From: Thomas Garnier <thgarnie@google.com>
To: Borislav Petkov <bp@suse.de>
Cc: Jiri Kosina <jikos@kernel.org>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
"Rafael J. Wysocki" <rafael@kernel.org>,
Linux PM list <linux-pm@vger.kernel.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Yinghai Lu <yinghai@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H . Peter Anvin" <hpa@zytor.com>,
Kees Cook <keescook@chromium.org>, Pavel Machek <pavel@ucw.cz>,
Kernel Hardening <kernel-hardening@lists.openwall.com>
Subject: Re: [Resend][PATCH] x86/power/64: Always create temporary identity mapping correctly
Date: Wed, 10 Aug 2016 09:44:44 -0700 [thread overview]
Message-ID: <CAJcbSZF6k0=NXvqMGedcSPiMLwGBG3tZGBwCMJWgMm2AXDY9hQ@mail.gmail.com> (raw)
In-Reply-To: <20160810163500.GA9424@nazgul.tnic>
On Wed, Aug 10, 2016 at 9:35 AM, Borislav Petkov <bp@suse.de> wrote:
> On Wed, Aug 10, 2016 at 04:59:40PM +0200, Jiri Kosina wrote:
>> Mine is Lenovo thinkpad x200s; I think Boris has been testing it on x230s,
>
> It says "X230" here under the screen.
>
>> but not sure whether any of the latest patches didn't actually fix it for
>> him.
>
> Haven't tested them yet. I'm waiting for you to test them first since
> this is the only machine I have right now and I need it for work.
>
>> The machine I am seeing the issue on, has 2G RAM, with this e820 map:
>
> 8G here:
>
> e820: BIOS-provided physical RAM map:
> BIOS-e820: [mem 0x0000000000000000-0x000000000009d7ff] usable
> BIOS-e820: [mem 0x000000000009d800-0x000000000009ffff] reserved
> BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
> BIOS-e820: [mem 0x0000000000100000-0x000000001fffffff] usable
> BIOS-e820: [mem 0x0000000020000000-0x00000000201fffff] reserved
> BIOS-e820: [mem 0x0000000020200000-0x0000000040003fff] usable
> BIOS-e820: [mem 0x0000000040004000-0x0000000040004fff] reserved
> BIOS-e820: [mem 0x0000000040005000-0x00000000cec2ffff] usable
> BIOS-e820: [mem 0x00000000cec30000-0x00000000dae9efff] reserved
> BIOS-e820: [mem 0x00000000dae9f000-0x00000000daf9efff] ACPI NVS
> BIOS-e820: [mem 0x00000000daf9f000-0x00000000daffefff] ACPI data
> BIOS-e820: [mem 0x00000000dafff000-0x00000000df9fffff] reserved
> BIOS-e820: [mem 0x00000000f8000000-0x00000000fbffffff] reserved
> BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
> BIOS-e820: [mem 0x00000000fed08000-0x00000000fed08fff] reserved
> BIOS-e820: [mem 0x00000000fed10000-0x00000000fed19fff] reserved
> BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
> BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
> BIOS-e820: [mem 0x00000000ffc00000-0x00000000ffffffff] reserved
> BIOS-e820: [mem 0x0000000100000000-0x000000021e5fffff] usable
> BIOS-e820: [mem 0x000000021e600000-0x000000021e7fffff] reserved
> debug: ignoring loglevel setting.
> NX (Execute Disable) protection: active
> SMBIOS 2.7 present.
> DMI: LENOVO 2320CTO/2320CTO, BIOS G2ET86WW (2.06 ) 11/13/2012
> e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
> e820: remove [mem 0x000a0000-0x000fffff] usable
> e820: last_pfn = 0x21e600 max_arch_pfn = 0x400000000
>
>> CPU:
>
> processor : 0
> vendor_id : GenuineIntel
> cpu family : 6
> model : 58
> model name : Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
> stepping : 9
> microcode : 0x1c
> cpu MHz : 1257.421
> cache size : 4096 KB
> physical id : 0
> siblings : 4
> core id : 0
> cpu cores : 2
> apicid : 0
> initial apicid : 0
> fpu : yes
> fpu_exception : yes
> cpuid level : 13
> wp : yes
> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm epb tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm ida arat pln pts
> bugs :
> bogomips : 5786.68
> clflush size : 64
> cache_alignment : 64
> address sizes : 36 bits physical, 48 bits virtual
> power management:
>
Ok, I want to know if the problem is the PUD alignment or the change
of PAGE_OFFSET based all together. Can you test the following change?
(on top of everything else with KASLR enabled). It will randomize the
memory sections only on PGD level.
diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c
index ec8654f..a8477b0 100644
--- a/arch/x86/mm/kaslr.c
+++ b/arch/x86/mm/kaslr.c
@@ -120,7 +120,7 @@ void __init kernel_randomize_memory(void)
*/
entropy = remain_entropy / (ARRAY_SIZE(kaslr_regions) - i);
prandom_bytes_state(&rand_state, &rand, sizeof(rand));
- entropy = (rand % (entropy + 1)) & PUD_MASK;
+ entropy = (rand % (entropy + 1)) & PGDIR_MASK;
vaddr += entropy;
*kaslr_regions[i].base = vaddr;
@@ -129,7 +129,7 @@ void __init kernel_randomize_memory(void)
* randomization alignment.
*/
vaddr += get_padding(&kaslr_regions[i]);
- vaddr = round_up(vaddr + 1, PUD_SIZE);
+ vaddr = round_up(vaddr + 1, PGDIR_SIZE);
remain_entropy -= entropy;
}
}
> --
> Regards/Gruss,
> Boris.
>
> ECO tip #101: Trim your mails when you reply.
>
> SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
> --
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Garnier <thgarnie@google.com>
To: Borislav Petkov <bp@suse.de>
Cc: Jiri Kosina <jikos@kernel.org>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
"Rafael J. Wysocki" <rafael@kernel.org>,
Linux PM list <linux-pm@vger.kernel.org>,
the arch/x86 maintainers <x86@kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Yinghai Lu <yinghai@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H . Peter Anvin" <hpa@zytor.com>,
Kees Cook <keescook@chromium.org>, Pavel Machek <pavel@ucw.cz>,
Kernel Hardening <kernel-hardening@lists.openwall.com>
Subject: [kernel-hardening] Re: [Resend][PATCH] x86/power/64: Always create temporary identity mapping correctly
Date: Wed, 10 Aug 2016 09:44:44 -0700 [thread overview]
Message-ID: <CAJcbSZF6k0=NXvqMGedcSPiMLwGBG3tZGBwCMJWgMm2AXDY9hQ@mail.gmail.com> (raw)
In-Reply-To: <20160810163500.GA9424@nazgul.tnic>
On Wed, Aug 10, 2016 at 9:35 AM, Borislav Petkov <bp@suse.de> wrote:
> On Wed, Aug 10, 2016 at 04:59:40PM +0200, Jiri Kosina wrote:
>> Mine is Lenovo thinkpad x200s; I think Boris has been testing it on x230s,
>
> It says "X230" here under the screen.
>
>> but not sure whether any of the latest patches didn't actually fix it for
>> him.
>
> Haven't tested them yet. I'm waiting for you to test them first since
> this is the only machine I have right now and I need it for work.
>
>> The machine I am seeing the issue on, has 2G RAM, with this e820 map:
>
> 8G here:
>
> e820: BIOS-provided physical RAM map:
> BIOS-e820: [mem 0x0000000000000000-0x000000000009d7ff] usable
> BIOS-e820: [mem 0x000000000009d800-0x000000000009ffff] reserved
> BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
> BIOS-e820: [mem 0x0000000000100000-0x000000001fffffff] usable
> BIOS-e820: [mem 0x0000000020000000-0x00000000201fffff] reserved
> BIOS-e820: [mem 0x0000000020200000-0x0000000040003fff] usable
> BIOS-e820: [mem 0x0000000040004000-0x0000000040004fff] reserved
> BIOS-e820: [mem 0x0000000040005000-0x00000000cec2ffff] usable
> BIOS-e820: [mem 0x00000000cec30000-0x00000000dae9efff] reserved
> BIOS-e820: [mem 0x00000000dae9f000-0x00000000daf9efff] ACPI NVS
> BIOS-e820: [mem 0x00000000daf9f000-0x00000000daffefff] ACPI data
> BIOS-e820: [mem 0x00000000dafff000-0x00000000df9fffff] reserved
> BIOS-e820: [mem 0x00000000f8000000-0x00000000fbffffff] reserved
> BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved
> BIOS-e820: [mem 0x00000000fed08000-0x00000000fed08fff] reserved
> BIOS-e820: [mem 0x00000000fed10000-0x00000000fed19fff] reserved
> BIOS-e820: [mem 0x00000000fed1c000-0x00000000fed1ffff] reserved
> BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved
> BIOS-e820: [mem 0x00000000ffc00000-0x00000000ffffffff] reserved
> BIOS-e820: [mem 0x0000000100000000-0x000000021e5fffff] usable
> BIOS-e820: [mem 0x000000021e600000-0x000000021e7fffff] reserved
> debug: ignoring loglevel setting.
> NX (Execute Disable) protection: active
> SMBIOS 2.7 present.
> DMI: LENOVO 2320CTO/2320CTO, BIOS G2ET86WW (2.06 ) 11/13/2012
> e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
> e820: remove [mem 0x000a0000-0x000fffff] usable
> e820: last_pfn = 0x21e600 max_arch_pfn = 0x400000000
>
>> CPU:
>
> processor : 0
> vendor_id : GenuineIntel
> cpu family : 6
> model : 58
> model name : Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
> stepping : 9
> microcode : 0x1c
> cpu MHz : 1257.421
> cache size : 4096 KB
> physical id : 0
> siblings : 4
> core id : 0
> cpu cores : 2
> apicid : 0
> initial apicid : 0
> fpu : yes
> fpu_exception : yes
> cpuid level : 13
> wp : yes
> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm epb tpr_shadow vnmi flexpriority ept vpid fsgsbase smep erms xsaveopt dtherm ida arat pln pts
> bugs :
> bogomips : 5786.68
> clflush size : 64
> cache_alignment : 64
> address sizes : 36 bits physical, 48 bits virtual
> power management:
>
Ok, I want to know if the problem is the PUD alignment or the change
of PAGE_OFFSET based all together. Can you test the following change?
(on top of everything else with KASLR enabled). It will randomize the
memory sections only on PGD level.
diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c
index ec8654f..a8477b0 100644
--- a/arch/x86/mm/kaslr.c
+++ b/arch/x86/mm/kaslr.c
@@ -120,7 +120,7 @@ void __init kernel_randomize_memory(void)
*/
entropy = remain_entropy / (ARRAY_SIZE(kaslr_regions) - i);
prandom_bytes_state(&rand_state, &rand, sizeof(rand));
- entropy = (rand % (entropy + 1)) & PUD_MASK;
+ entropy = (rand % (entropy + 1)) & PGDIR_MASK;
vaddr += entropy;
*kaslr_regions[i].base = vaddr;
@@ -129,7 +129,7 @@ void __init kernel_randomize_memory(void)
* randomization alignment.
*/
vaddr += get_padding(&kaslr_regions[i]);
- vaddr = round_up(vaddr + 1, PUD_SIZE);
+ vaddr = round_up(vaddr + 1, PGDIR_SIZE);
remain_entropy -= entropy;
}
}
> --
> Regards/Gruss,
> Boris.
>
> ECO tip #101: Trim your mails when you reply.
>
> SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
> --
next prev parent reply other threads:[~2016-08-10 18:36 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-08 13:31 [Resend][PATCH] x86/power/64: Always create temporary identity mapping correctly Rafael J. Wysocki
2016-08-08 13:31 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-08 13:40 ` Borislav Petkov
2016-08-08 13:40 ` [kernel-hardening] " Borislav Petkov
2016-08-08 13:54 ` Rafael J. Wysocki
2016-08-08 13:54 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-08 18:00 ` Thomas Garnier
2016-08-08 18:00 ` [kernel-hardening] " Thomas Garnier
2016-08-08 20:01 ` Rafael J. Wysocki
2016-08-08 20:01 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-09 7:02 ` Borislav Petkov
2016-08-09 7:02 ` [kernel-hardening] " Borislav Petkov
2016-08-09 11:47 ` Rafael J. Wysocki
2016-08-09 11:47 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-09 9:23 ` Jiri Kosina
2016-08-09 9:23 ` [kernel-hardening] " Jiri Kosina
2016-08-09 11:56 ` Rafael J. Wysocki
2016-08-09 11:56 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-09 12:58 ` Jiri Kosina
2016-08-09 12:58 ` [kernel-hardening] " Jiri Kosina
2016-08-09 13:30 ` Jiri Kosina
2016-08-09 13:30 ` [kernel-hardening] " Jiri Kosina
2016-08-09 15:00 ` Thomas Garnier
2016-08-09 15:00 ` [kernel-hardening] " Thomas Garnier
2016-08-09 15:05 ` Jiri Kosina
2016-08-09 15:05 ` [kernel-hardening] " Jiri Kosina
2016-08-09 16:18 ` Rafael J. Wysocki
2016-08-09 16:18 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-09 16:27 ` Thomas Garnier
2016-08-09 16:27 ` [kernel-hardening] " Thomas Garnier
2016-08-09 20:50 ` Rafael J. Wysocki
2016-08-09 20:50 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-09 20:02 ` Jiri Kosina
2016-08-09 20:02 ` [kernel-hardening] " Jiri Kosina
2016-08-09 21:23 ` Rafael J. Wysocki
2016-08-09 21:23 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-10 0:21 ` Rafael J. Wysocki
2016-08-10 0:21 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-10 7:50 ` Jiri Kosina
2016-08-10 7:50 ` [kernel-hardening] " Jiri Kosina
2016-08-10 13:11 ` Rafael J. Wysocki
2016-08-10 13:11 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-10 13:18 ` Jiri Kosina
2016-08-10 13:18 ` [kernel-hardening] " Jiri Kosina
2016-08-10 14:42 ` Thomas Garnier
2016-08-10 14:42 ` [kernel-hardening] " Thomas Garnier
2016-08-10 14:59 ` Jiri Kosina
2016-08-10 14:59 ` [kernel-hardening] " Jiri Kosina
2016-08-10 16:35 ` Borislav Petkov
2016-08-10 16:35 ` [kernel-hardening] " Borislav Petkov
2016-08-10 16:44 ` Thomas Garnier [this message]
2016-08-10 16:44 ` Thomas Garnier
2016-08-10 21:52 ` Jiri Kosina
2016-08-10 21:52 ` [kernel-hardening] " Jiri Kosina
2016-08-10 21:58 ` Rafael J. Wysocki
2016-08-10 21:58 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-10 20:56 ` Rafael J. Wysocki
2016-08-10 20:56 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-10 21:13 ` Rafael J. Wysocki
2016-08-10 21:13 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-10 21:59 ` Jiri Kosina
2016-08-10 21:59 ` [kernel-hardening] " Jiri Kosina
2016-08-11 0:35 ` Rafael J. Wysocki
2016-08-11 0:35 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-11 1:17 ` Thomas Garnier
2016-08-11 1:17 ` [kernel-hardening] " Thomas Garnier
2016-08-11 1:35 ` Rafael J. Wysocki
2016-08-11 1:35 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-11 18:47 ` Thomas Garnier
2016-08-11 18:47 ` [kernel-hardening] " Thomas Garnier
2016-08-11 21:33 ` Rafael J. Wysocki
2016-08-11 21:33 ` [kernel-hardening] " Rafael J. Wysocki
2016-08-11 21:32 ` Thomas Garnier
2016-08-11 21:32 ` [kernel-hardening] " Thomas Garnier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJcbSZF6k0=NXvqMGedcSPiMLwGBG3tZGBwCMJWgMm2AXDY9hQ@mail.gmail.com' \
--to=thgarnie@google.com \
--cc=bp@suse.de \
--cc=hpa@zytor.com \
--cc=jikos@kernel.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pavel@ucw.cz \
--cc=rafael@kernel.org \
--cc=rjw@rjwysocki.net \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--cc=yinghai@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.