Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S966258AbeAOOJo (ORCPT + 1 other); Mon, 15 Jan 2018 09:09:44 -0500 Received: from mail.cn.fujitsu.com ([183.91.158.132]:48728 "EHLO heian.cn.fujitsu.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S965870AbeAOMlQ (ORCPT ); Mon, 15 Jan 2018 07:41:16 -0500 X-IronPort-AV: E=Sophos;i="5.43,368,1503331200"; d="scan'208";a="35325131" From: Chao Fan To: , , , , , , , CC: , , Chao Fan Subject: [PATCH v6 0/5] kaslr: add parameter kaslr_mem=nn[KMG][@|!ss[KMG]] Date: Mon, 15 Jan 2018 20:40:11 +0800 Message-ID: <20180115124016.17683-1-fanc.fnst@cn.fujitsu.com> X-Mailer: git-send-email 2.14.3 MIME-Version: 1.0 Content-Type: text/plain X-yoursite-MailScanner-ID: E99F048AEA0B.AB031 X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: fanc.fnst@cn.fujitsu.com Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: In current code, kaslr may cause some features can't work because the wrong position choosen by kaslr for extracting kernel. So add kaslr_mem=nn[KMG][@|!ss[KMG]]. Users can specify the memory regions that choosen by kaslr with kaslr_mem=nn[KMG]@[KMG], and kaslr_mem=nn[KMG]!ss[KMG] to specify the regions where shouldn't be choosen by kaslr. Firstly, here is a problem: Here is a machine with several NUMA nodes and some of them are hot-pluggable. It's not good for kernel to be extracted in the memory region of movable node. But in current code, I print the address chosen by kaslr and found it may be placed in movable node sometimes. To solve this problem, it's better to limit the memory region chosen by kaslr to immovable node in kaslr.c. But the memory information about if it's hot-pluggable is stored in ACPI SRAT table, which is parsed after kernel is extracted. So we can't get the detail memory information before extracting kernel. So add the new parameter immovable_mem=nn@ss, in which nn means the size of memory in *immovable* node, and ss means the start position of this memory region. Then limit kaslr choose memory in these regions. There are two policies: 1. Specify the memory region in *movable* node to avoid: Then we can use the existing mem_avoid to handle. But if the memory on movable node was separated by memory hole or different movable nodes are discontinuous, we don't know how many regions need to avoid. OTOH, we must avoid all of the movable memory, otherwise, kaslr may choose the wrong place. 2. Specify the memory region in *immovable* node to select: Only support 4 regions in this parameter. Then user can use two nodes at least for kaslr to choose, it's enough for the kernel to extract. At the same time, because we need only 4 new mem_vector, the usage of memory here is not too big. So I think this way is better, and this patchset is based on this policy. Then there is another problem about 1G huge page: https://lkml.org/lkml/2018/1/4/236 KASLR may choose the memory region, which is the only suitable region for 1G huge page. So I add the new patch 5/5 to store the regions to mem_avoid. So users can specify kaslr_mem=nn!ss to store the regions that reserved for 1G huge page or other features. PATCH 1/5 parse the new parameter kaslr_mem=nn[KMG]@ss[KMG], then store the memory regions. PATCH 2/5 give a warrning if movable_node specified without kaslr_mem= PATCH 3/5 skip mirror feature if movable_node or immovable_mem specified. PATCH 4/5 calculate the memory regions and choose the regions specified. PATCH 5/5 add kaslr_mem=nn[KMG]!ss[KMG] to specify the mem_avoid. v1->v2: Follow Dou Liyang's suggestion: - Add the parse for movable_node=nn[KMG] without @ss[KMG] - Fix the bug for more than one "movable_node=" specified - Drop useless variables and use mem_vector region directely - Add more comments. v2->v3: Follow Baoquan He's suggestion: - Change names of several functions. - Add a new parameter "immovable_mem" instead of extending mvoable_node - Use the clamp to calculate the memory intersecting, which makes logical more clear. - Disable memory mirror if movable_node specified v3->v4: Follow Kees's suggestion: - Put the functions variables of immovable_mem to #ifdef CONFIG_MEMORY_HOTPLUG and change some code place - Change the name of "process_mem_region" to "slots_count" - Reanme the new function "process_immovable_mem" to "process_mem_region" Follow Baoquan's suggestion: - Fail KASLR if "movable_node" specified without "immovable_mem" - Ajust the code place of handling mem_region directely if no immovable_mem specified Follow Randy's suggestion: - Change the mistake and add detailed description for the document. v4->v5: - Change the problem reported by LKP Follow Dou's suggestion: - Also return if match "movable_node" when parsing kernel commandline in handle_mem_filter without define CONFIG_MEMORY_HOTPLUG v5->v6: - Add the last patch to save the avoid memory regions. Chao Fan (5): kaslr: add kaslr_mem=nn[KMG]@ss[KMG] to specify extracting memory kaslr: give a warning if movable_node specified without kaslr_mem= kaslr: disable memory mirror feature when movable_node kaslr: calculate the memory region in kaslr_mem kaslr: add kaslr_mem=nn[KMG]!ss[KMG] to avoid memory regions arch/x86/boot/compressed/kaslr.c | 198 ++++++++++++++++++++++++++++++++++++--- 1 file changed, 184 insertions(+), 14 deletions(-) -- 2.14.3