Re: [PATCH v4 0/4] x86/boot/KASLR: Parse ACPI table and limit kaslr in immovable memory.
From: Chao Fan
Date: Wed Aug 01 2018 - 21:19:57 EST
Sorry for disturbance, no reply for a week, any comments?
On Mon, Jul 23, 2018 at 05:29:04PM +0800, Chao Fan wrote:
>People reported that kaslr may randomly chooses some positions
>which are located in movable memory regions. This will break memory
>hotplug feature and make the memory can't be removed.
>There should be a method to limit kaslr to choosing immovable memory
>regions, so there are 2 solutions:
>1) Add a kernel parameter to specify the memory regions.
>2) Get the information of memory hotremove, then kaslr will know the
> right regions.
>In method 2, information about memory hot remove is in ACPI
>tables, which will be parsed after 'start_kernel', kaslr can't get
>In method 1, users should know the regions address and specify in
>In the earliest time, I tried to dig ACPI tabls to solve this problem.
>But I didn't splite the code in 'compressed/' and ACPI code, so the patch
>is hard to follow so refused by community.
>Somebody suggest to add a kernel parameter to specify the
>immovable memory so that limit kaslr in these regions. Then I make
>a patchset. After several versions, Ingo gave a suggestion:
>Follow Ingo's suggestion, imitate the ACPI code to parse the acpi
>tables, so that the kaslr can get necessary memory information in
>Since I think ACPI code is independent part, so copy the codes
>and functions to 'compressed/' directory, so that kaslr won't
>influence the initialization of ACPI.
>PATCH 1/4 Reuse the head file of linux/acpi.h, and copy a fcuntion from
> ACPI code.
>PATCH 2/4 Functions to parse ACPI code.
>PATCH 3/4 If 'CONFIG_MEMORY_HOTREMOVE' specified, walk all nodes and
> store the information of immovable memory regions.
>PATCH 4/4 According to the immovable memory regions, filter the
> immovable regions which KASLR can choose.
> - I did a very simple test, and it can get the memory information in
> bios and efi KVM guest machine, and put it by early printk. But no
> more tests, so it's with RFC tag.
> - Simplify some code.
>Follow Baoquan He's suggestion:
> - Reuse the head file of acpi code.
> - Test in more conditions, so remove the 'RFC' tag.
> - Change some comments.
>Follow Thomas Gleixner's suggetsion:
> - Put the whole efi related function into #define CONFIG_EFI and return
> false in the other stub.
> - Simplify two functions in head file.
>Any comments will be welcome.
>Chao Fan (4):
> x86/boot: Add acpitb.h to help parse acpi tables
> x86/boot: Add acpitb.c to parse acpi tables
> x86/boot/KASLR: Walk srat tables to filter immovable memory
> x86/boot/KASLR: Limit kaslr to choosing the immovable memory
> arch/x86/boot/compressed/Makefile | 4 +
> arch/x86/boot/compressed/acpitb.c | 251 ++++++++++++++++++++++++++++++
> arch/x86/boot/compressed/acpitb.h | 7 +
> arch/x86/boot/compressed/kaslr.c | 121 ++++++++++++--
> 4 files changed, 372 insertions(+), 11 deletions(-)
> create mode 100644 arch/x86/boot/compressed/acpitb.c
> create mode 100644 arch/x86/boot/compressed/acpitb.h