Re: [PATCH] x86/boot/KASLR: Extend movable_node option for KASLR

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Baoquan He <bhe@redhat.com>
To: Dou Liyang <douly.fnst@cn.fujitsu.com>,
	Chao Fan <fanc.fnst@cn.fujitsu.com>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org, tglx@linutronix.de,
	mingo@redhat.com, hpa@zytor.com, keescook@chromium.org,
	dyoung@redhat.com, arnd@arndb.de, dave.jiang@intel.com,
	indou.takao@jp.fujitsu.com, izumi.taku@jp.fujitsu.com
Subject: Re: [PATCH] x86/boot/KASLR: Extend movable_node option for KASLR
Date: Fri, 4 Aug 2017 07:49:01 +0800	[thread overview]
Message-ID: <20170803234901.GE1874@x1> (raw)
In-Reply-To: <20170803122458.GA5913@localhost.localdomain>

On 08/03/17 at 08:24pm, Chao Fan wrote:
> It's almost another "mem=".

Then why not using 'mem=' directly?

> 
> On Thu, Aug 03, 2017 at 08:17:21PM +0800, Dou Liyang wrote:
> >movable_node is a boot-time switch to make hot-pluggable memory
> >NUMA nodes to be movable. This option is based on an assumption
> >that any node which the kernel resides in is defined as
> >un-hotpluggable. Linux can allocates memory near the kernel image
> >to try the best to keep the kernel away from hotpluggable memory
> >in the same NUMA node. So other nodes can be movable.
> >
> >But, KASLR doesn't know which node is un-hotpluggable, the all
> >hotpluggable memory ranges is recorded in ACPI SRAT table, SRAT
> >is not parsed. So, KASLR may randomize the kernel in a movable
> >node which will be immovable.
> >
> >Extend movable_node option to restrict kernel to be randomized in
> >immovable nodes by adding a parameter. this parameter sets up
> >the boundaries between the movable nodes and immovable nodes.
> >
> >Reported-by: Chao Fan <fanc.fnst@cn.fujitsu.com>
> >Signed-off-by: Dou Liyang <douly.fnst@cn.fujitsu.com>
> >---
> > Documentation/admin-guide/kernel-parameters.txt | 11 +++++++++--
> > arch/x86/boot/compressed/kaslr.c                | 19 ++++++++++++++++---
> > 2 files changed, 25 insertions(+), 5 deletions(-)
> >
> >diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> >index d9c171c..44c7e33 100644
> >--- a/Documentation/admin-guide/kernel-parameters.txt
> >+++ b/Documentation/admin-guide/kernel-parameters.txt
> >@@ -2305,7 +2305,8 @@
> > 	mousedev.yres=	[MOUSE] Vertical screen resolution, used for devices
> > 			reporting absolute coordinates, such as tablets
> > 
> >-	movablecore=nn[KMG]	[KNL,X86,IA-64,PPC] This parameter
> >+	movablecore=nn[KMG]
> >+			[KNL,X86,IA-64,PPC] This parameter
> > 			is similar to kernelcore except it specifies the
> > 			amount of memory used for migratable allocations.
> > 			If both kernelcore and movablecore is specified,
> >@@ -2315,12 +2316,18 @@
> > 			that the amount of memory usable for all allocations
> > 			is not too small.
> > 
> >-	movable_node	[KNL] Boot-time switch to make hotplugable memory
> >+	movable_node	[KNL] Boot-time switch to make hot-pluggable memory
> > 			NUMA nodes to be movable. This means that the memory
> > 			of such nodes will be usable only for movable
> > 			allocations which rules out almost all kernel
> > 			allocations. Use with caution!
> > 
> >+	movable_node=nn[KMG]
> >+			[KNL] Extend movable_node to work well with KASLR. This
> >+			parameter is the boundaries between the movable nodes
> >+			and immovable nodes, the memory which exceeds it will
> >+			be regarded as hot-pluggable.
> >+
> > 	MTD_Partition=	[MTD]
> > 			Format: <name>,<region-number>,<size>,<offset>
> > 
> >diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
> >index 91f27ab..7e2351b 100644
> >--- a/arch/x86/boot/compressed/kaslr.c
> >+++ b/arch/x86/boot/compressed/kaslr.c
> >@@ -89,7 +89,10 @@ struct mem_vector {
> > static bool memmap_too_large;
> > 
> > 
> >-/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */
> >+/*
> >+ * Store memory limit specified by the following situations:
> >+ * "mem=nn[KMG]" or "memmap=nn[KMG]" or "movable_node=nn[KMG]"
> >+ */
> > unsigned long long mem_limit = ULLONG_MAX;
> > 
> > 
> >@@ -212,7 +215,8 @@ static int handle_mem_memmap(void)
> > 	char *param, *val;
> > 	u64 mem_size;
> > 
> >-	if (!strstr(args, "memmap=") && !strstr(args, "mem="))
> >+	if (!strstr(args, "memmap=") && !strstr(args, "mem=") &&
> >+		!strstr(args, "movable_node="))
> > 		return 0;
> > 
> > 	tmp_cmdline = malloc(len + 1);
> >@@ -247,7 +251,16 @@ static int handle_mem_memmap(void)
> > 				free(tmp_cmdline);
> > 				return -EINVAL;
> > 			}
> >-			mem_limit = mem_size;
> >+			mem_limit = mem_limit > mem_size ? mem_size : mem_limit;
> >+		} else if (!strcmp(param, "movable_node")) {
> >+			char *p = val;
> >+
> >+			mem_size = memparse(p, &p);
> >+			if (mem_size == 0) {
> >+				free(tmp_cmdline);
> >+				return -EINVAL;
> >+			}
> >+			mem_limit = mem_limit > mem_size ? mem_size : mem_limit;
> > 		}
> > 	}
> > 
> >-- 
> >2.5.5
> >
> 
>

next prev parent reply	other threads:[~2017-08-03 23:49 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-03 12:17 [PATCH] x86/boot/KASLR: Extend movable_node option for KASLR Dou Liyang
2017-08-03 12:24 ` Chao Fan
2017-08-03 23:49   ` Baoquan He [this message]
2017-08-04  1:37     ` Dou Liyang
2017-08-04  2:00       ` Baoquan He
2017-08-04  2:42         ` Dou Liyang
2017-08-04  2:55           ` Baoquan He
2017-08-04  3:28             ` Dou Liyang
2017-08-08 18:34               ` YASUAKI ISHIMATSU
2017-08-09 14:44                 ` Dou Liyang
2017-08-09 16:55                   ` YASUAKI ISHIMATSU
2017-08-10  1:54                     ` Dou Liyang
2017-08-04  2:01       ` Chao Fan
2017-08-04  2:52         ` Dou Liyang
2017-08-04  3:10           ` Chao Fan
2017-08-03 22:40 ` Kees Cook
2017-08-04  1:38   ` Dou Liyang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170803234901.GE1874@x1 \
    --to=bhe@redhat.com \
    --cc=arnd@arndb.de \
    --cc=dave.jiang@intel.com \
    --cc=douly.fnst@cn.fujitsu.com \
    --cc=dyoung@redhat.com \
    --cc=fanc.fnst@cn.fujitsu.com \
    --cc=hpa@zytor.com \
    --cc=indou.takao@jp.fujitsu.com \
    --cc=izumi.taku@jp.fujitsu.com \
    --cc=keescook@chromium.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.