-o.park@...im.com>
Subject: Re: [PATCH] arm64: kaslr: consider parange is bigger than linear_region_size

How about adding a warning message in case of linear region
randomization failure?
And, there might be two options in my mind by now to consider hotplug memory.
Either giving an option for users to override "parange" as kernel
param or providing the legacy way((memblock_end_of_DRAM() -
memblock_start_of_DRAM()) when CONFIG_MEMORY_HOTPLUG is off.
Users believe KASLR will work fine by enabling CONFIG_RANDOMIZE_BASE.
In case of linear region randomization failure, I think at least users
need to know about this failure.
Can you share your thoughts on this please?

On Tue, Feb 25, 2025 at 12:28 PM Ard Biesheuvel <ardb@...nel.org> wrote:
>
> On Tue, 25 Feb 2025 at 05:48, Keun-O Park <kpark3469@...il.com> wrote:
> >
> > On Mon, Feb 24, 2025 at 10:21 AM Keun-O Park <kpark3469@...il.com> wrote:
> > >
> > > From: Keuno Park <keun-o.park@...im.com>
> > >
> > > On systems using 4KB pages and having 39 VA_BITS, linear_region_size
> > > gets 256GiB space. It was observed that some SoCs such as Qualcomm
> > > QCM8550 returns 40bits of PA range from MMFR0_EL1. This leads range
> > > value to have minus as the variable range is s64, so that all the
> > > calculations for randomizing linear address space are skpped.
> > > As a result of this, the kernel's linear region is not randomized.
> > > For this case, this patch sets the range by calculating memblock
> > > DRAM range to randomize the linear region of kernel.
> > >
> > > Change-Id: Ib29e45f44928937881d514fb87b4cac828b5a3f5
> > > Fixes: 97d6786e0669 ("arm64: mm: account for hotplug memory when randomizing the linear region")
> > > Signed-off-by: Keuno Park <keun-o.park@...im.com>
> > > ---
> > >  arch/arm64/mm/init.c | 5 +++++
> > >  1 file changed, 5 insertions(+)
> > >
> > > diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c
> > > index 9c0b8d9558fc..2ee657e2d60f 100644
> > > --- a/arch/arm64/mm/init.c
> > > +++ b/arch/arm64/mm/init.c
> > > @@ -290,6 +290,11 @@ void __init arm64_memblock_init(void)
> > >                 s64 range = linear_region_size -
> > >                             BIT(id_aa64mmfr0_parange_to_phys_shift(parange));
> > >
> > > +               if (range < 0) {
> > > +                       range = linear_region_size -
> > > +                               (memblock_end_of_DRAM() - memblock_start_of_DRAM());
> > > +               }
> > > +
> ..
> >
> > In most cases, the hotplug memory code will be working the same as before.
>
> How so? Such memory will usually appear above memblock_end_of_DRAM(),
> and due to the randomization, there may not be any space left there.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ