Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2769524imu; Thu, 29 Nov 2018 09:56:30 -0800 (PST) X-Google-Smtp-Source: AFSGD/VmpK4e2x7yJbV8/wST7SThY8Jo8UUmT1Pso3ZS9GebvUXzjgHKo7FfGgrx7x2WQj4l9jqD X-Received: by 2002:a17:902:1681:: with SMTP id h1mr2432379plh.129.1543514189981; Thu, 29 Nov 2018 09:56:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543514189; cv=none; d=google.com; s=arc-20160816; b=O69xs5rM+yNwFSMypnf5BG1Cdryd/KNSZziy2cptKxHcTWlx7z7ikqlECqaZTs4FSq loZ6s0+Cdcuf32WtCBLqY1Fje6oLxekOrKser6naoSR0S2cGoNRQhL6X4HuFkHVf+NPs EFqUUoa2lwkvW3uZJkNcU2xl+vfKtpqhxnd0ugtrCpD4A+JhgejvMcc11q0dubbfGwKb wZhNSYWBGc6AeX9S5D3t3O6Ty37YO13SGL4xd6afwQd8RfjIrEwIUUL5W3tfZpUH5v38 DhCYCk7+nZ4zAAoygdWyX9Ak3/xhcNu4l+8vyrYIxxKAogcQ8jkZ5iJUozrk/hXr3zvW 1C9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=bIrb+1cPZtYc5UGklcZt5k9ONQODYb3CUv1UGFlIJPM=; b=CGZq+gBAn6NgEPZrsUg+aXZQHcPY7g+/833VcxkouftnLSzYdtMCxC2u6BXFXM+0lz INj6newCCP7bE3D2NTPGk6tZgYk2YCU5VV6Rddp4ExrELJVyAzhCGMDjs1Fv5wSlghVU vBb0D3dPt2+omSqfKZmcb+YWlIIidnmuciO6CpGT4/wt/CM2cE5KUd50N9mXKVig6Y0O 9A0SvR3E8ya8HYu279qMgq511+Mqg5BIqYCIBMDFNdTU0Y+BGOOakEV76SxjPKAs1/he 7TobPvZfyZ7DRy38FU2suxmqOFC2C3eRvZIwGWXZdYF22dzrB7DFcHnXMJkykWz9lQlI 6rlA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=REsFysyW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h10si2497408pgi.562.2018.11.29.09.56.12; Thu, 29 Nov 2018 09:56:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=REsFysyW; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726293AbeK3FBh (ORCPT + 99 others); Fri, 30 Nov 2018 00:01:37 -0500 Received: from mail-qt1-f193.google.com ([209.85.160.193]:36770 "EHLO mail-qt1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726190AbeK3FBg (ORCPT ); Fri, 30 Nov 2018 00:01:36 -0500 Received: by mail-qt1-f193.google.com with SMTP id t13so2976034qtn.3 for ; Thu, 29 Nov 2018 09:55:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=bIrb+1cPZtYc5UGklcZt5k9ONQODYb3CUv1UGFlIJPM=; b=REsFysyWNIfEsY8fb4s6u5AMGSAPFHJcEaB3+oKvUkO6DsUusyBciUg1dJeUF7uCPb 5T3EuPtNFQKiuC32x8sdSTKiC8znvpk9QEXwJcd7iCzmrtC21yvfFk/Sk5g/YlD1NE7B lkMZvh9gUCuPRkl8jolXnYw2jX/d5Bu1gwopNeQY+4gTQEbyAzCs+Jivrx0XMFV7mFVr uls70fHZexZs/KpI7UKPfQCbq5PG7IByiYgX5/yyV1lr713Klck9tzWPOD0fIXAfUuEb y/oghtJmb3GoqcFbTlcpgytF0EDMHaHQaiSHCBibW68B/uHGTlX5POW8cp2YdKK+UrnG xH3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=bIrb+1cPZtYc5UGklcZt5k9ONQODYb3CUv1UGFlIJPM=; b=RcztLg7o8LJf9lCFr+zF3CNT7JXpZCi58u2iB8/rQ2o+9BE+vVAA7w/uM8SwQ0CZQ0 C8+IrhW6PHhMZX7Q8NlUmlapnfBMYz+HioxmvgeKEg99f7vlJCWO+lObGWhoAx0L0RL2 J0U2etHBQLQjsA84rvkKjjdzn0usoaX23XW1Gn1xs2UeDImTzAFnuZLZa+vpXeMtzBsD AGMQYLTd1t6H7daK0xS9hr6eeikJCm8IwTi67DFEzE7QyfQ9l7cEPC3XG6ZDdi43H1Ms GuGpsVx28ZPoe4HP0fnf/B/EW6H7a60UkVdjrguzVUBYpFKSVt4uajGyfvHQbX/T2dZM r2bw== X-Gm-Message-State: AA+aEWY8OQBjfw/F0SGltPPpHekeVzD0sQ1MMVrgtXjFcMi4efvaPfs8 9Id+9TTOxDKhTC7ezX9OuQ== X-Received: by 2002:ac8:17f0:: with SMTP id r45mr2358936qtk.206.1543514124295; Thu, 29 Nov 2018 09:55:24 -0800 (PST) Received: from gabell (nat-pool-bos-t.redhat.com. [66.187.233.206]) by smtp.gmail.com with ESMTPSA id a3sm1519149qta.21.2018.11.29.09.55.23 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 29 Nov 2018 09:55:23 -0800 (PST) Date: Thu, 29 Nov 2018 12:55:21 -0500 From: Masayoshi Mizuma To: Chao Fan Cc: linux-kernel@vger.kernel.org, x86@kernel.org, bp@alien8.de, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, keescook@chromium.org, bhe@redhat.com, indou.takao@jp.fujitsu.com, caoj.fnst@cn.fujitsu.com Subject: Re: [PATCH v12 4/5] x86/boot: Parse SRAT table from RSDP and store immovable memory Message-ID: <20181129175520.xcmj3bv4yhdr7kk3@gabell> References: <20181129081631.11139-1-fanc.fnst@cn.fujitsu.com> <20181129081631.11139-5-fanc.fnst@cn.fujitsu.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20181129081631.11139-5-fanc.fnst@cn.fujitsu.com> User-Agent: NeoMutt/20180716 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 29, 2018 at 04:16:30PM +0800, Chao Fan wrote: > To fix the conflict between KASLR and memory-hotremove, SRAT table > should be parsed by RSDP pointer, then find the immovable > memory regions and store them in an array called immovable_mem[]. > The array called immovable_mem[] will extern to KASLR, then > KASLR will avoid to extract kernel to these regions. > > Add 'CONFIG_EARLY_PARSE_RSDP' which depends on RANDOMIZE_BASE && > MEMORY_HOTREMOVE, cause only when both KASLR and memory-hotremove > are enabled, RSDP needs to be parsed in compressed period. > > Signed-off-by: Chao Fan > --- > arch/x86/Kconfig | 10 +++ > arch/x86/boot/compressed/Makefile | 2 + > arch/x86/boot/compressed/acpitb.c | 125 ++++++++++++++++++++++++++++++ > arch/x86/boot/compressed/kaslr.c | 4 - > arch/x86/boot/compressed/misc.h | 20 +++++ > 5 files changed, 157 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig > index a29d49ef4d56..bc775968557b 100644 > --- a/arch/x86/Kconfig > +++ b/arch/x86/Kconfig > @@ -2146,6 +2146,16 @@ config X86_NEED_RELOCS > def_bool y > depends on RANDOMIZE_BASE || (X86_32 && RELOCATABLE) > > +config CONFIG_EARLY_PARSE_RSDP config EARLY_PARSE_RSDP > + bool "Parse RSDP pointer on compressed period for KASLR" > + def_bool n Should be def_bool y? It is better to enable EARLY_PARSE_RSDP by default if RANDOMIZE_BASE and MEMORY_HOTREMOVE are enabled. > + depends on RANDOMIZE_BASE && MEMORY_HOTREMOVE > + help > + This option parses RSDP pointer in compressed period. Works > + for KASLR to get memory information by SRAT table and choose > + immovable memory to extract kernel. > + Say Y if you want to use both KASLR and memory-hotremove. > + > config PHYSICAL_ALIGN > hex "Alignment value to which kernel should be aligned" > default "0x200000" > diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile > index 466f66c8a7f8..4cbfb58bf083 100644 > --- a/arch/x86/boot/compressed/Makefile > +++ b/arch/x86/boot/compressed/Makefile > @@ -84,6 +84,8 @@ ifdef CONFIG_X86_64 > vmlinux-objs-y += $(obj)/pgtable_64.o > endif > > +vmlinux-objs-$(CONFIG_EARLY_PARSE_RSDP) += $(obj)/acpitb.o > + > $(obj)/eboot.o: KBUILD_CFLAGS += -fshort-wchar -mno-red-zone > > vmlinux-objs-$(CONFIG_EFI_STUB) += $(obj)/eboot.o $(obj)/efi_stub_$(BITS).o \ > diff --git a/arch/x86/boot/compressed/acpitb.c b/arch/x86/boot/compressed/acpitb.c > index 82d27c4b8978..023b33d0cd3b 100644 > --- a/arch/x86/boot/compressed/acpitb.c > +++ b/arch/x86/boot/compressed/acpitb.c > @@ -195,3 +195,128 @@ static acpi_physical_address bios_get_rsdp_addr(void) > return (acpi_physical_address)address; > } > } > + > +/* Used to determine RSDP table, based on acpi_os_get_root_pointer(). */ > +static acpi_physical_address get_rsdp_addr(void) > +{ > + acpi_physical_address pa = 0; > + > + pa = get_acpi_rsdp(); > + > + if (!pa) > + pa = efi_get_rsdp_addr(); > + > + if (!pa) > + pa = bios_get_rsdp_addr(); > + > + return pa; > +} > + > +/* Compute SRAT table from RSDP. */ > +static struct acpi_table_header *get_acpi_srat_table(void) > +{ > + acpi_physical_address acpi_table; > + acpi_physical_address root_table; > + struct acpi_table_header *header; > + struct acpi_table_rsdp *rsdp; > + int num_entries; > + char arg[10]; > + u8 *entry; > + u32 size; > + u32 len; > + > + rsdp = (struct acpi_table_rsdp *)get_rsdp_addr(); > + if (!rsdp) > + return NULL; > + > + /* Get RSDT or XSDT from RSDP. */ > + if (!(cmdline_find_option("acpi", arg, sizeof(arg)) == 4 && > + !strncmp(arg, "rsdt", 4)) && > + rsdp->xsdt_physical_address && > + rsdp->revision > 1) { > + root_table = rsdp->xsdt_physical_address; > + size = ACPI_XSDT_ENTRY_SIZE; > + } else { > + root_table = rsdp->rsdt_physical_address; > + size = ACPI_RSDT_ENTRY_SIZE; > + } > + > + /* Get ACPI root table from RSDT or XSDT.*/ > + header = (struct acpi_table_header *)root_table; > + if (!header) > + return NULL; > + > + len = header->length; > + num_entries = (u32)((len - sizeof(struct acpi_table_header)) / size); > + if (num_entries > MAX_ACPI_SIG) > + return NULL; I think this check isn't needed... > + > + entry = ACPI_ADD_PTR(u8, header, sizeof(struct acpi_table_header)); > + > + while (num_entries--) { > + u64 address64; > + > + if (size == ACPI_RSDT_ENTRY_SIZE) > + acpi_table = ((acpi_physical_address) > + (*ACPI_CAST_PTR(u32, entry))); > + else { > + *(u64 *)(void *)&address64 = *(u64 *)(void *)entry; > + acpi_table = (acpi_physical_address) address64; > + } > + > + if (acpi_table) { > + header = (struct acpi_table_header *)acpi_table; > + > + if (ACPI_COMPARE_NAME(header->signature, ACPI_SIG_SRAT)) > + return header; > + } > + entry += size; > + } > + return NULL; > +} > + > +/* > + * According to ACPI table, filter the immovable memory regions > + * and store them in immovable_mem[]. > + */ > +void get_immovable_mem(void) > +{ > + struct acpi_table_header *table_header; > + struct acpi_subtable_header *table; > + struct acpi_srat_mem_affinity *ma; > + unsigned long table_end; > + char arg[10]; > + int i = 0; > + > + if (cmdline_find_option("acpi", arg, sizeof(arg)) == 3 && > + !strncmp(arg, "off", 3)) > + return; > + > + table_header = get_acpi_srat_table(); > + if (!table_header) > + return; > + > + table_end = (unsigned long)table_header + table_header->length; > + table = (struct acpi_subtable_header *) > + ((unsigned long)table_header + sizeof(struct acpi_table_srat)); > + > + while (((unsigned long)table) + > + sizeof(struct acpi_subtable_header) < table_end) { > + if (table->type == ACPI_SRAT_TYPE_MEMORY_AFFINITY) { > + ma = (struct acpi_srat_mem_affinity *)table; > + if (!(ma->flags & ACPI_SRAT_MEM_HOT_PLUGGABLE)) { > + immovable_mem[i].start = ma->base_address; > + immovable_mem[i].size = ma->length; > + i++; > + } > + > + if (i >= MAX_NUMNODES*2) { > + debug_putstr("Too many immovable memory regions, aborting.\n"); > + return; > + } > + } > + table = (struct acpi_subtable_header *) > + ((unsigned long)table + table->length); > + } > + num_immovable_mem = i; > +} > diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c > index 9ed9709d9947..b251572e77af 100644 > --- a/arch/x86/boot/compressed/kaslr.c > +++ b/arch/x86/boot/compressed/kaslr.c > @@ -87,10 +87,6 @@ static unsigned long get_boot_seed(void) > #define KASLR_COMPRESSED_BOOT > #include "../../lib/kaslr.c" > > -struct mem_vector { > - unsigned long long start; > - unsigned long long size; > -}; > > /* Only supporting at most 4 unusable memmap regions with kaslr */ > #define MAX_MEMMAP_REGIONS 4 > diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h > index 809c31effa4b..d94e2a419c13 100644 > --- a/arch/x86/boot/compressed/misc.h > +++ b/arch/x86/boot/compressed/misc.h > @@ -77,6 +77,11 @@ void choose_random_location(unsigned long input, > unsigned long *output, > unsigned long output_size, > unsigned long *virt_addr); > +struct mem_vector { > + unsigned long long start; > + unsigned long long size; > +}; > + > /* cpuflags.c */ > bool has_cpuflag(int flag); > #else > @@ -118,5 +123,20 @@ void set_sev_encryption_mask(void); > #endif > > /* acpitb.c */ > +#ifdef CONFIG_RANDOMIZE_BASE > +/* Store the amount of immovable memory regions */ > +int num_immovable_mem; > +#endif > + > +#ifdef CONFIG_EARLY_PARSE_RSDP > +void get_immovable_mem(void); > +/* There are 72 kinds of ACPI_SIG in head file of ACPI. */ > +#define MAX_ACPI_SIG 72 The 72 isn't the specification of ACPI, right? So the number of SIG may increase and decrease in the future. This macro and the check I commented above isn't needed... Thanks, Masa > +#else > +static void get_immovable_mem(void) > +{ > +} > +#endif > + > #define BOOT_STRING > extern int kstrtoull(const char *s, unsigned int base, unsigned long long *res); > -- > 2.19.1 > > >