Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp4169511imm; Fri, 18 May 2018 00:02:00 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoETLAHUzcSnaMiWRrPPmDVBfkb1Bb6qYSv7hnsOvaJlNa67zwhqlUD5kv8R2V7nboO3R8b X-Received: by 2002:a63:61c8:: with SMTP id v191-v6mr6565356pgb.184.1526626920708; Fri, 18 May 2018 00:02:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526626920; cv=none; d=google.com; s=arc-20160816; b=Z1q6Vs3R6jgvj6tk+QadrVK+eJGMVo+LkJt0drqfdtmboEZO95bs8SLDSvzKDeX7Kj eMsQHCWoPoSkiwMUBxEW9LEuXN35DETkQhiXe9NUAD71oV3VXmARj9JmFKL0GQ9fngT3 eGjUpkWOoCzSleFqM5bP2EEwfz8vONZ+YMD/VUcikvNoyqTvwsi905+t3ln2hYcPukFu F4DNyMRxkn3lKf3LBdtNigtQij912T7XAIwlOYzWaU5jqSj/7G001MiIB/BDwi3rAMHV SXQK6lfY6UCLWAhh1ACqMm2Uz6+ZvEYJy5PAJ9KFjR7LAonoyXySo/Im/xrbNPfGHXdO 9BbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=VLsILfXGHAJj7oshMnBls3egH/VJPilTPV8SOzvovUQ=; b=knhNnjQCf8cb9eYlDoj4KlnURHlhwEISber2ZiL0EUiytU+rnWbnoqaRBiU+OL4EO1 /rLVtQr73oZ6f3VnNQHVfdVtRnokqQDQ943A0ciKBT7r/IS8qf6lEJ60hLKG4BwsQUJw gGlJ5kUW2Xg3GjqxQ/DDeUkGkuLGU1h7hiMlz3XoIUq+++mH+YwfiUmuG3f6CSNqKBJi jDCAFHuSzpiO0YAyid75uK4FfNAlmb/wowHAuHTv38LAB5qPoDhVBb1DOai+k4naEsKd FcARqS3NFv5EvHYOkIfpdsdrQLV9cB9GNR+FIK/tGOEJf5Ar4w48Uj+35USrZxIxinNR tzcQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=uAF1NiIn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s13-v6si6519374plq.464.2018.05.18.00.01.45; Fri, 18 May 2018 00:02:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=uAF1NiIn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751967AbeERHAw (ORCPT + 99 others); Fri, 18 May 2018 03:00:52 -0400 Received: from mail-wm0-f65.google.com ([74.125.82.65]:40407 "EHLO mail-wm0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751249AbeERHAu (ORCPT ); Fri, 18 May 2018 03:00:50 -0400 Received: by mail-wm0-f65.google.com with SMTP id j5-v6so13067089wme.5 for ; Fri, 18 May 2018 00:00:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=VLsILfXGHAJj7oshMnBls3egH/VJPilTPV8SOzvovUQ=; b=uAF1NiInCFvhSgr9gxGjSft/kpL+zCals0zqWHiEaTH7br+jLZzPAQt20IsVnHBexq vpxaOPugn/KTXJLjLEQesQqiAtakAN3heBJ86hUcw20KYndIjnEN4PXvZpPfvQHh5gPD CMFmRobT68OpczSj2cuYogXw6v8Wy8xMZ/72+RvViyIiJ2nJb4Ln9Auwv4h9l5mXniHV QOY/pIKOkn5PvPqwAU8u5i7mkOtdR+xjzD/h70scm96+2POQBUx4/3UiDzc+oldYvoRm CYQ6vJAIysfYh9q2cZ5gREXXnaa8peeMV6vYxCk5+GE7A5RB9HIaK9mDeaHNhdXN/E5x 051A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to:user-agent; bh=VLsILfXGHAJj7oshMnBls3egH/VJPilTPV8SOzvovUQ=; b=ceiRkRBiG1klSr6loKwb0yS1PDLzal1aj3zp4IoZjQwAlZYWpoE0arXYP1A4b3gDLF Gfs4h7OpdGmc2Rwtv4ysiWJnC6PBFMQeWwSKzMMa3kLVc9YFobyJMG+Nc3NH/PfGVeG7 UDcQebdUNq5ot3bZYBIDoLO6iyaK6s+NSEDDwhKThXP6Xcg4LRcE+tfh44M2RRR5o48u /zfVxeFlV3DxbDlaD7MPKeDSYYJ7Soj2d9ep8k/n/G9nxS10xFJff+nsBYbshkNwRWXG /JEsiWaK9tGXZgxU1K3N4oFX9rFCQtPehz0adR+H4gptMPy1RaE3u/mjTssGoLlZkWGQ Cwtg== X-Gm-Message-State: ALKqPwcVm+zexOP/pZJ6AF36QEnOvJ8BMVjHt4Pvd0qQX3QKl5q2a+Gs nYjHmsXK2MT3hU4HC5UoJhI= X-Received: by 2002:a1c:ce0e:: with SMTP id e14-v6mr3314115wmg.87.1526626849756; Fri, 18 May 2018 00:00:49 -0700 (PDT) Received: from gmail.com (2E8B0CD5.catv.pool.telekom.hu. [46.139.12.213]) by smtp.gmail.com with ESMTPSA id w31-v6sm18991723wrb.93.2018.05.18.00.00.48 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 18 May 2018 00:00:48 -0700 (PDT) Date: Fri, 18 May 2018 09:00:46 +0200 From: Ingo Molnar To: Baoquan He Cc: linux-kernel@vger.kernel.org, lcapitulino@redhat.com, keescook@chromium.org, tglx@linutronix.de, x86@kernel.org, hpa@zytor.com, fanc.fnst@cn.fujitsu.com, yasu.isimatu@gmail.com, indou.takao@jp.fujitsu.com, douly.fnst@cn.fujitsu.com Subject: Re: [PATCH 0/2] x86/boot/KASLR: Skip specified number of 1GB huge pages when do physical randomization Message-ID: <20180518070046.GA18660@gmail.com> References: <20180516100532.14083-1-bhe@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180516100532.14083-1-bhe@redhat.com> User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Baoquan He wrote: > This is a regression bug fix. Luiz's team reported that 1GB huge page > allocation will get one less 1GB page randomly when KASLR is enabled. On > their KVM guest with 4GB RAM, which only has one good 1GB huge page, > they found the 1GB huge page allocation sometime failed with below > kernel option adding. > > default_hugepagesz=1G hugepagesz=1G hugepages=1 > > This is because kernel may be randomized into those good 1GB huge pages. > > I ever thought to solve this by specifying available memory regions > which kernel KASLR can be randomized into to avoid those good 1GB huge > pages. Chao's patches can be used to fix it: > https://lkml.org/lkml/2018/2/28/217 > > Later, Ingo suggested avoiding them in boot KASLR code. > https://lkml.org/lkml/2018/3/12/312 Yes, but these patches don't appear to implement what I suggested: > So there's apparently a mis-design here: > > - KASLR needs to be done very early on during bootup: - it's not realistic to > expect KASLR to be done with a booted up kernel, because pointers to various > KASLR-ed objects are already widely spread out in memory. > > - But for some unfathomable reason the memory hotplug attribute of memory > regions is not part of the regular memory map but part of late-init ACPI data > structures. > > The right solution would be _not_ to fudge the KASLR location, but to provide > the memory hotplug information to early code, preferably via the primary memory > map. KASLR can then make use of it and avoid those regions, just like it avoids > other memory regions already. > > In addition to that hardware makers (including virtualized hardware) should also > fix their systems to provide memory hotplug information to early code. So my question: why don't we pass in the information that these are hotplug pages that should not be KASLR randomized into? If that attribute of memory regions was present then KASLR could simply skip the hotplug regions! Thanks, Ingo