From: Baoquan He <bhe@redhat.com>
To: Kees Cook <keescook@chromium.org>
Cc: Kazuhito Hagio <k-hagio@ab.jp.nec.com>,
James Morse <james.morse@arm.com>,
Bhupesh Sharma <bhsharma@redhat.com>, X86 ML <x86@kernel.org>,
Kexec Mailing List <kexec@lists.infradead.org>,
LKML <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@kernel.org>, Borislav Petkov <bp@alien8.de>,
Dave Anderson <anderson@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Bhupesh SHARMA <bhupesh.linux@gmail.com>,
Omar Sandoval <osandov@fb.com>,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>
Subject: Re: [PATCH v2] x86_64, vmcoreinfo: Append 'page_offset_base' to vmcoreinfo
Date: Wed, 28 Nov 2018 09:39:49 +0800 [thread overview]
Message-ID: <20181128013949.GH1824@MiWiFi-R3L-srv> (raw)
In-Reply-To: <CAGXu5jJzVMmqJ9JvFqDhDx=QShiWisWO0bY49cD5r-7By5dxFg@mail.gmail.com>
On 11/27/18 at 04:39pm, Kees Cook wrote:
> >> >> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> >> >> index 4c8acdfdc5a7..6161d77c5bfb 100644
> >> >> --- a/arch/x86/kernel/machine_kexec_64.c
> >> >> +++ b/arch/x86/kernel/machine_kexec_64.c
> >> >> @@ -356,6 +356,9 @@ void arch_crash_save_vmcoreinfo(void)
> >> >> VMCOREINFO_SYMBOL(init_top_pgt);
> >> >> vmcoreinfo_append_str("NUMBER(pgtable_l5_enabled)=%d\n",
> >> >> pgtable_l5_enabled());
> >> >> +#ifdef CONFIG_RANDOMIZE_BASE
>
> Okay, gotcha. In that case, shouldn't this be CONFIG_RANDOMIZE_MEMORY?
Currently, Kirill added level5 support to x86_64, and kernel with level5
enabled can be boot switched into level4 or level5 with kernel option
"no5lvl". So page_offset_base will be changed accordingly. You can see
code pasted at bottom, DYNAMIC_MEMORY_LAYOUT is added for this change,
not only KASLR, but 5LEVEL.
If only put it inside ifdef CONFIG_RANDOMIZE_MEMORY, change between l4
and l5 will force us to decide page_offset again if
CONFIG_RANDOMIZE_MEMORY or CONFIG_RANDOMIZE_BASE is not set. Besides,
below commit change the starting address of the direct mapping again, if
only judge CONFIG_RANDOMIZE_MEMORY, in case KASLR is disabled, code in
userspace may need many if-else checking as below. So if we pass, better
pass it for all.
get_page_offset()
{
if(get_page_offset_from_vmcoreinfo()) {
xxx //in KASLR case
return;
} else if (check_5level_paging()) {
if (version < 4.21) {
page_offset = 0xff10000000000000;
} else //version > = 4.21
{
page_offset = 0xff11000000000000;
}
} else { //4level
if (version < 2.6.27) {
page_offset = 0xffff810000000000;
} else if (version < 4.21) {
page_offset = 0xffff880000000000;
} else //version > = 4.21
{
page_offset = 0xffff888000000000,;
}
}
}
Sign, seeing above code, I still think that deducing it from
kcore/vmcore elf header is better. Can't we be better to ourselves?
commit d52888aa2753e3063a9d3a0c9f72f94aa9809c15
Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Date: Fri Oct 26 15:28:54 2018 +0300
x86/mm: Move LDT remap out of KASLR region on 5-level paging
[bhe@ linux]$ git describe --contains d52888aa2753e3063a9d3a0c9f72f94aa9809c15
v4.20-rc2~5^2~4
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#ifdef CONFIG_DYNAMIC_MEMORY_LAYOUT
unsigned long page_offset_base __ro_after_init = __PAGE_OFFSET_BASE_L4;
EXPORT_SYMBOL(page_offset_base);
unsigned long vmalloc_base __ro_after_init = __VMALLOC_BASE_L4;
EXPORT_SYMBOL(vmalloc_base);
unsigned long vmemmap_base __ro_after_init = __VMEMMAP_BASE_L4;
EXPORT_SYMBOL(vmemmap_base);
#endif
config DYNAMIC_MEMORY_LAYOUT
bool
---help---
This option makes base addresses of vmalloc and vmemmap as well as
__PAGE_OFFSET movable during boot.
config RANDOMIZE_MEMORY
bool "Randomize the kernel memory sections"
depends on X86_64
depends on RANDOMIZE_BASE
select DYNAMIC_MEMORY_LAYOUT
default RANDOMIZE_BASE
config X86_5LEVEL
bool "Enable 5-level page tables support"
select DYNAMIC_MEMORY_LAYOUT
select SPARSEMEM_VMEMMAP
depends on X86_64
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: bhe@redhat.com (Baoquan He)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v2] x86_64, vmcoreinfo: Append 'page_offset_base' to vmcoreinfo
Date: Wed, 28 Nov 2018 09:39:49 +0800 [thread overview]
Message-ID: <20181128013949.GH1824@MiWiFi-R3L-srv> (raw)
In-Reply-To: <CAGXu5jJzVMmqJ9JvFqDhDx=QShiWisWO0bY49cD5r-7By5dxFg@mail.gmail.com>
On 11/27/18 at 04:39pm, Kees Cook wrote:
> >> >> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> >> >> index 4c8acdfdc5a7..6161d77c5bfb 100644
> >> >> --- a/arch/x86/kernel/machine_kexec_64.c
> >> >> +++ b/arch/x86/kernel/machine_kexec_64.c
> >> >> @@ -356,6 +356,9 @@ void arch_crash_save_vmcoreinfo(void)
> >> >> VMCOREINFO_SYMBOL(init_top_pgt);
> >> >> vmcoreinfo_append_str("NUMBER(pgtable_l5_enabled)=%d\n",
> >> >> pgtable_l5_enabled());
> >> >> +#ifdef CONFIG_RANDOMIZE_BASE
>
> Okay, gotcha. In that case, shouldn't this be CONFIG_RANDOMIZE_MEMORY?
Currently, Kirill added level5 support to x86_64, and kernel with level5
enabled can be boot switched into level4 or level5 with kernel option
"no5lvl". So page_offset_base will be changed accordingly. You can see
code pasted at bottom, DYNAMIC_MEMORY_LAYOUT is added for this change,
not only KASLR, but 5LEVEL.
If only put it inside ifdef CONFIG_RANDOMIZE_MEMORY, change between l4
and l5 will force us to decide page_offset again if
CONFIG_RANDOMIZE_MEMORY or CONFIG_RANDOMIZE_BASE is not set. Besides,
below commit change the starting address of the direct mapping again, if
only judge CONFIG_RANDOMIZE_MEMORY, in case KASLR is disabled, code in
userspace may need many if-else checking as below. So if we pass, better
pass it for all.
get_page_offset()
{
if(get_page_offset_from_vmcoreinfo()) {
xxx //in KASLR case
return;
} else if (check_5level_paging()) {
if (version < 4.21) {
page_offset = 0xff10000000000000;
} else //version > = 4.21
{
page_offset = 0xff11000000000000;
}
} else { //4level
if (version < 2.6.27) {
page_offset = 0xffff810000000000;
} else if (version < 4.21) {
page_offset = 0xffff880000000000;
} else //version > = 4.21
{
page_offset = 0xffff888000000000,;
}
}
}
Sign, seeing above code, I still think that deducing it from
kcore/vmcore elf header is better. Can't we be better to ourselves?
commit d52888aa2753e3063a9d3a0c9f72f94aa9809c15
Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Date: Fri Oct 26 15:28:54 2018 +0300
x86/mm: Move LDT remap out of KASLR region on 5-level paging
[bhe@ linux]$ git describe --contains d52888aa2753e3063a9d3a0c9f72f94aa9809c15
v4.20-rc2~5^2~4
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#ifdef CONFIG_DYNAMIC_MEMORY_LAYOUT
unsigned long page_offset_base __ro_after_init = __PAGE_OFFSET_BASE_L4;
EXPORT_SYMBOL(page_offset_base);
unsigned long vmalloc_base __ro_after_init = __VMALLOC_BASE_L4;
EXPORT_SYMBOL(vmalloc_base);
unsigned long vmemmap_base __ro_after_init = __VMEMMAP_BASE_L4;
EXPORT_SYMBOL(vmemmap_base);
#endif
config DYNAMIC_MEMORY_LAYOUT
bool
---help---
This option makes base addresses of vmalloc and vmemmap as well as
__PAGE_OFFSET movable during boot.
config RANDOMIZE_MEMORY
bool "Randomize the kernel memory sections"
depends on X86_64
depends on RANDOMIZE_BASE
select DYNAMIC_MEMORY_LAYOUT
default RANDOMIZE_BASE
config X86_5LEVEL
bool "Enable 5-level page tables support"
select DYNAMIC_MEMORY_LAYOUT
select SPARSEMEM_VMEMMAP
depends on X86_64
WARNING: multiple messages have this Message-ID (diff)
From: Baoquan He <bhe@redhat.com>
To: Kees Cook <keescook@chromium.org>
Cc: Borislav Petkov <bp@alien8.de>,
Kazuhito Hagio <k-hagio@ab.jp.nec.com>,
Bhupesh Sharma <bhsharma@redhat.com>, X86 ML <x86@kernel.org>,
Kexec Mailing List <kexec@lists.infradead.org>,
LKML <linux-kernel@vger.kernel.org>,
Omar Sandoval <osandov@fb.com>,
Dave Anderson <anderson@redhat.com>,
James Morse <james.morse@arm.com>,
Thomas Gleixner <tglx@linutronix.de>,
Bhupesh SHARMA <bhupesh.linux@gmail.com>,
Ingo Molnar <mingo@kernel.org>,
linux-arm-kernel <linux-arm-kernel@lists.infradead.org>
Subject: Re: [PATCH v2] x86_64, vmcoreinfo: Append 'page_offset_base' to vmcoreinfo
Date: Wed, 28 Nov 2018 09:39:49 +0800 [thread overview]
Message-ID: <20181128013949.GH1824@MiWiFi-R3L-srv> (raw)
In-Reply-To: <CAGXu5jJzVMmqJ9JvFqDhDx=QShiWisWO0bY49cD5r-7By5dxFg@mail.gmail.com>
On 11/27/18 at 04:39pm, Kees Cook wrote:
> >> >> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> >> >> index 4c8acdfdc5a7..6161d77c5bfb 100644
> >> >> --- a/arch/x86/kernel/machine_kexec_64.c
> >> >> +++ b/arch/x86/kernel/machine_kexec_64.c
> >> >> @@ -356,6 +356,9 @@ void arch_crash_save_vmcoreinfo(void)
> >> >> VMCOREINFO_SYMBOL(init_top_pgt);
> >> >> vmcoreinfo_append_str("NUMBER(pgtable_l5_enabled)=%d\n",
> >> >> pgtable_l5_enabled());
> >> >> +#ifdef CONFIG_RANDOMIZE_BASE
>
> Okay, gotcha. In that case, shouldn't this be CONFIG_RANDOMIZE_MEMORY?
Currently, Kirill added level5 support to x86_64, and kernel with level5
enabled can be boot switched into level4 or level5 with kernel option
"no5lvl". So page_offset_base will be changed accordingly. You can see
code pasted at bottom, DYNAMIC_MEMORY_LAYOUT is added for this change,
not only KASLR, but 5LEVEL.
If only put it inside ifdef CONFIG_RANDOMIZE_MEMORY, change between l4
and l5 will force us to decide page_offset again if
CONFIG_RANDOMIZE_MEMORY or CONFIG_RANDOMIZE_BASE is not set. Besides,
below commit change the starting address of the direct mapping again, if
only judge CONFIG_RANDOMIZE_MEMORY, in case KASLR is disabled, code in
userspace may need many if-else checking as below. So if we pass, better
pass it for all.
get_page_offset()
{
if(get_page_offset_from_vmcoreinfo()) {
xxx //in KASLR case
return;
} else if (check_5level_paging()) {
if (version < 4.21) {
page_offset = 0xff10000000000000;
} else //version > = 4.21
{
page_offset = 0xff11000000000000;
}
} else { //4level
if (version < 2.6.27) {
page_offset = 0xffff810000000000;
} else if (version < 4.21) {
page_offset = 0xffff880000000000;
} else //version > = 4.21
{
page_offset = 0xffff888000000000,;
}
}
}
Sign, seeing above code, I still think that deducing it from
kcore/vmcore elf header is better. Can't we be better to ourselves?
commit d52888aa2753e3063a9d3a0c9f72f94aa9809c15
Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Date: Fri Oct 26 15:28:54 2018 +0300
x86/mm: Move LDT remap out of KASLR region on 5-level paging
[bhe@ linux]$ git describe --contains d52888aa2753e3063a9d3a0c9f72f94aa9809c15
v4.20-rc2~5^2~4
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#ifdef CONFIG_DYNAMIC_MEMORY_LAYOUT
unsigned long page_offset_base __ro_after_init = __PAGE_OFFSET_BASE_L4;
EXPORT_SYMBOL(page_offset_base);
unsigned long vmalloc_base __ro_after_init = __VMALLOC_BASE_L4;
EXPORT_SYMBOL(vmalloc_base);
unsigned long vmemmap_base __ro_after_init = __VMEMMAP_BASE_L4;
EXPORT_SYMBOL(vmemmap_base);
#endif
config DYNAMIC_MEMORY_LAYOUT
bool
---help---
This option makes base addresses of vmalloc and vmemmap as well as
__PAGE_OFFSET movable during boot.
config RANDOMIZE_MEMORY
bool "Randomize the kernel memory sections"
depends on X86_64
depends on RANDOMIZE_BASE
select DYNAMIC_MEMORY_LAYOUT
default RANDOMIZE_BASE
config X86_5LEVEL
bool "Enable 5-level page tables support"
select DYNAMIC_MEMORY_LAYOUT
select SPARSEMEM_VMEMMAP
depends on X86_64
next prev parent reply other threads:[~2018-11-28 1:39 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-15 21:47 [PATCH v2] x86_64, vmcoreinfo: Append 'page_offset_base' to vmcoreinfo Bhupesh Sharma
2018-11-15 21:47 ` Bhupesh Sharma
2018-11-15 21:47 ` Bhupesh Sharma
2018-11-19 21:07 ` Kazuhito Hagio
2018-11-19 21:07 ` Kazuhito Hagio
2018-11-19 21:07 ` Kazuhito Hagio
2018-11-21 7:37 ` Bhupesh Sharma
2018-11-21 7:37 ` Bhupesh Sharma
2018-11-21 7:37 ` Bhupesh Sharma
2018-11-21 11:39 ` Borislav Petkov
2018-11-21 11:39 ` Borislav Petkov
2018-11-21 11:39 ` Borislav Petkov
2018-11-24 20:06 ` Bhupesh Sharma
2018-11-24 20:06 ` Bhupesh Sharma
2018-11-24 20:06 ` Bhupesh Sharma
2018-11-25 10:19 ` Baoquan He
2018-11-25 10:19 ` Baoquan He
2018-11-25 10:19 ` Baoquan He
2018-11-27 22:16 ` Kees Cook
2018-11-27 22:16 ` Kees Cook
2018-11-27 22:16 ` Kees Cook
2018-11-27 23:29 ` Baoquan He
2018-11-27 23:29 ` Baoquan He
2018-11-27 23:29 ` Baoquan He
2018-11-28 0:39 ` Kees Cook
2018-11-28 0:39 ` Kees Cook
2018-11-28 0:39 ` Kees Cook
2018-11-28 1:39 ` Baoquan He [this message]
2018-11-28 1:39 ` Baoquan He
2018-11-28 1:39 ` Baoquan He
2018-11-28 1:57 ` Baoquan He
2018-11-28 1:57 ` Baoquan He
2018-11-28 1:57 ` Baoquan He
2018-11-28 4:26 ` Bhupesh Sharma
2018-11-28 4:26 ` Bhupesh Sharma
2018-11-28 4:26 ` Bhupesh Sharma
2018-11-28 11:38 ` Dave Young
2018-11-28 11:38 ` Dave Young
2018-11-28 11:38 ` Dave Young
2018-11-26 1:28 ` Baoquan He
2018-11-26 1:28 ` Baoquan He
2018-11-26 1:28 ` Baoquan He
2018-11-26 19:31 ` Bhupesh Sharma
2018-11-26 19:31 ` Bhupesh Sharma
2018-11-26 19:31 ` Bhupesh Sharma
2018-11-27 6:48 ` Baoquan He
2018-11-27 6:48 ` Baoquan He
2018-11-27 6:48 ` Baoquan He
2018-11-27 7:15 ` Baoquan He
2018-11-27 7:15 ` Baoquan He
2018-11-27 7:15 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181128013949.GH1824@MiWiFi-R3L-srv \
--to=bhe@redhat.com \
--cc=anderson@redhat.com \
--cc=bhsharma@redhat.com \
--cc=bhupesh.linux@gmail.com \
--cc=bp@alien8.de \
--cc=james.morse@arm.com \
--cc=k-hagio@ab.jp.nec.com \
--cc=keescook@chromium.org \
--cc=kexec@lists.infradead.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=osandov@fb.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.