From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D7A4DC4345F for ; Mon, 15 Apr 2024 17:22:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6CCBA6B00A8; Mon, 15 Apr 2024 13:22:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 67BA76B00A9; Mon, 15 Apr 2024 13:22:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 542FD6B00AA; Mon, 15 Apr 2024 13:22:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 36DD36B00A8 for ; Mon, 15 Apr 2024 13:22:58 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 02C461A06D4 for ; Mon, 15 Apr 2024 17:22:57 +0000 (UTC) X-FDA: 82012436436.29.AA37D57 Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by imf23.hostedemail.com (Postfix) with ESMTP id 21751140008 for ; Mon, 15 Apr 2024 17:22:55 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JvdYWMcu; spf=pass (imf23.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713201776; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7LGAaJZA3Ieswr80lcknUKfoXzL8DxCdWx6U4KMKhO8=; b=VlZ2jniwSzWg5bCIpfqPg4AG5zUZdW7JJhZAJj8g2bZcv7iYjzJ1ISBirvQ/AbI1sA8PXr tlCkbwvGP29VIENXhZF9mffcBHOq03qHr1jxNIZT7W/a3M9SCrp0K5cGk/iUrnx/Zp6xkR vo1rtBUnjdiKxNptpYu5kagLpy855f0= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1713201776; a=rsa-sha256; cv=none; b=d7iyosxgpfhXxSCDGS1jVwEezzThux32dmz1xpTvdnStsOebLioXPI5SYhggyf7V1anPq3 3M4oyABeMGaNSQ0MadW063XsBRN8xfvdYKHDPbEPyDivzJWfnuPJ1XgizN3KbC8w++8RDh u7Az6qh+S3kw2M5IAdOFBl56LaCQERY= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=JvdYWMcu; spf=pass (imf23.hostedemail.com: domain of keescook@chromium.org designates 209.85.214.178 as permitted sender) smtp.mailfrom=keescook@chromium.org; dmarc=pass (policy=none) header.from=chromium.org Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-1e4bf0b3e06so35483125ad.1 for ; Mon, 15 Apr 2024 10:22:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1713201775; x=1713806575; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=7LGAaJZA3Ieswr80lcknUKfoXzL8DxCdWx6U4KMKhO8=; b=JvdYWMcuLffXfJqRbQRX7UA18Ho1Fgzd8aIh+vjn8gf13CpPQ4NGIhipToRkLxnvV+ Sj6x8jEeukHXXvEQFKQ3PhkQXCVjpnQ8mTCRxBxlB64i2Odx8CQk1VtWmHW8MoXSMQk8 cwHGTqdrgyvsDnqFtw2N7oAxSrLs66+HIlcq4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713201775; x=1713806575; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=7LGAaJZA3Ieswr80lcknUKfoXzL8DxCdWx6U4KMKhO8=; b=gewY6Gv5NjKh8nvygSepZxm5vVJWCuedaL8yTLj6FrbhZPZRiZRxOuSxpUtweU6c+x 8kiPPU4aANRIOeKT3rop1gFernAADsuxWZWuWq20oyo+tSZR8lpZgcapMK2DI+K6kJON N0rs7HaynKbJaBTt7a5QR4nAk3K28Pm16eLHCJNHHRMvDGT7c2mg4kCxibrPj60/fqij vPF2SRtFT/JL8QBsfQRKOjZqKDmeM6qL1Mdl1zPNIlRgd36r3Pez5Tol6oYy3TasNr2+ 323mn9cmarOdJJNGBMdt7GenL+UCOs/fNrp3RO2jpm9vRTb82ILaSsJop0zXonk8twST INtg== X-Forwarded-Encrypted: i=1; AJvYcCVzNPmbYU3gfZSDBEF6ELyCx9D/GyP1nQbkpe17O2GnIwIIM8ifHcz9ImHbf/XHd3HSyKmPBgL3yL0mfP7yBSDR2XU= X-Gm-Message-State: AOJu0Yw97pXGfve1YnfSUKVw8t/S40BlPioWX9xICp4kXt/iK7C1n1El k1JbLoVM81aihZ17NoUQlKsBfWXmhCNoL9HruQtU0RQcUNjMf+Hucz67F1YViA== X-Google-Smtp-Source: AGHT+IGecUmEOfE36Uzb8gHIAKlLpWNf+xF3BoTR88anSiFWvmiZTMlAPARou5mOFCGqDFBXXAVwXQ== X-Received: by 2002:a17:902:e807:b0:1e4:1eea:a3ae with SMTP id u7-20020a170902e80700b001e41eeaa3aemr13173797plg.5.1713201775022; Mon, 15 Apr 2024 10:22:55 -0700 (PDT) Received: from www.outflux.net ([198.0.35.241]) by smtp.gmail.com with ESMTPSA id b9-20020a170902d50900b001dee4a22c2bsm8144525plg.34.2024.04.15.10.22.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 15 Apr 2024 10:22:54 -0700 (PDT) Date: Mon, 15 Apr 2024 10:22:53 -0700 From: Kees Cook To: Steven Rostedt Cc: Mike Rapoport , linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org, Masami Hiramatsu , Mark Rutland , Mathieu Desnoyers , Andrew Morton , "Liam R. Howlett" , Vlastimil Babka , Lorenzo Stoakes , linux-mm@kvack.org, Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Tony Luck , "Guilherme G. Piccoli" , linux-hardening@vger.kernel.org, Guenter Roeck , Ross Zwisler , wklin@google.com, Vineeth Remanan Pillai , Joel Fernandes , Suleiman Souhlal , Linus Torvalds , Catalin Marinas , Will Deacon Subject: Re: [POC][RFC][PATCH 1/2] mm/x86: Add wildcard * option as memmap=nn*align:name Message-ID: <202404151017.FC002AA5@keescook> References: <20240409210254.660888920@goodmis.org> <20240409211351.075320273@goodmis.org> <202404091521.B63E85D@keescook> <20240409191156.5f92a15c@gandalf.local.home> <202404091638.2F98764A41@keescook> <20240412181940.3e1d99f7@gandalf.local.home> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240412181940.3e1d99f7@gandalf.local.home> X-Stat-Signature: jbjgu545jn15inbc1wxjp1bb99a9kouu X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 21751140008 X-Rspam-User: X-HE-Tag: 1713201775-235374 X-HE-Meta: U2FsdGVkX1+LsGB7u6kAjP0u0CSrQ5HkwnN+i3i+xiHTcZEjB35BObrdxRCQ0cbTxzTugf8MC7EAWWOPDclThZauflYKa20r7G2V1WUwodr3gl1F+7crNvQ9KYnConLNGTxPGdNLkL53JcbT0fmRz1a9Sazi21EwG20EyHmkCjmkSkSwnNUVRyZQaMT0Ful8aCyIIvxAorg93P/wFUv4eamQMhA8yp6VIlgYgGGBRgZDxswMO7MLgV6d7l4ywZDm+OSt7lYnnbY2iCNNEJCqL4q9b7K+lE1pI+ndiwPmo7i9kvxY+cZv76TlA9D08S803tUyM0URM9WK21aKq05RVE1Wnf2Mjq9D4Ke1DLV7JbkIec66O8RdNKhhipdhdVfMCVqFS54Tc7N3/BzNg3WncWgPZhdPfimApkWFw59/uPtsM/o7oG6groazVP75U7JA7Ckzv+JcQS2FZJagLhPEpxuPj+f8q2TSWlO1WCLfKfXq9ZDfCgWpxtUCdOoFHXtYqFsHMgzQMhcgD+CjWS2zKBYyqMnL525agElbZXpyBj/ja3cUqXGiYcZ6U9d1VuZxDP24a8wQXqnhFRjvA+030aWFm+q4EbCBskvYu/v0o0AjO0fGZKeK4m3VVJpccyJMB210fuDF5E5xp1ERqrXgPhuLASsIM6+5urufOfh02+eowjoVSUgIpaKQfOMyIu9zzEuIVR40nurOtM3Kk/kegwdWujE2CEHCyWAF8V7hpTadL6Hy3R3I2WhvTUaWXdP1hTEsjTm59OrjIA3AbsBaJ+u//20PTPZLWGyey/+oOl3j2hr37DxlF9Vng0ikdikmfLERqrafPZPitFXwCctCqlUb372+9o46KQPz1qlBJg26H4o3z9unKyTNO34AKtHD9CsaX4V7tVTloRHI3+ODVW3jbf795VrGCLSkj/qrzoMCD3Oez1nj+R4UreR0ZLZ3yLUR11ybpzKE8RqjIFT NZKJgxfy z+I++DCcYNn/8oX81D0Y2iwR9Y/3Sis85GAC/i7wZohvYMbuKFEnA56b301xCZ3OmjZ9i62TOmuBOOvYJC7I0XYvGjJaRs8RsW/Y0DCw8zWUjjaM9UM3q0tG+8KF7OiG3qQm6RCrVb/0oKPxIVM6EvnDqDsi14XJ4q/5HoeK95w2F1DJtQF/d6z9O1ek5kTzfz2RmOGEeXcmRKkyGgucPyKUOQnixtOftisrMkV1URk40FbqVTxWcezhZ8bQQ/lugI1B53+WeS9qTc+n5+K8PMtnG4UIW/VS27Jat64e6qywV50US2R+718llTxGA8WS1eMKYvQ/n7wR9CTAjxQc1UjjkU+7LFd6+Xhy1HkdXlgxM16QxOR/yRnu8SPqsv+9vW5DTwW7zmU76GqWcuD77f1PMEBpjm2pZz9bEzZt5GaYctTpflHMeb+0tdoSrp6Moq4V/Yd0GdYKY4px+cN86k/zq7fpQpoTvXhh0 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Apr 12, 2024 at 06:19:40PM -0400, Steven Rostedt wrote: > On Fri, 12 Apr 2024 23:59:07 +0300 > Mike Rapoport wrote: > > > On Tue, Apr 09, 2024 at 04:41:24PM -0700, Kees Cook wrote: > > > On Tue, Apr 09, 2024 at 07:11:56PM -0400, Steven Rostedt wrote: > > > > On Tue, 9 Apr 2024 15:23:07 -0700 > > > > Kees Cook wrote: > > > > > > > > > Do we need to involve e820 at all? I think it might be possible to just > > > > > have pstore call request_mem_region() very early? Or does KASLR make > > > > > that unstable? > > > > > > > > Yeah, would that give the same physical memory each boot, and can we > > > > guarantee that KASLR will not map the kernel over the previous location? > > > > > > Hm, no, for physical memory it needs to get excluded very early, which > > > means e820. > > > > Whatever memory is reserved in arch/x86/kernel/e820.c, that happens after > > kaslr, so to begin with, a new memmap parameter should be also added to > > parse_memmap in arch/x86/boot/compressed/kaslr.c to ensure the same > > physical address will be available after KASLR. > > But doesn't KASLR only affect virtual memory not physical memory? KASLR for x86 (and other archs, like arm64) do both physical and virtual base randomization. > This just makes sure the physical memory it finds will not be used by the > system. Then ramoops does the mapping via vmap() I believe, to get a > virtual address to access the physical address. I was assuming, since you were in the e820 code, that it was manipulating that before KASLR chose a location. But if not, yeah, Mike is right -- you need to make sure this is getting done before decompress_kernel(). -- Kees Cook