Received: by 10.223.176.46 with SMTP id f43csp353887wra; Thu, 18 Jan 2018 18:36:42 -0800 (PST) X-Google-Smtp-Source: ACJfBov3SzKjc86QsLHeCQcNpP4+1x+xJPQ37uSOSq6RrksuApBUqtfEQqLpjqdCO7xnwmd5Ia9T X-Received: by 10.98.190.11 with SMTP id l11mr11231700pff.32.1516329402617; Thu, 18 Jan 2018 18:36:42 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516329402; cv=none; d=google.com; s=arc-20160816; b=HdD52Q0jt1ofIBTKme5HGAN06jv+WBGUCjf5FtorHVZWD3aai6Y/3Pci32mscQsKZ2 C4uaULkn/X+8Kv5UGE6kKFMToS1moBPYDEZqtAfSssbDnOgBPwnI9EAdcuhaeNLhmXuD 2Wy7DgYVFg9M0I6Py3FMBgZKKhpqOaUdC/+2RbfwC3wXdWsjPiEZwSwCtlJersOwPwCT DuJbFS/SLLxaPRJSEDCe1HG4d7tQN/wzoInnKI90TVvdSQvNoyPwz6DbwRN5Ewei7zVK s1sdznGPBsyorkvNF/1+cWfXq7DFFwQW4vKbOJSjFyWn/HAcZV0UHloFGo8fXxydAQW7 rjXg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=Pz01jxLjIDLKksJoHJC7uS8hXnZ9/WAf+p+5EgJmNGc=; b=u8+B6KOFT+KGpGSLg+GXoYra50MZKN95UHBmcNuBMkYY806crY4nXfZmPUkJGCj/ac VlbNDtsKLjbad2lawvzHr9iKTuIARDQXg3HtefEmdrAVr6nAPWJSJXEeWAckQwyimLVv OEOXUO53K4kRqHuMOniw1QC0fYtDH7G6IuZJLBVq0gxjxSKAuETgB3VamBnKPKwMM9rj 9PnmAsKsCSPeap2eguwAVCz9iimYpMGyL+hf5XaIpy+MN5AVyWkuGuMFVly6Fadu4+S1 naFicTMO15kzMgRJa21UsM4VbiTJAWouorAF7ZXS9f5OvOxt5xvyeTZW9j6jku5NlhC9 dhCw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w9si7332166pgt.716.2018.01.18.18.36.28; Thu, 18 Jan 2018 18:36:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755188AbeASCeR (ORCPT + 99 others); Thu, 18 Jan 2018 21:34:17 -0500 Received: from mx1.redhat.com ([209.132.183.28]:37334 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752855AbeASCeL (ORCPT ); Thu, 18 Jan 2018 21:34:11 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 67CAC2D6A02; Fri, 19 Jan 2018 02:34:11 +0000 (UTC) Received: from localhost (ovpn-8-21.pek2.redhat.com [10.72.8.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D546A600C0; Fri, 19 Jan 2018 02:34:08 +0000 (UTC) Date: Fri, 19 Jan 2018 10:34:05 +0800 From: Baoquan He To: Chao Fan Cc: linux-kernel@vger.kernel.org, x86@kernel.org, hpa@zytor.com, tglx@linutronix.de, mingo@redhat.com, keescook@chromium.org, yasu.isimatu@gmail.com, indou.takao@jp.fujitsu.com, lcapitulino@redhat.com Subject: Re: [PATCH v7 1/5] x86/KASLR: Add kaslr_mem=nn[KMG]@ss[KMG] Message-ID: <20180119023405.GA1753@localhost.localdomain> References: <20180117105351.12226-1-fanc.fnst@cn.fujitsu.com> <20180117105351.12226-2-fanc.fnst@cn.fujitsu.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180117105351.12226-2-fanc.fnst@cn.fujitsu.com> User-Agent: Mutt/1.9.1 (2017-09-22) X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Fri, 19 Jan 2018 02:34:11 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 01/17/18 at 06:53pm, Chao Fan wrote: > Introduce a new kernel parameter kaslr_mem=nn[KMG]@ss[KMG] which is used > by KASLR only during kernel decompression stage. > > Users can use it to specify memory regions where kernel can be randomized > into. E.g if movable_node specified in kernel cmdline, kernel could be ~ remove 'into' > extracted into those movable regions, this will make memory hotplug fail. > With the help of 'kaslr_mem=', limit kernel in those immovable regions > specified. > > Signed-off-by: Chao Fan > --- > arch/x86/boot/compressed/kaslr.c | 73 ++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 70 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c > index 8199a6187251..b21741135673 100644 > --- a/arch/x86/boot/compressed/kaslr.c > +++ b/arch/x86/boot/compressed/kaslr.c > @@ -108,6 +108,15 @@ enum mem_avoid_index { > > static struct mem_vector mem_avoid[MEM_AVOID_MAX]; > > +/* Only support at most 4 usable memory regions specified for kaslr */ > +#define MAX_KASLR_MEM_USABLE 4 > + > +/* Store the usable memory regions for kaslr */ > +static struct mem_vector mem_usable[MAX_KASLR_MEM_USABLE]; The name xx_usable sounds not so good, while I don't know what is better. Otherwise this patch looks good to me. Ack it. Acked-by: Baoquan He > + > +/* The amount of usable regions for kaslr user specify, not more than 4 */ > +static int num_usable_region; > + > static bool mem_overlaps(struct mem_vector *one, struct mem_vector *two) > { > /* Item one is entirely before item two. */ > @@ -206,7 +215,62 @@ static void mem_avoid_memmap(char *str) > memmap_too_large = true; > } > > -static int handle_mem_memmap(void) > +static int parse_kaslr_mem(char *p, > + unsigned long long *start, > + unsigned long long *size) > +{ > + char *oldp; > + > + if (!p) > + return -EINVAL; > + > + oldp = p; > + *size = memparse(p, &p); > + if (p == oldp) > + return -EINVAL; > + > + switch (*p) { > + case '@': > + *start = memparse(p + 1, &p); > + return 0; > + default: > + /* > + * If w/o offset, only size specified, kaslr_mem=nn[KMG] > + * has the same behaviour as kaslr_mem=nn[KMG]@0. It means > + * the region starts from 0. > + */ > + *start = 0; > + return 0; > + } > + > + return -EINVAL; > +} > + > +static void parse_kaslr_mem_regions(char *str) > +{ > + static int i; > + > + while (str && (i < MAX_KASLR_MEM_USABLE)) { > + int rc; > + unsigned long long start, size; > + char *k = strchr(str, ','); > + > + if (k) > + *k++ = 0; > + > + rc = parse_kaslr_mem(str, &start, &size); > + if (rc < 0) > + break; > + str = k; > + > + mem_usable[i].start = start; > + mem_usable[i].size = size; > + i++; > + } > + num_usable_region = i; > +} > + > +static int handle_mem_filter(void) > { > char *args = (char *)get_cmd_line_ptr(); > size_t len = strlen((char *)args); > @@ -214,7 +278,8 @@ static int handle_mem_memmap(void) > char *param, *val; > u64 mem_size; > > - if (!strstr(args, "memmap=") && !strstr(args, "mem=")) > + if (!strstr(args, "memmap=") && !strstr(args, "mem=") && > + !strstr(args, "kaslr_mem=")) > return 0; > > tmp_cmdline = malloc(len + 1); > @@ -239,6 +304,8 @@ static int handle_mem_memmap(void) > > if (!strcmp(param, "memmap")) { > mem_avoid_memmap(val); > + } else if (!strcmp(param, "kaslr_mem")) { > + parse_kaslr_mem_regions(val); > } else if (!strcmp(param, "mem")) { > char *p = val; > > @@ -378,7 +445,7 @@ static void mem_avoid_init(unsigned long input, unsigned long input_size, > /* We don't need to set a mapping for setup_data. */ > > /* Mark the memmap regions we need to avoid */ > - handle_mem_memmap(); > + handle_mem_filter(); > > #ifdef CONFIG_X86_VERBOSE_BOOTUP > /* Make sure video RAM can be used. */ > -- > 2.14.3 > > >