Re: [PATCH v9 0/5] x86/KASLR: Add parameter kaslr_boot_mem=nn[KMG]@ss[KMG]

From: Dou Liyang
Date: Wed Mar 28 2018 - 21:47:17 EST

Next message: Davidlohr Bueso: "Re: [PATCH v4 2/2] locking/debug: Restructure the lock debugging menu"
Previous message: Tyler Hicks: "Re: [PATCH] ecryptfs: fix spelling mistake: "cadidate" -> "candidate""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Ingo, Kees, Baoquan and Chao

At 03/12/2018 06:57 PM, Ingo Molnar wrote:
[...]

So there's apparently a mis-design here:

- KASLR needs to be done very early on during bootup: - it's not realistic to
expect KASLR to be done with a booted up kernel, because pointers to various
KASLR-ed objects are already widely spread out in memory.

- But for some unfathomable reason the memory hotplug attribute of memory
regions is not part of the regular memory map but part of late-init ACPI data
structures.

The right solution would be _not_ to fudge the KASLR location, but to provide the
memory hotplug information to early code, preferably via the primary memory map.
KASLR can then make use of it and avoid those regions, just like it avoids other
memory regions already.

In addition to that hardware makers (including virtualized hardware) should also
fix their systems to provide memory hotplug information to early code.

Yes, but before this, can we fix this problem by the following patch which has been sent and reviewed by Kees before[1]. its solution is:

Â Extend movable_node option to restrict kernel to be randomized in
Â immovable nodes by adding a parameter. this parameter sets up
Â the boundaries between the home nodes and other nodes.

My reason is here:

Â - What we really want to solve is the KASLR breaks *physical Node
Â Â hotplug*, Keep the decompressed kernel in an immovable node is
Â Â enough.

Â - AFAICS, there are not too many systems where physical Node hotplug
actually works in practice, and there mush be one node called *home
Â Â node* which is immovable for storing basic information.

Â - the node in modern systems could have double-digit gigabytes memory,
Â Â It can completely satisfy the operation of KASLR.

So, Just restrict kernel to be randomized in the home node, and ignore
other nodes when kernel has the *movable_node* option in the command
line.

Thoughts? may I rebase and resend the patch?

[1] https://lkml.org/lkml/2017/8/3/401

Thanks,

dou

Next message: Davidlohr Bueso: "Re: [PATCH v4 2/2] locking/debug: Restructure the lock debugging menu"
Previous message: Tyler Hicks: "Re: [PATCH] ecryptfs: fix spelling mistake: "cadidate" -> "candidate""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]