Received: by 2002:ab2:60d1:0:b0:1f7:5705:b850 with SMTP id i17csp527132lqm; Wed, 1 May 2024 08:00:06 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVHxzTHRWVKgWBXNrSjRhjmtNsL5qj2/wV7SxVmrG/YDN+pEJEPF4mIFx2nm+5qllXlvEQ1f0QwxU1zNHtVYFvtistKwRfh2jj2GEhC1w== X-Google-Smtp-Source: AGHT+IHUczsYTc5ry+jtjcxG1SquHfhyud36FghN2k+dJP7KyfYbyNeloIL0hs+2FGhFWjiaJKrd X-Received: by 2002:a17:903:1212:b0:1eb:4c4a:e1a0 with SMTP id l18-20020a170903121200b001eb4c4ae1a0mr3039943plh.27.1714575605653; Wed, 01 May 2024 08:00:05 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714575605; cv=pass; d=google.com; s=arc-20160816; b=KgyxHUdwGHH+nvNVA040x8DkuUHUN/fy81Gs2+Vs21zLmZxT8bgsYDbK5/aPoZH7L6 U2SzDXdXj9DDrLJYL60h82XpnxHbyBIeQleKVNphq+bFW3bf5l2E5lZpfBtXOq+s2mAU UYsIaezMCstWqtD9WgRwodxAOeGtLiQ7bI2SwSMWTt9WjFt7cZbq0KBQqUndvMoV5fuk Dl13OrtHiBWXVpcyy3lgrGCjsKsPvOWN+iCFFyX1MNaJO/kg1eEB7Nl5gZHYcL5b8Dln 5wvk7dhi4HS2rtnCasCiWheYv09nVehUcsEPAwTjZe+bpXG0LfeLe1IT6K89nwg84wtP y3/g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=zJ5mHiJrqtax+z+JlyAvBEr+4O1aUi0140+MG/9FzRI=; fh=i4AtILediB2deLpOr3oM+2bbRJ4kXXyAP34+/+qZpF8=; b=VrS1CjGvTtpfZ0KNYbun9JMTZWQBRIJ34Z3mCYsc0qrVf/WFHZpor8WHBDy4JxAxmQ ROdHanpohPthKmnKvEwl6IJhvA4w0qNrBrHLOVhsNIZkAxNy8bUX0Oy7fpjC2w8WGk6x zNutk9aXZSDwpA35lvitWaGjD/reUXNfbrxSDLF4NfLzeDxP7HVlB6NnoCx4hQaRXhkJ Wh2n1PHqogOfkm5g/uuOyIHb0IOUWawRNQrou7qQqkZevKTX2g9Vd7hCw0PrJj3EGz0a rBa3WuHXZ1HP6fclIWo0UMW+pnWK15DC07sFcXbVi0RAeQhoW4zpeKhHhFUMLd27Jx2r qI2Q==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=HYSPzSqH; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-165411-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-165411-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id p20-20020a170902f09400b001ecaa211441si932053pla.438.2024.05.01.08.00.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 May 2024 08:00:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-165411-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=HYSPzSqH; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-165411-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-165411-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 4BACC28177C for ; Wed, 1 May 2024 15:00:05 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AC31612FB0A; Wed, 1 May 2024 14:59:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="HYSPzSqH" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFF9B5FBB1; Wed, 1 May 2024 14:59:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714575540; cv=none; b=XcGKMzGLsmEOqgq210NKp9iz0IkFMyc9Xs9NSuk88GJJYGALP8UriNvqTZ1D52+bwkGNfNXprBJTSI11IeIms0qrUTy2uEpDf/5do9PAP4C8l2nfzEqE1Bq1u8bn/sCMrjkQrNpeHBxDOIJJHfXp/u0rWs7Oo7F1dKVsHZRxyA8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714575540; c=relaxed/simple; bh=397yuEegza1YdxCHGmXo6Fr1V3efYfawXEgbly0+WSI=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=dKEKTi1cFHsQnK1Wb+WFhJw6Q00IgYivFww33zOIhZeiK1wazYBRCSsuCum37Rf6xYqsfMJgJ/ETysVqTT5RCUmNhAvxDgGW6dVOvH457TiPw0BdfPuaI3nYRAbwNpiyTa8t4rD0SVUIF2x6nl8VDGQbv/x0MZzJdhcvZdxp79I= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=HYSPzSqH; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 37583C4AF18; Wed, 1 May 2024 14:58:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1714575540; bh=397yuEegza1YdxCHGmXo6Fr1V3efYfawXEgbly0+WSI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HYSPzSqHFLggbq/xDWYyuhjhUA3byLwI0cx20K+Ar9H0VFMume+4mA27mZufxXN/J VKgOoUDQemQOr7L3Ygs+Gga6YEZcBqDMORKkDNDsWFVWM6k74eSypUDVzcnPqME0d1 On1AuvdGl3WZuSpo3YqkwaV3plOdeqN3b9AFy5bqX+qHtznRQtYeLOe4geDiyoj6Wr +pVoO67wG+b53CM0KBXBz45w+0LkBJMbzFSDEyL3EJ7qRUk97dtX9zUBeIueBeFdgN m92gi+XSOseCE6xMOh+VvwTCIDrfyAMnReFeSM0HHb1iBks0/k4qQowBV2E/n7X1od zuI3FXuNKBwMA== Date: Wed, 1 May 2024 17:57:27 +0300 From: Mike Rapoport To: Kees Cook Cc: Steven Rostedt , linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, Masami Hiramatsu , Mark Rutland , Mathieu Desnoyers , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , linux-mm@kvack.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Guenter Roeck , Ross Zwisler , wklin@google.com, Vineeth Remanan Pillai , Joel Fernandes , Suleiman Souhlal , Linus Torvalds , Catalin Marinas , Will Deacon Subject: Re: [POC][RFC][PATCH 1/2] mm/x86: Add wildcard * option as memmap=nn*align:name Message-ID: References: <20240409210254.660888920@goodmis.org> <20240409211351.075320273@goodmis.org> <202404091521.B63E85D@keescook> <20240409191156.5f92a15c@gandalf.local.home> <202404091638.2F98764A41@keescook> <20240412181940.3e1d99f7@gandalf.local.home> <202404151017.FC002AA5@keescook> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202404151017.FC002AA5@keescook> On Mon, Apr 15, 2024 at 10:22:53AM -0700, Kees Cook wrote: > On Fri, Apr 12, 2024 at 06:19:40PM -0400, Steven Rostedt wrote: > > On Fri, 12 Apr 2024 23:59:07 +0300 > > Mike Rapoport wrote: > > > > > On Tue, Apr 09, 2024 at 04:41:24PM -0700, Kees Cook wrote: > > > > On Tue, Apr 09, 2024 at 07:11:56PM -0400, Steven Rostedt wrote: > > > > > On Tue, 9 Apr 2024 15:23:07 -0700 > > > > > Kees Cook wrote: > > > > > > > > > > > Do we need to involve e820 at all? I think it might be possible to just > > > > > > have pstore call request_mem_region() very early? Or does KASLR make > > > > > > that unstable? > > > > > > > > > > Yeah, would that give the same physical memory each boot, and can we > > > > > guarantee that KASLR will not map the kernel over the previous location? > > > > > > > > Hm, no, for physical memory it needs to get excluded very early, which > > > > means e820. > > > > > > Whatever memory is reserved in arch/x86/kernel/e820.c, that happens after > > > kaslr, so to begin with, a new memmap parameter should be also added to > > > parse_memmap in arch/x86/boot/compressed/kaslr.c to ensure the same > > > physical address will be available after KASLR. > > > > But doesn't KASLR only affect virtual memory not physical memory? > > KASLR for x86 (and other archs, like arm64) do both physical and virtual > base randomization. > > > This just makes sure the physical memory it finds will not be used by the > > system. Then ramoops does the mapping via vmap() I believe, to get a > > virtual address to access the physical address. > > I was assuming, since you were in the e820 code, that it was > manipulating that before KASLR chose a location. But if not, yeah, Mike > is right -- you need to make sure this is getting done before > decompress_kernel(). Right now kaslr can handle up to 4 memmap regions and parse_memmap() in arch/x86/boot/compressed/kaslr.c should be updated for a new memmap type. But I think it's better to add a new kernel parameter as I suggested in another email and teach mem_avoid_memmap() in kaslr.c to deal with it, as well as with crashkernel=size@offset, btw. > -- > Kees Cook -- Sincerely yours, Mike.