Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp441005lqo; Thu, 16 May 2024 10:23:05 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW0Xi94+reTfU48ZhWRvjnpoxpDm0kb55mFl6/ON6M88ZqEA0/I11LZjC3D4JEA3jP81+WGGIxArhEPVdH7tEsyk/TxMNM/48AKSN5E3A== X-Google-Smtp-Source: AGHT+IGYzTqWcM/YW6tNIF70ytw5sEKgHAWaAGFxC5a1Vvf15EORFoKvhfY4j0mNN9Nu/ceNayJo X-Received: by 2002:a50:f60d:0:b0:572:7c13:c7d8 with SMTP id 4fb4d7f45d1cf-5734d6effa0mr17949423a12.34.1715880185162; Thu, 16 May 2024 10:23:05 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715880185; cv=pass; d=google.com; s=arc-20160816; b=nm498MtH4bWXipLAyC72hPApRvMo39UuiXTcK8ug+xCpTbwYAMfOUtXgF4NGz0YAdC llML5NLgt4HTi1SUtgbG4hxEvBRHKUnkqy69T8mZlNragtD6Yqm7ra2L5JuOtYK5vWY9 aGvw2awOcDXV6PA5n/0QmuD711o++ewQtO/N3siFTm1v/ooZjk8tOi7mPS3Rkw7lRNeJ 8ruzrA+FTvGHWRjMgsKXrrWU+1dK7GCmIBLwioaFj5NlOq6c0WYxuivqOF7aCZkvWy4F KobEuj2URaVLxOvchBf1dhTOja/UuXTjYaV5jZ1OjfDJQr3GL31Hg89JhEIxlcoFDFqQ WTbg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :dkim-signature; bh=JFM1sGPuHParivGYmPmZWDiZw2nFzm995pzxxSXusOE=; fh=oWOrhBkrO9Vqf1E2vYp9wprn0oQ2V0uACobfp6G48UU=; b=szto9hVqO1hOH5r66T5h0l66JyOGf0Ty7hqK0woAdY89KFksMpFSgPX1tsJeL/np9n 5BoOgSokLcCo4dzLxWbX2RRWXcxTIabGRw3RH/qZlhFR8fyFG2i/wCZG5LMX1DyDkswj kIwk47bo2pofWTe5at0KOylphth28x9J55yKpNSH4ivCe5qeuMmuaNXJMYPXP0VGL/me BqAFQMJJz2Rg03uZB5Dd0zSJnde5+itMfwzmzc6WKf6zLS+LDSo753x79mcU0zzChocK Kn3gpInn0Q+zdS49dktIypQvZ0t9OQKhsiV7rM6fihhTzA/ZRilhUe27Mg6CUeC6FRH/ 5UAA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QINK+vGx; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-181365-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-181365-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-574f9341724si2162929a12.552.2024.05.16.10.23.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 May 2024 10:23:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-181365-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=QINK+vGx; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-181365-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-181365-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id E54E11F22982 for ; Thu, 16 May 2024 17:22:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 04B6115665B; Thu, 16 May 2024 17:22:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QINK+vGx" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 23109156661; Thu, 16 May 2024 17:22:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715880164; cv=none; b=ZFPVqbBt4C1aidVAhZPXszH3ghczNQKq2YJMJYinpn+hhfPhJUue3z5+Q0+0HIzOnjieIhsBkTxmPjfy5Jy+LNeOq+Rj8y3fskzeVP+j35CKbA3v5G5tPRTpjsf46WSUr9BEh+Qt34GEBX+D6J1P8maAW3NsS7EcaIg64Boyqwk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715880164; c=relaxed/simple; bh=JFM1sGPuHParivGYmPmZWDiZw2nFzm995pzxxSXusOE=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=eY2wzgkTE/a6x4XAA6BLfEozhjyecTg7R1w6ktUDeVDNjjQlFqXlkeo5nvzG0gftsKKghIAzC8wItI5ym72G1e9+kP2nL1hrLq0CYlwFZ2szyYcyjaZkzUdaOoOOqXdDsDsuf2ED2CaPIn0tu20s8/hiV8L41Q+feDCoTBA7kdQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QINK+vGx; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id ADE93C32789; Thu, 16 May 2024 17:22:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1715880163; bh=JFM1sGPuHParivGYmPmZWDiZw2nFzm995pzxxSXusOE=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=QINK+vGxi3IZuVEQJMqAJIuNFSJTnWHAoqiyivGMt9+T3VN/RXOA8+z2H5trl69hL /RDobKlSNeLwwlFfpvFqxdBUrLwbosLGeh0+53LcN90m0Xp7SggJ+xj2iNX0EWtOh9 5gCdsvLxPEpv2ivj9PAGjCurHJX6RgbtEr+uo/ExFVc0VQ/abAVw6KwrzF6s9+twPx vmDMwe1NGedGvbKItzyfaVj/XnzDmAfV3jWEE1jMOt3kDImSYjRkYwmYMGHBzQ7BMG fmNFk8O0+PWt3e9pJmAr2TMoqovmdIiGizIYleTeo9MnEnidY0z85LsL9rdlysZoHL cRY+8IIW4AQXw== Received: by mail-lj1-f174.google.com with SMTP id 38308e7fff4ca-2e0a34b2899so14799361fa.3; Thu, 16 May 2024 10:22:43 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCXhu+tgGCxABGfD/uXFNIamJ4OYmFDkkyKn+7OOZV/KAVUwWSFeIStbnHNCBlG+xIX1GOPz2Sm2qOBVkDthwaCxt42Eoxdt3+xeuezF1z4PPAjO3473MD7/MDlVYViSH+9VTaZte6An1JTx4CDd8Dhc8lBcEaRcPVnsDQf0DFBh X-Gm-Message-State: AOJu0YzMkaPpBDXkNzQ4E33CEH4YxpF3LfLpztDZuH0qAmPQ5pLa8U7q QXOu3ABfuIETo4K+mmcLRw0FHhXKRFiyE7P0G/5LKP4gWl9epubBNuIIVhf2xDWMOvNBwSIUFA0 FxIUYQsPq3y6LpoMB7pK6s+xtFQw= X-Received: by 2002:a2e:be9f:0:b0:2e3:ba0e:de12 with SMTP id 38308e7fff4ca-2e51ff5cf48mr212358961fa.22.1715880162065; Thu, 16 May 2024 10:22:42 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <742E72A5-4792-4B72-B556-22929BBB1AD9@kernel.org> <975461E5-D2BB-40FB-9345-31C4665224A2@akamai.com> In-Reply-To: <975461E5-D2BB-40FB-9345-31C4665224A2@akamai.com> From: Ard Biesheuvel Date: Thu, 16 May 2024 19:22:10 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Regression in 6.1.81: Missing memory in pmem device To: "Chaney, Ben" Cc: Kees Cook , Kees Cook , "gregkh@linuxfoundation.org" , "linux-efi@vger.kernel.org" , "stable@vger.kernel.org" , "bp@alien8.de" , "dave.hansen@linux.intel.com" , "linux-kernel@vger.kernel.org" , "mingo@redhat.com" , "tglx@linutronix.de" , "Tottenham, Max" , "Hunt, Joshua" , "Galaxy, Michael" Content-Type: text/plain; charset="UTF-8" On Thu, 16 May 2024 at 16:59, Chaney, Ben wrote: > > The 'nokaslr' flag does work around this issue, but using it has a few downsides. > > First, we would like the security benefit provided be ASLR. We wouldn't need to disable virtual KASLR only physical KASLR. > Also, this imposes a restriction on what memmaps are possible. It would then be required to have them offset from the beginning of the memory. > Relying on the KASLR code to move the kernel away from the base of RAM is rather risky - even when KASLR is in effect, the logic will fall back to placement at the base of memory if physical randomization is not possible for any reason. > I also think there are a few other features that may be impacted by this, that were not addressed by the patch. crashkernel and pstore both probably need physical kaslr disabled as well. > Please reply to the patch if you have any comments on it. Thanks.