From: Chao Fan <fanc.fnst@cn.fujitsu.com>
To: Baoquan He <bhe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>,
Luiz Capitulino <lcapitulino@redhat.com>,
LKML <linux-kernel@vger.kernel.org>, X86 ML <x86@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, <yasu.isimatu@gmail.com>,
<indou.takao@jp.fujitsu.com>, <caoj.fnst@cn.fujitsu.com>,
Dou Liyang <douly.fnst@cn.fujitsu.com>
Subject: Re: KASLR may break some kernel features (was Re: [PATCH v5 1/4] kaslr: add immovable_mem=nn[KMG]@ss[KMG] to specify extracting memory)
Date: Fri, 12 Jan 2018 10:47:53 +0800 [thread overview]
Message-ID: <20180112024752.GC13719@localhost.localdomain> (raw)
In-Reply-To: <20180112023152.GB9648@localhost.localdomain>
On Fri, Jan 12, 2018 at 10:31:52AM +0800, Baoquan He wrote:
>On 01/11/18 at 10:04am, Kees Cook wrote:
>> On Thu, Jan 11, 2018 at 1:00 AM, Baoquan He <bhe@redhat.com> wrote:
>> > Hi Luiz,
>> >
>> > On 01/04/18 at 11:21am, Luiz Capitulino wrote:
>> >> Having a generic kaslr parameter to control where the kernel is extracted
>> >> is one solution for this problem.
>> >>
>> >> The general problem statement is that KASLR may break some kernel features
>> >> depending on where the kernel is extracted. Two examples are hot-plugged
>> >> memory (this series) and 1GB HugeTLB pages.
>> >>
>> >> The 1GB HugeTLB page issue is not specific to KVM guests. It just happens
>> >> that there's a bunch of people running guests with up to 5GB of memory and
>> >> with that amount of memory you have one or two 1GB pages and is easier for
>> >> KASLR to extract the kernel into a 1GB region and split a 1GB page. So,
>> >> you may not get any 1GB pages at all when this happens. However, I can also
>> >> reproduce this on bare-metal with lots of memory where I can loose a 1GB
>> >> page from time to time.
>> >>
>> >> Having a kaslr_range= parameter solves both issues, but two major drawbacks
>> >> is that it breaks existing setups and I guess users will have a very hard
>> >> time choosing good ranges.
>> >>
>> >> Another idea would be to have a CONFIG_KASLR_RANGES, where each arch
>> >> could have a list of ranges known to contain holes and/or immovable
>> >> memory and only extract the kernel into those ranges.
>> >
>> > If add CONFIG_KASLR_RANGES, then a distro like RHEL will have this range
>> > always, whether people need hugetlb or not.
>> >
>> > So in this case, what range do we need to avoid? Only [1G, 2G]?
>>
>> Any ranges like that that need to be avoided should be known at build
>> time, so they should simply be added to the mem_avoid list that is
>> already present in the KASLR code...
>
>Seems KASLR doesn't have an solution which allow user to specify avoided
>range for kernel text KASLR stage only. The memmap="!#$" can add range to
>mem_avoid, while it will make them not added to e820.
>
How about adding a new option, like "huge_page=nn@ss". Fill the regions
to mem_avoid. But this parameter will only be parsed in kaslr period.
The followed handlling of memmap will not be excuted.
Thanks,
Chao Fan
>Here like this hugetlb case, Luiz wants kernel to avoid the [2G, 3G)
>candidate position for hugetlb allocation, meanwhile wants it to be
>added to mm subsystem later.
>
>Thanks
>Baoquan
>
>
>
next prev parent reply other threads:[~2018-01-12 2:49 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-04 8:02 [PATCH v5 0/4] kaslr: add parameter immovable_mem=nn[KMG]@ss[KMG] to make memory hotplug work well with kaslr Chao Fan
2018-01-04 8:02 ` [PATCH v5 1/4] kaslr: add immovable_mem=nn[KMG]@ss[KMG] to specify extracting memory Chao Fan
2018-01-04 10:30 ` Baoquan He
2018-01-04 16:21 ` KASLR may break some kernel features (was Re: [PATCH v5 1/4] kaslr: add immovable_mem=nn[KMG]@ss[KMG] to specify extracting memory) Luiz Capitulino
2018-01-11 9:00 ` Baoquan He
2018-01-11 18:04 ` Kees Cook
2018-01-12 2:00 ` Chao Fan
2018-01-12 2:31 ` Baoquan He
2018-01-12 2:47 ` Chao Fan [this message]
2018-01-12 18:52 ` Luiz Capitulino
2018-01-13 4:02 ` Baoquan He
2018-01-13 5:06 ` Chao Fan
2018-01-31 2:18 ` Baoquan He
2018-01-05 2:58 ` [PATCH v5 1/4] kaslr: add immovable_mem=nn[KMG]@ss[KMG] to specify extracting memory Chao Fan
2018-01-08 14:39 ` Luiz Capitulino
2018-01-09 1:36 ` Chao Fan
2018-01-04 8:02 ` [PATCH v5 2/4] kaslr: calculate the memory region in immovable node Chao Fan
2018-01-04 8:02 ` [PATCH v5 3/4] kaslr: disable memory mirror feature when movable_node Chao Fan
2018-01-04 8:02 ` [PATCH v5 4/4] document: change the document for immovable_mem Chao Fan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180112024752.GC13719@localhost.localdomain \
--to=fanc.fnst@cn.fujitsu.com \
--cc=bhe@redhat.com \
--cc=caoj.fnst@cn.fujitsu.com \
--cc=douly.fnst@cn.fujitsu.com \
--cc=hpa@zytor.com \
--cc=indou.takao@jp.fujitsu.com \
--cc=keescook@chromium.org \
--cc=lcapitulino@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=yasu.isimatu@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox