LKML Archive on
help / color / mirror / Atom feed
From: Ingo Molnar <>
To: Baoquan He <>
Subject: Re: [PATCH 0/2] x86/boot/KASLR: Skip specified number of 1GB huge pages when do physical randomization
Date: Fri, 18 May 2018 10:19:19 +0200	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <20180518074359.GR24627@MiWiFi-R3L-srv>

* Baoquan He <> wrote:

> OK, I realized my saying above is misled because I didn't explain the
> background clearly. Let me add it:
> Previously, FJ reported the movable_node issue that KASLR will put
> kernel into movable_node. That cause those movable_nodes can't be hot
> plugged any more. So finally we plannned to solve it by adding a new
> kernel parameter :
> 	kaslr_boot_mem=nn[KMG]@ss[KMG]
> We want customer to specify memory regions which KASLR can make use to
> randomize kernel into.

*WHY* should the "customer" care?

This is a _bug_: movable, hotpluggable zones of physical memory should not be 
randomized into.

> [...] Outside of the specified regions, we need avoid to put kernel into those 
> regions even though they are also available RAM. As for movable_node issue, we 
> can add immovable regions into kaslr_boot_mem=nn[KMG]@ss[KMG].
> During this hotplug issue reviewing, Luiz's team reported this 1GB hugepages
> regression bug, I reproduced the bug and found out the root cause, then
> realized that I can utilize kaslr_boot_mem=nn[KMG]@ss[KMG] parameter to
> fix it too. E.g the KVM guest with 4GB RAM, we have a good 1GB huge
> page, then we can add "kaslr_boot_mem=1G@0, kaslr_boot_mem=3G@2G" to
> kernel command-line, then the good 1GB region [1G, 2G) won't be taken
> into account for kernel physical randomization.
> Later, you pointed out that 'kaslr_boot_mem=' way need user to specify
> memory region manually, it's not good, suggested to solve them by
> getting information and solving them in KASLR boot code. So they are two
> issues now, for the movable_node issue, we need get hotplug information
> from SRAT table and then avoid them; for this 1GB hugepage issue, we
> need get information from kernel command-line, then avoid them.
> This patch is for the hugepage issue only. Since FJ reported the hotplug
> issue and they assigned engineers to work on it, I would like to wait
> for them to post according to your suggestion.

All of this is handling it the wrong way about. This is *not* primarily about 
KASLR at all, and the user should not be required to specify some weird KASLR 

This is a basic _memory map enumeration_ problem in both cases:

 - in the hotplug case KASLR doesn't know that it's a movable zone and relocates 
   into it,

 - and in the KVM case KASLR doesn't know that it's a valuable 1GB page that
   shouldn't be broken up.

Note that it's not KASLR specific: if we had some other kernel feature that tried 
to allocate a piece of memory from what appears to be perfectly usable generic RAM 
we'd have the same problems!

We need to fix the real root problem, which is lack of knowledge about crutial 
attributes of physical memory. Once that knowledge is properly represented at this 
early boot stage both KASLR and other memory allocators can make use of it to 
avoid those regions.



  reply	other threads:[~2018-05-18  8:19 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-16 10:05 [PATCH 0/2] x86/boot/KASLR: Skip specified number of 1GB huge pages when do physical randomization Baoquan He
2018-05-16 10:05 ` [PATCH 1/2] x86/boot/KASLR: Add two functions for 1GB huge pages handling Baoquan He
2018-05-17  3:27   ` Chao Fan
2018-05-17  4:03     ` Baoquan He
2018-05-17  5:53       ` Chao Fan
2018-05-17  6:13         ` Baoquan He
2018-05-17  5:12   ` damian
2018-05-17  5:38     ` Baoquan He
2018-06-21 15:01   ` Ingo Molnar
2018-06-22 12:14     ` Baoquan He
2018-06-24  7:13       ` Ingo Molnar
2018-05-16 10:05 ` [PATCH 2/2] x86/boot/KASLR: Skip specified number of 1GB huge pages when do physical randomization Baoquan He
2018-05-18  7:00 ` [PATCH 0/2] " Ingo Molnar
2018-05-18  7:43   ` Baoquan He
2018-05-18  8:19     ` Ingo Molnar [this message]
2018-05-18 11:28       ` Baoquan He
2018-05-18 12:14         ` Baoquan He
2018-05-23 19:10         ` Luiz Capitulino
2018-05-28  9:54           ` Baoquan He
2018-05-29 13:27             ` Luiz Capitulino

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).