Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3177948imu; Thu, 29 Nov 2018 17:16:25 -0800 (PST) X-Google-Smtp-Source: AFSGD/VKjb0hkYMMkwAbuUHucrnvQaF49TyIiSqZiBSxlLIeDMmnLD07co6f1+QNinl+qNIc5cK6 X-Received: by 2002:a63:1766:: with SMTP id 38mr3072928pgx.299.1543540585304; Thu, 29 Nov 2018 17:16:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543540585; cv=none; d=google.com; s=arc-20160816; b=UhAP0VDopZgHSCQ8exWGz5AavECQMGdQ3D+GpQTZqmFiIMoaQx3gS3ySDi1gL2JyUH z/ZocJvaP9zb1U9hpDcBehf9Yb6KwoQP+vd0LAo9ffv8lQphEHmiKz3TXMuwONoVqGyM 7kBDaVKUJIoDwdnUdXbqVHxKNyKLjZnEvYsWTdj/9Zs/mECDTbaf9W5DLVCD/UUcdku7 wX9b2oFktY6193QIiNrBhgfqZN/7XbrLwegylaPbzNk1DjESndDOmjJOcUzBrpZzD9/y //lmG7Z+8YZYLot6kI5l+nU6pEcwrC+IdaqPvnxK1eIIiFmkXnGk9FyazJygJNVkqybd 1k+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=V85bUVRPRSzuqfS3yBzTAoPnOZrlyARoE5yT5/Fkqho=; b=vXK/5B25NGkheDeP7YFbxEBWaEPUEsts1m4vDCSAl/RlZ7AYcDIwpXfSsBD2CjaaqJ fK6cNS1fZW2zaQ1VYybQijVyG+vxpDHK2dbVKm3AJu3JSogHMHP3A83aUm7I/ttGj/T0 BV/lgtWWyS5lKnh2K2ypkfNamFwWjquVm0FhH9mPs+ht815cd3LopSysOyLTxdmUYTJe nMQreAFCxcg2S0pyrAD8LBZuGck1FAhpc2B+0CkWmyYB/wG5d45QaFHFaSS9SKPeMvMv 04uyx1TYy7CdUHBQq5rUxW+YNRo9MVFZNA6Dk2p1iTplwxyP5JZDdQwf89W8Qsa1eP+g KUDA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h16si3505680pgj.203.2018.11.29.17.16.10; Thu, 29 Nov 2018 17:16:25 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727255AbeK3MXB (ORCPT + 99 others); Fri, 30 Nov 2018 07:23:01 -0500 Received: from mail.cn.fujitsu.com ([183.91.158.132]:64783 "EHLO heian.cn.fujitsu.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726393AbeK3MXA (ORCPT ); Fri, 30 Nov 2018 07:23:00 -0500 X-IronPort-AV: E=Sophos;i="5.56,296,1539619200"; d="scan'208";a="48849709" Received: from unknown (HELO cn.fujitsu.com) ([10.167.33.5]) by heian.cn.fujitsu.com with ESMTP; 30 Nov 2018 09:15:29 +0800 Received: from G08CNEXCHPEKD01.g08.fujitsu.local (unknown [10.167.33.80]) by cn.fujitsu.com (Postfix) with ESMTP id 12E4B4B734A7; Fri, 30 Nov 2018 09:15:28 +0800 (CST) Received: from localhost.localdomain (10.167.225.56) by G08CNEXCHPEKD01.g08.fujitsu.local (10.167.33.89) with Microsoft SMTP Server (TLS) id 14.3.408.0; Fri, 30 Nov 2018 09:15:29 +0800 Date: Fri, 30 Nov 2018 09:15:13 +0800 From: Chao Fan To: Masayoshi Mizuma CC: , , , , , , , , , Subject: Re: [PATCH v12 0/5] x86/boot/KASLR: Parse ACPI table and limit KASLR to choosing immovable memory Message-ID: <20181130011513.GA1527@localhost.localdomain> References: <20181129081631.11139-1-fanc.fnst@cn.fujitsu.com> <20181129173245.etpt52om2b5qpdeq@gabell> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <20181129173245.etpt52om2b5qpdeq@gabell> User-Agent: Mutt/1.10.1 (2018-07-13) X-Originating-IP: [10.167.225.56] X-yoursite-MailScanner-ID: 12E4B4B734A7.AC1F0 X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: fanc.fnst@cn.fujitsu.com X-Spam-Status: No Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 29, 2018 at 12:32:46PM -0500, Masayoshi Mizuma wrote: >Hi Chao, > >Thank you for your continued working. Thanks for your test. > >Could you please build your patches before sending? Sorry for the mistake, I build it with the whole patches. I found there are some problems with the method to splite patch. I will rework on it and build every commit. Thanks, Chao Fan >Your patches depend on the following kconfig, >so please build them under the config combination. > >RANDOMIZE_BASE >MEMORY_HOTREMOVE >EARLY_PARSE_RSDP >KEXEC >EFI > >Thanks, >Masa > >On Thu, Nov 29, 2018 at 04:16:26PM +0800, Chao Fan wrote: >> ***Background: >> People reported that KASLR may randomly choose some positions >> which are located in movable memory regions. This will break memory >> hotplug feature and make the movable memory chosen by KASLR can't be >> removed. >> >> ***Solutions: >> Get the information of memory hot-remove, then KASLR will know the >> right regions. Information about memory hot-remove is in ACPI >> tables, which will be parsed after start_kernel(), so that KASLR >> can't get the information. >> >> Somebody suggest to add a kernel parameter to specify the >> immovable memory so that limit KASLR in these regions. Then I make >> a patchset. After several versions, Ingo gave a suggestion: >> https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1634024.html >> Follow Ingo's suggestion, imitate the ACPI code to parse the ACPI >> tables, so that the kaslr can get necessary memory information in >> ACPI tables. >> I think ACPI code is an independent part, so imitate the codes >> and functions to 'compressed/' directory, so that kaslr won't >> influence the initialization of ACPI. >> >> PATCH 1/5 Add get_acpi_rsdp() to parse RSDP in cmdline from KEXEC >> PATCH 2/5 Add efi_get_rsdp_addr() to find RSDP from EFI table when >> booting from EFI. >> PATCH 3/5 Add bios_get_rsdp_addr() to search RSDP in memory when EFI >> table not found. >> PATCH 4/5 Compute SRAT table from RSDP and walk SRAT table to store >> the immovable memory regions. >> PATCH 5/5 Calculate the intersection between memory regions from e820/efi >> memory table and immovable memory regions. Limit KASLR to >> choosing these regions for randomization. >> >> v1->v2: >> - Simplify some code. >> Follow Baoquan He's suggestion: >> - Reuse the head file of acpi code. >> >> v2->v3: >> - Test in more conditions, so remove the 'RFC' tag. >> - Change some comments. >> >> v3->v4: >> Follow Thomas Gleixner's suggetsion: >> - Put the whole efi related function into #define CONFIG_EFI and return >> false in the other stub. >> >> v4->v5: >> Follow Dou Liyang's suggestion: >> - Add more comments about some functions based on kernel code. >> - Change some typo in comments. >> - Clean useless variable. >> - Add check for the boundary of array. >> - Add check for 'movable_node' parameter >> >> v5->v6: >> Follow Baoquan He's suggestion: >> - Change some log. >> - Add the check for acpi_rsdp >> - Change some code logical to make code clear >> >> v6->v7: >> Follow Rafael's suggestion: >> - Add more comments and patch log. >> Follow test robot's suggestion: >> - Add "static" tag for function >> >> v7-v8: >> Follow Kees Cook's suggestion: >> - Use mem_overlaps() to check memory region. >> - Use #ifdef in the definition of function. >> >> v8-v9: >> Follow Boris' suggestion: >> - Change code style. >> - Splite PATCH 1/3 to more path. >> - Introduce some new function >> - Use existing function to rework some code >> Follow Masayoshi's suggetion: >> - Make code more readable >> >> v9->v10: >> Follow Baoquan's suggestion: >> - Change some log >> - Merge last two patch together. >> >> v10->v11: >> Follow Boris' suggestion: >> - Link kstrtoull() instead of copying it. >> - Drop the useless wrapped function. >> >> v11->v12: >> Follow Boris' suggestion: >> - Change patch log and code comments. >> - Add 'CONFIG_EARLY_PARSE_RSDP' to make code easy to read >> - Put strtoull() to misc.c >> Follow Masa's suggestion: >> - Remove the detection for 'movable_node' >> - Change the code logical about cmdline_find_option() >> >> Any comments will be welcome. >> >> >> Chao Fan (5): >> x86/boot: Add get_acpi_rsdp() to parse RSDP in cmdline from KEXEC >> x86/boot: Add efi_get_rsdp_addr() to find RSDP from EFI table >> x86/boot: Add bios_get_rsdp_addr() to search RSDP in memory >> x86/boot: Parse SRAT table from RSDP and store immovable memory >> x86/boot/KASLR: Limit KASLR to extracting kernel in immovable memory >> >> arch/x86/Kconfig | 10 + >> arch/x86/boot/compressed/Makefile | 2 + >> arch/x86/boot/compressed/acpitb.c | 322 ++++++++++++++++++++++++++++++ >> arch/x86/boot/compressed/kaslr.c | 79 ++++++-- >> arch/x86/boot/compressed/misc.c | 5 + >> arch/x86/boot/compressed/misc.h | 24 +++ >> lib/kstrtox.c | 5 + >> 7 files changed, 432 insertions(+), 15 deletions(-) >> create mode 100644 arch/x86/boot/compressed/acpitb.c >> >> -- >> 2.19.1 >> >> >> > >