From: Alexnader Kuleshov <kuleshovmail@gmail.com>
To: Baoquan He <bhe@redhat.com>
Cc: linux-kernel@vger.kernel.org, tglx@linutronix.de, hpa@zytor.com,
mingo@redhat.com, x86@kernel.org, keescook@chromium.org,
yinghai@kernel.org, bp@suse.de, thgarnie@google.com,
kuleshovmail@gmail.com, luto@kernel.org, anderson@redhat.com,
dyoung@redhat.com, xlpang@redhat.com
Subject: Re: [PATCH 2/2] x86/KASLR/64: Determine kernel text mapping size at runtime
Date: Thu, 8 Dec 2016 14:17:50 +0600 [thread overview]
Message-ID: <20161208081750.GA3998@localhost.localdomain> (raw)
In-Reply-To: <1481183765-4166-3-git-send-email-bhe@redhat.com>
Hello,
On 12-08-16, Baoquan He wrote:
> X86 64 kernel takes KERNEL_IMAGE_SIZE as the kernel text mapping size,
> and it's fixed as compiling time, changing from 512M to 1G as long as
> CONFIG_RANDOMIZE_BASE is enabled, though people specify kernel option
> "nokaslr" explicitly.
>
> This could be a wrong behaviour. CONFIG_RANDOMIZE_BASE should only decide
> if the KASLR code need be compiled in. If user specify "nokaslr", the
> kernel should behave as no KASLR code compiled in at all.
>
> So in this patch, define a new MACRO KERNEL_MAPPING_SIZE to represent the
> size of kernel text mapping area, and let KERNEL_IMAGE_SIZE limit the size
> of kernel runtime space. And change to determine the size of kernel text
> mapping area at runtime. Though KASLR code compiled in, if "nokaslr" specified,
> still set kernel mapping size to be 512M.
>
> Signed-off-by: Baoquan He <bhe@redhat.com>
> ---
> arch/x86/boot/compressed/kaslr.c | 15 ++++++++++-----
> arch/x86/include/asm/kaslr.h | 1 +
> arch/x86/include/asm/page_64_types.h | 19 +++++++++++--------
> arch/x86/include/asm/pgtable_64_types.h | 2 +-
> arch/x86/kernel/head64.c | 11 ++++++-----
> arch/x86/kernel/head_64.S | 3 ++-
> arch/x86/mm/dump_pagetables.c | 3 ++-
> arch/x86/mm/physaddr.c | 6 +++---
> 8 files changed, 36 insertions(+), 24 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
> index a66854d..3b73c76 100644
> --- a/arch/x86/boot/compressed/kaslr.c
> +++ b/arch/x86/boot/compressed/kaslr.c
> @@ -22,6 +22,8 @@
> static const char build_str[] = UTS_RELEASE " (" LINUX_COMPILE_BY "@"
> LINUX_COMPILE_HOST ") (" LINUX_COMPILER ") " UTS_VERSION;
>
> +unsigned long kernel_mapping_size = KERNEL_IMAGE_SIZE;
> +
> static unsigned long rotate_xor(unsigned long hash, const void *area,
> size_t size)
> {
> @@ -311,7 +313,7 @@ static void process_e820_entry(struct e820entry *entry,
> return;
>
> /* On 32-bit, ignore entries entirely above our maximum. */
> - if (IS_ENABLED(CONFIG_X86_32) && entry->addr >= KERNEL_IMAGE_SIZE)
> + if (IS_ENABLED(CONFIG_X86_32) && entry->addr >= kernel_mapping_size)
> return;
>
> /* Ignore entries entirely below our minimum. */
> @@ -341,8 +343,8 @@ static void process_e820_entry(struct e820entry *entry,
>
> /* On 32-bit, reduce region size to fit within max size. */
> if (IS_ENABLED(CONFIG_X86_32) &&
> - region.start + region.size > KERNEL_IMAGE_SIZE)
> - region.size = KERNEL_IMAGE_SIZE - region.start;
> + region.start + region.size > kernel_mapping_size)
> + region.size = kernel_mapping_size - region.start;
>
> /* Return if region can't contain decompressed kernel */
> if (region.size < image_size)
> @@ -408,9 +410,9 @@ static unsigned long find_random_virt_addr(unsigned long minimum,
> /*
> * There are how many CONFIG_PHYSICAL_ALIGN-sized slots
> * that can hold image_size within the range of minimum to
> - * KERNEL_IMAGE_SIZE?
> + * kernel_mapping_size?
> */
> - slots = (KERNEL_IMAGE_SIZE - minimum - image_size) /
> + slots = (kernel_mapping_size - minimum - image_size) /
> CONFIG_PHYSICAL_ALIGN + 1;
>
> random_addr = kaslr_get_random_long("Virtual") % slots;
> @@ -438,6 +440,9 @@ void choose_random_location(unsigned long input,
> return;
> }
>
> + if (IS_ENABLED(CONFIG_X86_64))
> + kernel_mapping_size = KERNEL_MAPPING_SIZE_EXT;
> +
> boot_params->hdr.loadflags |= KASLR_FLAG;
>
> /* Prepare to add new identity pagetables on demand. */
> diff --git a/arch/x86/include/asm/kaslr.h b/arch/x86/include/asm/kaslr.h
> index 1052a79..c4f5728 100644
> --- a/arch/x86/include/asm/kaslr.h
> +++ b/arch/x86/include/asm/kaslr.h
> @@ -7,6 +7,7 @@ unsigned long kaslr_get_random_long(const char *purpose);
> extern unsigned long page_offset_base;
> extern unsigned long vmalloc_base;
> extern unsigned long vmemmap_base;
> +extern unsigned long kernel_mapping_size;
>
> void kernel_randomize_memory(void);
> #else
> diff --git a/arch/x86/include/asm/page_64_types.h b/arch/x86/include/asm/page_64_types.h
> index 62a20ea..b8e79d7 100644
> --- a/arch/x86/include/asm/page_64_types.h
> +++ b/arch/x86/include/asm/page_64_types.h
> @@ -49,18 +49,21 @@
> #define __PHYSICAL_MASK_SHIFT 46
> #define __VIRTUAL_MASK_SHIFT 47
>
> +
> +/*
> + * Kernel image size is limited to 512 MB. The kernel code+data+bss
> + * must not be bigger than that.
> + */
> +#define KERNEL_IMAGE_SIZE (512 * 1024 * 1024)
> +
> /*
> - * Kernel image size is limited to 1GiB due to the fixmap living in the
> - * next 1GiB (see level2_kernel_pgt in arch/x86/kernel/head_64.S). Use
> - * 512MiB by default, leaving 1.5GiB for modules once the page tables
> + * Kernel mapping size is limited to 1GiB due to the fixmap living in
> + * the next 1GiB (see level2_kernel_pgt in arch/x86/kernel/head_64.S).
> + * Use 512MiB by default, leaving 1.5GiB for modules once the page tables
> * are fully set up. If kernel ASLR is configured, it can extend the
> * kernel page table mapping, reducing the size of the modules area.
> */
> #define KERNEL_MAPPING_SIZE_EXT (1024 * 1024 * 1024)
> -#if defined(CONFIG_RANDOMIZE_BASE)
> -#define KERNEL_IMAGE_SIZE KERNEL_MAPPING_SIZE_EXT
> -#else
> -#define KERNEL_IMAGE_SIZE (512 * 1024 * 1024)
> -#endif
> +#define KERNEL_MAPPING_SIZE kernel_mapping_size
After applying these patches I'm getting:
CC arch/x86/kernel/setup.o
In file included from ./arch/x86/include/asm/page_types.h:47:0,
from ./arch/x86/include/asm/page.h:8,
from ./arch/x86/include/asm/thread_info.h:11,
from ./include/linux/thread_info.h:58,
from ./arch/x86/include/asm/preempt.h:6,
from ./include/linux/preempt.h:59,
from ./include/linux/spinlock.h:50,
from ./include/linux/seqlock.h:35,
from ./include/linux/time.h:5,
from ./include/uapi/linux/timex.h:56,
from ./include/linux/timex.h:56,
from ./include/linux/sched.h:19,
from arch/x86/kernel/setup.c:24:
arch/x86/kernel/setup.c: In function ‘dump_kernel_offset’:
./arch/x86/include/asm/page_64_types.h:67:29: error: ‘kernel_mapping_size’ undeclared (first use in this function)
#define KERNEL_MAPPING_SIZE kernel_mapping_size
^
./arch/x86/include/asm/pgtable_64_types.h:69:48: note: in expansion of macro ‘KERNEL_MAPPING_SIZE’
#define MODULES_VADDR (__START_KERNEL_map + KERNEL_MAPPING_SIZE)
^~~~~~~~~~~~~~~~~~~
./include/linux/printk.h:271:35: note: in expansion of macro ‘MODULES_VADDR’
printk(KERN_EMERG pr_fmt(fmt), ##__VA_ARGS__)
^~~~~~~~~~~
arch/x86/kernel/setup.c:826:3: note: in expansion of macro ‘pr_emerg’
pr_emerg("Kernel Offset: 0x%lx from 0x%lx (relocation range: 0x%lx-0x%lx)\n",
^~~~~~~~
./arch/x86/include/asm/page_64_types.h:67:29: note: each undeclared identifier is reported only once for each function it appears in
#define KERNEL_MAPPING_SIZE kernel_mapping_size
^
./arch/x86/include/asm/pgtable_64_types.h:69:48: note: in expansion of macro ‘KERNEL_MAPPING_SIZE’
#define MODULES_VADDR (__START_KERNEL_map + KERNEL_MAPPING_SIZE)
^~~~~~~~~~~~~~~~~~~
./include/linux/printk.h:271:35: note: in expansion of macro ‘MODULES_VADDR’
printk(KERN_EMERG pr_fmt(fmt), ##__VA_ARGS__)
^~~~~~~~~~~
arch/x86/kernel/setup.c:826:3: note: in expansion of macro ‘pr_emerg’
pr_emerg("Kernel Offset: 0x%lx from 0x%lx (relocation range: 0x%lx-0x%lx)\n",
^~~~~~~~
scripts/Makefile.build:293: recipe for target 'arch/x86/kernel/setup.o' failed
make[2]: *** [arch/x86/kernel/setup.o] Error 1
scripts/Makefile.build:544: recipe for target 'arch/x86/kernel' failed
make[1]: *** [arch/x86/kernel] Error 2
Makefile:988: recipe for target 'arch/x86' failed
make: *** [arch/x86] Error 2
here with disabled CONFIG_RANDOMIZE_MEMORY.
next prev parent reply other threads:[~2016-12-08 8:18 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-08 7:56 [PATCH 0/2] Determine kernel text mapping size at runtime for x86_64 Baoquan He
2016-12-08 7:56 ` [PATCH 1/2] x86/64: Make kernel text mapping always take one whole page table in early boot code Baoquan He
2016-12-08 8:24 ` Alexnader Kuleshov
2016-12-08 8:40 ` Baoquan He
2016-12-08 7:56 ` [PATCH 2/2] x86/KASLR/64: Determine kernel text mapping size at runtime Baoquan He
2016-12-08 8:17 ` Alexnader Kuleshov [this message]
2016-12-08 8:25 ` Baoquan He
2016-12-08 9:41 ` kbuild test robot
2016-12-08 13:41 ` Baoquan He
2016-12-08 9:41 ` kbuild test robot
2016-12-08 18:31 ` [PATCH 0/2] Determine kernel text mapping size at runtime for x86_64 Kees Cook
2016-12-08 19:00 ` Dave Anderson
2016-12-10 1:32 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161208081750.GA3998@localhost.localdomain \
--to=kuleshovmail@gmail.com \
--cc=anderson@redhat.com \
--cc=bhe@redhat.com \
--cc=bp@suse.de \
--cc=dyoung@redhat.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=thgarnie@google.com \
--cc=x86@kernel.org \
--cc=xlpang@redhat.com \
--cc=yinghai@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.