Received: by 2002:ac0:8845:0:0:0:0:0 with SMTP id g63csp1247883img; Tue, 26 Feb 2019 17:31:56 -0800 (PST) X-Google-Smtp-Source: AHgI3IYk0oaUG9XBL4lKkJglarkMwGswGSyU1d1LJI5DtSVjNBeRXsNdLUDHf2EKe2z1pJgnghYw X-Received: by 2002:a63:f718:: with SMTP id x24mr415686pgh.107.1551231116312; Tue, 26 Feb 2019 17:31:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551231116; cv=none; d=google.com; s=arc-20160816; b=M8ryFefIxhhiXi32zY61TL8+Skuvb7gauFu8IvMYFEDlNqNYOfgtcq/e4tZ3z38EVW hemVck6HtaXrctV2svb7qtQe8mKyGNG7rX3XjLTtTJsJYgJXJSmuRz87VqQ7X2JfmgaN FQ7rOJtFVMe2++c2xofMGlj130k2Be15IsTDNGe+/Dp/a5pFFNl4wVTmEObhCGifuL2o xgH3GBX6r9EE5JYhIG4O964ipFHm6tJBBPF8Qx6ZYw4hOzJInm+hqRrCdkBP2GWaP76h 3aX350y8jxQe+655gih6xlL1fk7anT3N6dm4GuPOxjZw3adOhQ+OJ7axdiXA+qVlxuLD fF+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=HW4Km4yoA6JCj3D6x/WYbYXgxOxDlZUXfMclvd7PS1U=; b=BLVV1+Q55mxW+2+U3dp4QTFrkgq3veh+pBkWTQKNKK14b6HBZJSkhHhVR+fqDAdVN5 gIBuLssb4D2E8m3/zmrjnMD8167zjug2yPXoIs8BbjdiI6B8q75o3hpiz39hrtIU/uX+ iKvtb9Hk7E7/nB7JyjEFBDxwuk8kXltdTdx3U84xvbXtJ+1c9u+CR4jdUAO+5XUflCK0 kiZgbJcsINyNJyVdx5hm0PmbWP3043vW1xT0LhUN6+AarRkRxAwUBtsV8fmW2FyFb2kg 5nWevqMPmwYmAeVW+2kYy/a4e6kxRXdR8fQVEVx0AZtEpN2pLXYdXm0k9/DthEk9zaUE D6vg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t1si13197156plz.247.2019.02.26.17.31.41; Tue, 26 Feb 2019 17:31:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729537AbfB0Baj (ORCPT + 99 others); Tue, 26 Feb 2019 20:30:39 -0500 Received: from mx1.redhat.com ([209.132.183.28]:33942 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729187AbfB0Baj (ORCPT ); Tue, 26 Feb 2019 20:30:39 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1919E30BEE2F; Wed, 27 Feb 2019 01:30:38 +0000 (UTC) Received: from localhost (ovpn-12-32.pek2.redhat.com [10.72.12.32]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3D8486A96A; Wed, 27 Feb 2019 01:30:36 +0000 (UTC) Date: Wed, 27 Feb 2019 09:30:34 +0800 From: Baoquan He To: Borislav Petkov Cc: Pingfan Liu , x86@kernel.org, Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Will Deacon , Nicolas Pitre , Chao Fan , "Kirill A. Shutemov" , Ard Biesheuvel , LKML Subject: Re: [PATCH] x86/boot/KASLR: skip the specified crashkernel reserved region Message-ID: <20190227013034.GP14858@MiWiFi-R3L-srv> References: <1551081596-2856-1-git-send-email-kernelfans@gmail.com> <20190225094522.GC26145@zn.tnic> <20190226104653.GB14836@zn.tnic> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190226104653.GB14836@zn.tnic> User-Agent: Mutt/1.10.1 (2018-07-13) X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.43]); Wed, 27 Feb 2019 01:30:39 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 02/26/19 at 11:46am, Borislav Petkov wrote: > On Tue, Feb 26, 2019 at 11:08:42AM +0800, Pingfan Liu wrote: > > I follow Baoquan's opinion. Due to the randomness caused by KASLR, a > > user may be surprised to find crashkernel=x@y not working sometime. > > And she/he will get told in dmesg that the allocation failed. > > > If kernel can help them out of this corner automatically, then no > > need to bother them with the message to use alternative method > > crashkernel=M. Anyway it is a cheap method already used by other > > options like hugepages and memmap in handle_mem_options(). > > If commitment, then do it without failure. Or just removing > > crashkernel=x@y option on x86. > > I can't parse what you're trying to say here but let me repeat myself: > specifying a crashkernel region should not have an influence on KASLR > because this way you limit the kernel where it selects the offset. It > should be other other way around: KASLR offset should be selected and > *then* crashkernel region. Agree that 'crashkernel=x' should be encouraged to use as the first choice when reserve crashkernel. If we decide to not obsolete 'crashkernel=x@y', it will leave a unstable kernel parameter. Another worry is that KASLR won't always fail 'crashkernel=x@y', customer may set and check in testing stage, then later in production environment one time of neglect to not check may cause carashed kernel uncaptured. IMHO, 'crashkernel=x@y' is similar to those specified memmap=ss[#$!]nn which have been avoided in boot stage KASLR. And in kernel life cycle, we specify kernel parameter before kernel boot, later KASLR lives to choose position. So KASLR can avoid firstly specified regions which are being reserved for usage, 'crashkernel=x@y' have no way to compromise with KASLR if it's still allowed to exist in kernel. Personal thought. Thanks Baoquan