From: "tip-bot for Kirill A. Shutemov" <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: kirill.shutemov@linux.intel.com, luto@kernel.org, bp@alien8.de,
dave.hansen@intel.com, hpa@zytor.com, brgerst@gmail.com,
peterz@infradead.org, mingo@kernel.org,
torvalds@linux-foundation.org, linux-kernel@vger.kernel.org,
jpoimboe@redhat.com, akpm@linux-foundation.org,
luto@amacapital.net, dvlasenk@redhat.com, keescook@chromium.org,
tglx@linutronix.de
Subject: [tip:x86/mm] x86/mm: Add support for 5-level paging for KASLR
Date: Tue, 13 Jun 2017 03:10:41 -0700 [thread overview]
Message-ID: <tip-8624c1f66f0fef640d0e044ddf1eb60e77e76df6@git.kernel.org> (raw)
In-Reply-To: <20170606113133.22974-13-kirill.shutemov@linux.intel.com>
Commit-ID: 8624c1f66f0fef640d0e044ddf1eb60e77e76df6
Gitweb: http://git.kernel.org/tip/8624c1f66f0fef640d0e044ddf1eb60e77e76df6
Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
AuthorDate: Tue, 6 Jun 2017 14:31:31 +0300
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Tue, 13 Jun 2017 08:56:58 +0200
x86/mm: Add support for 5-level paging for KASLR
With 5-level paging randomization happens on P4D level instead of PUD.
Maximum amount of physical memory also bumped to 52-bits for 5-level
paging.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-arch@vger.kernel.org
Cc: linux-mm@kvack.org
Link: http://lkml.kernel.org/r/20170606113133.22974-13-kirill.shutemov@linux.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/mm/kaslr.c | 81 ++++++++++++++++++++++++++++++++++++++++-------------
1 file changed, 62 insertions(+), 19 deletions(-)
diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c
index aed2064..af59916 100644
--- a/arch/x86/mm/kaslr.c
+++ b/arch/x86/mm/kaslr.c
@@ -6,12 +6,12 @@
*
* Entropy is generated using the KASLR early boot functions now shared in
* the lib directory (originally written by Kees Cook). Randomization is
- * done on PGD & PUD page table levels to increase possible addresses. The
- * physical memory mapping code was adapted to support PUD level virtual
- * addresses. This implementation on the best configuration provides 30,000
- * possible virtual addresses in average for each memory region. An additional
- * low memory page is used to ensure each CPU can start with a PGD aligned
- * virtual address (for realmode).
+ * done on PGD & P4D/PUD page table levels to increase possible addresses.
+ * The physical memory mapping code was adapted to support P4D/PUD level
+ * virtual addresses. This implementation on the best configuration provides
+ * 30,000 possible virtual addresses in average for each memory region.
+ * An additional low memory page is used to ensure each CPU can start with
+ * a PGD aligned virtual address (for realmode).
*
* The order of each memory region is not changed. The feature looks at
* the available space for the regions based on different configuration
@@ -70,7 +70,7 @@ static __initdata struct kaslr_memory_region {
unsigned long *base;
unsigned long size_tb;
} kaslr_regions[] = {
- { &page_offset_base, 64/* Maximum */ },
+ { &page_offset_base, 1 << (__PHYSICAL_MASK_SHIFT - TB_SHIFT) /* Maximum */ },
{ &vmalloc_base, VMALLOC_SIZE_TB },
{ &vmemmap_base, 1 },
};
@@ -142,7 +142,10 @@ void __init kernel_randomize_memory(void)
*/
entropy = remain_entropy / (ARRAY_SIZE(kaslr_regions) - i);
prandom_bytes_state(&rand_state, &rand, sizeof(rand));
- entropy = (rand % (entropy + 1)) & PUD_MASK;
+ if (IS_ENABLED(CONFIG_X86_5LEVEL))
+ entropy = (rand % (entropy + 1)) & P4D_MASK;
+ else
+ entropy = (rand % (entropy + 1)) & PUD_MASK;
vaddr += entropy;
*kaslr_regions[i].base = vaddr;
@@ -151,27 +154,21 @@ void __init kernel_randomize_memory(void)
* randomization alignment.
*/
vaddr += get_padding(&kaslr_regions[i]);
- vaddr = round_up(vaddr + 1, PUD_SIZE);
+ if (IS_ENABLED(CONFIG_X86_5LEVEL))
+ vaddr = round_up(vaddr + 1, P4D_SIZE);
+ else
+ vaddr = round_up(vaddr + 1, PUD_SIZE);
remain_entropy -= entropy;
}
}
-/*
- * Create PGD aligned trampoline table to allow real mode initialization
- * of additional CPUs. Consume only 1 low memory page.
- */
-void __meminit init_trampoline(void)
+static void __meminit init_trampoline_pud(void)
{
unsigned long paddr, paddr_next;
pgd_t *pgd;
pud_t *pud_page, *pud_page_tramp;
int i;
- if (!kaslr_memory_enabled()) {
- init_trampoline_default();
- return;
- }
-
pud_page_tramp = alloc_low_page();
paddr = 0;
@@ -192,3 +189,49 @@ void __meminit init_trampoline(void)
set_pgd(&trampoline_pgd_entry,
__pgd(_KERNPG_TABLE | __pa(pud_page_tramp)));
}
+
+static void __meminit init_trampoline_p4d(void)
+{
+ unsigned long paddr, paddr_next;
+ pgd_t *pgd;
+ p4d_t *p4d_page, *p4d_page_tramp;
+ int i;
+
+ p4d_page_tramp = alloc_low_page();
+
+ paddr = 0;
+ pgd = pgd_offset_k((unsigned long)__va(paddr));
+ p4d_page = (p4d_t *) pgd_page_vaddr(*pgd);
+
+ for (i = p4d_index(paddr); i < PTRS_PER_P4D; i++, paddr = paddr_next) {
+ p4d_t *p4d, *p4d_tramp;
+ unsigned long vaddr = (unsigned long)__va(paddr);
+
+ p4d_tramp = p4d_page_tramp + p4d_index(paddr);
+ p4d = p4d_page + p4d_index(vaddr);
+ paddr_next = (paddr & P4D_MASK) + P4D_SIZE;
+
+ *p4d_tramp = *p4d;
+ }
+
+ set_pgd(&trampoline_pgd_entry,
+ __pgd(_KERNPG_TABLE | __pa(p4d_page_tramp)));
+}
+
+/*
+ * Create PGD aligned trampoline table to allow real mode initialization
+ * of additional CPUs. Consume only 1 low memory page.
+ */
+void __meminit init_trampoline(void)
+{
+
+ if (!kaslr_memory_enabled()) {
+ init_trampoline_default();
+ return;
+ }
+
+ if (IS_ENABLED(CONFIG_X86_5LEVEL))
+ init_trampoline_p4d();
+ else
+ init_trampoline_pud();
+}
next prev parent reply other threads:[~2017-06-13 10:18 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-06 11:31 [PATCHv7 00/14] x86: 5-level paging enabling for v4.13, Part 4 Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 01/14] x86/mm/gup: Switch GUP to the generic get_user_page_fast() implementation Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:04 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 02/14] x86/asm: Fix comment in return_from_SYSCALL_64 Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:05 ` [tip:x86/mm] x86/asm: Fix comment in return_from_SYSCALL_64() tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 03/14] x86/boot/efi: Cleanup initialization of GDT entries Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-08 14:00 ` Matt Fleming
2017-06-08 14:00 ` Matt Fleming
2017-06-13 10:05 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 04/14] x86/boot/efi: Fix __KERNEL_CS definition of GDT entry on 64-bit configuration Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-08 14:09 ` Matt Fleming
2017-06-08 14:09 ` Matt Fleming
2017-06-13 10:06 ` [tip:x86/mm] x86/boot/efi: Fix __KERNEL_CS definition of GDT entry on 64-bit configurations tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 05/14] x86/boot/efi: Define __KERNEL32_CS GDT " Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-08 14:18 ` Matt Fleming
2017-06-08 14:18 ` Matt Fleming
2017-06-13 10:06 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 06/14] x86/boot/compressed: Enable 5-level paging during decompression stage Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:07 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 07/14] x86/boot/64: Rewrite startup_64 in C Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:07 ` [tip:x86/mm] x86/boot/64: Rewrite startup_64() " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 08/14] x86/boot/64: Rename init_level4_pgt and early_level4_pgt Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:08 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 09/14] x86/boot/64: Add support of additional page table level during early boot Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:09 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 10/14] x86/mm: Add sync_global_pgds() for configuration with 5-level paging Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:09 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 11/14] x86/mm: Make kernel_physical_mapping_init() support " Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:10 ` [tip:x86/mm] " tip-bot for Kirill A. Shutemov
2017-06-06 11:31 ` [PATCHv7 12/14] x86/mm: Add support for 5-level paging for KASLR Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-13 10:10 ` tip-bot for Kirill A. Shutemov [this message]
2017-06-06 11:31 ` [PATCHv7 13/14] x86: Enable 5-level paging support Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-22 9:24 ` Ingo Molnar
2017-06-22 9:24 ` Ingo Molnar
2017-06-06 11:31 ` [PATCHv7 14/14] x86/mm: Allow to have userspace mappings above 47-bits Kirill A. Shutemov
2017-06-06 11:31 ` Kirill A. Shutemov
2017-06-22 8:57 ` [PATCHv7 00/14] x86: 5-level paging enabling for v4.13, Part 4 Kirill A. Shutemov
2017-06-22 8:57 ` Kirill A. Shutemov
2017-06-22 9:04 ` Ingo Molnar
2017-06-22 9:04 ` Ingo Molnar
2017-06-22 9:07 ` Kirill A. Shutemov
2017-06-22 9:07 ` Kirill A. Shutemov
2017-06-22 9:21 ` Ingo Molnar
2017-06-22 9:21 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-8624c1f66f0fef640d0e044ddf1eb60e77e76df6@git.kernel.org \
--to=tipbot@zytor.com \
--cc=akpm@linux-foundation.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=dave.hansen@intel.com \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.