Re: [PATCH] x86/kaslr: P2PDMA is one of a class of ZONE_DEVICE-KASLR collisions

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: Dave Hansen <dave.hansen@intel.com>
To: Dan Williams <dan.j.williams@intel.com>,
	dave.hansen@linux.intel.com, peterz@infradead.org
Cc: linux-mm@kvack.org, linux-cxl@vger.kernel.org,
	linux-pci@vger.kernel.org, Balbir Singh <balbirs@nvidia.com>,
	Ingo Molnar <mingo@kernel.org>, Kees Cook <kees@kernel.org>,
	Bjorn Helgaas <bhelgaas@google.com>,
	Andy Lutomirski <luto@kernel.org>,
	Logan Gunthorpe <logang@deltatee.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	David Hildenbrand <david@redhat.com>,
	Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
	"Liam R. Howlett" <Liam.Howlett@oracle.com>,
	Vlastimil Babka <vbabka@suse.cz>, Mike Rapoport <rppt@kernel.org>,
	Suren Baghdasaryan <surenb@google.com>,
	Michal Hocko <mhocko@suse.com>,
	"Yasunori Gotou (Fujitsu)" <y-goto@fujitsu.com>
Subject: Re: [PATCH] x86/kaslr: P2PDMA is one of a class of ZONE_DEVICE-KASLR collisions
Date: Mon, 1 Dec 2025 09:39:32 -0800	[thread overview]
Message-ID: <2d4fb1ce-176c-404a-852f-987a9481046d@intel.com> (raw)
In-Reply-To: <20251108023215.2984031-1-dan.j.williams@intel.com>

The subject probably wants to be something along the lines of:

	x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers

On 11/7/25 18:32, Dan Williams wrote:
> Commit 7ffb791423c7 ("x86/kaslr: Reduce KASLR entropy on most x86 systems")
> is too narrow. ZONE_DEVICE, in general, lets any physical address be added
> to the direct-map. I.e. not only ACPI hotplug ranges, CXL Memory Windows,
> or EFI Specific Purpose Memory, but also any PCI MMIO range for the
> CONFIG_DEVICE_PRIVATE and CONFIG_PCI_P2PDMA cases.

This should probably also mention the fact that:

	config PCI_P2PDMA
		depends on ZONE_DEVICE

It would also be nice to point out how the "too narrow" check had an
impact on real ZONE_DEVICE but !PCI_P2PDMA users. This isn't just a
theoretical problem, right?

> A potential path to recover entropy would be to walk ACPI and determine the
> limits for hotplug and PCI MMIO before kernel_randomize_memory(). On
> smaller systems that could yield some KASLR address bits. This needs
> additional investigation to determine if some limited ACPI table scanning
> can happen this early without an open coded solution like
> arch/x86/boot/compressed/acpi.c needs to deploy.

Yeah, a more flexible runtime solution would be highly preferred over
the existing solution built around config options. But this is really
orthogonal to the bug fix here.

With the changelog fixes above:

Acked-by: Dave Hansen <dave.hansen@linux.intel.com>

Oh, and does this need to be cc:stable@?

next prev parent reply	other threads:[~2025-12-01 17:39 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-11-08  2:32 Dan Williams
2025-11-08  2:39 ` Balbir Singh
2025-11-10 23:34   ` dan.j.williams
2025-11-11  1:57     ` Balbir Singh
2025-11-12 10:17     ` Yasunori Gotou (Fujitsu)
2025-11-09  6:51 ` Mike Rapoport
2025-11-10 23:39   ` dan.j.williams
2025-11-11  1:22   ` Balbir Singh
2025-12-01 17:39 ` Dave Hansen [this message]
2025-12-01 21:29   ` dan.j.williams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2d4fb1ce-176c-404a-852f-987a9481046d@intel.com \
    --to=dave.hansen@intel.com \
    --cc=Liam.Howlett@oracle.com \
    --cc=akpm@linux-foundation.org \
    --cc=balbirs@nvidia.com \
    --cc=bhelgaas@google.com \
    --cc=dan.j.williams@intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=david@redhat.com \
    --cc=kees@kernel.org \
    --cc=linux-cxl@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=logang@deltatee.com \
    --cc=lorenzo.stoakes@oracle.com \
    --cc=luto@kernel.org \
    --cc=mhocko@suse.com \
    --cc=mingo@kernel.org \
    --cc=peterz@infradead.org \
    --cc=rppt@kernel.org \
    --cc=surenb@google.com \
    --cc=vbabka@suse.cz \
    --cc=y-goto@fujitsu.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox