linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>,
	Laura Abbott <labbott@redhat.com>,
	AKASHI Takahiro <takahiro.akashi@linaro.org>,
	David Brown <david.brown@linaro.org>,
	Will Deacon <will.deacon@arm.com>,
	"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
	Kees Cook <keescook@chromium.org>,
	kernel-hardening@lists.openwall.com,
	Matt Fleming <matt@codeblueprint.co.uk>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"linux-arm-kernel@lists.infradead.org" 
	<linux-arm-kernel@lists.infradead.org>
Subject: Re: [kernel-hardening] Re: [PATCHv4 0/4] WX checking for arm64
Date: Mon, 7 Nov 2016 19:58:42 +0000	[thread overview]
Message-ID: <CAKv+Gu9c3PmC6CQ0Av9e=OmNr1cbbcwB4synSHiX5-d-xPg55w@mail.gmail.com> (raw)
In-Reply-To: <20161107194910.GM19796@leverpostej>

On 7 November 2016 at 19:49, Mark Rutland <mark.rutland@arm.com> wrote:
> On Mon, Nov 07, 2016 at 03:38:02PM +0000, Mark Rutland wrote:
>> On Sun, Oct 30, 2016 at 03:03:07PM +0000, Catalin Marinas wrote:
>> > On Thu, Oct 27, 2016 at 09:27:30AM -0700, Laura Abbott wrote:
>> > > Laura Abbott (4):
>> > >   arm64: dump: Make ptdump debugfs a separate option
>> > >   arm64: dump: Make the page table dumping seq_file optional
>> > >   arm64: dump: Remove max_addr
>> > >   arm64: dump: Add checking for writable and exectuable pages
>> >
>> > Queued for 4.10. Thanks.
>>
>> Catalin mentioned to me that he saw some KASAN splats when testing; it
>> looks like need a fixup something like the below.
>
> As an aside, it looks like any ptdump usage when KASAN is enabled takes
> several minutes, which at boot time looks like a hang.
>
> AFAICT, this is because KASAN allocates *huge* VA ranges (4TB+) worth of
> zeroed shadow memory at pte granularity (reusing the same pmd, pud,
> tables), and the ptdump code dutifully walks this with, with the added
> KASAN instrumentation overhead.
>
> I'll try to dig into that tomorrow; I suspect/hope it's not necessary to
> keep all of that mapped.
>

I have noticed that in the past, but I see how this delay at boot time
is an issue. However, I don't think there is a huge cost involved in
terms of memory footprint: AFAIK, the same PMD/PTE/kasan zero page are
mapped over and over across the range.

      reply	other threads:[~2016-11-07 19:58 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-27 16:27 [PATCHv4 0/4] WX checking for arm64 Laura Abbott
2016-10-27 16:27 ` [PATCHv4 1/4] arm64: dump: Make ptdump debugfs a separate option Laura Abbott
2016-10-27 16:27 ` [PATCHv4 2/4] arm64: dump: Make the page table dumping seq_file optional Laura Abbott
2016-10-27 16:27 ` [PATCHv4 3/4] arm64: dump: Remove max_addr Laura Abbott
2016-10-27 16:27 ` [PATCHv4 4/4] arm64: dump: Add checking for writable and exectuable pages Laura Abbott
2016-10-28 11:52   ` Ard Biesheuvel
2016-10-30 15:03 ` [PATCHv4 0/4] WX checking for arm64 Catalin Marinas
2016-11-07 15:38   ` Mark Rutland
2016-11-07 16:26     ` Laura Abbott
2016-11-07 16:31       ` Catalin Marinas
2016-11-07 19:49     ` [kernel-hardening] " Mark Rutland
2016-11-07 19:58       ` Ard Biesheuvel [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKv+Gu9c3PmC6CQ0Av9e=OmNr1cbbcwB4synSHiX5-d-xPg55w@mail.gmail.com' \
    --to=ard.biesheuvel@linaro.org \
    --cc=catalin.marinas@arm.com \
    --cc=david.brown@linaro.org \
    --cc=keescook@chromium.org \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=labbott@redhat.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-efi@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mark.rutland@arm.com \
    --cc=matt@codeblueprint.co.uk \
    --cc=takahiro.akashi@linaro.org \
    --cc=will.deacon@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).