From patchwork Tue Nov 28 20:41:38 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 10081077 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id C0F6560353 for ; Tue, 28 Nov 2017 20:42:04 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id BA99429689 for ; Tue, 28 Nov 2017 20:42:04 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AF9992968E; Tue, 28 Nov 2017 20:42:04 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_MED autolearn=unavailable version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 36FC929689 for ; Tue, 28 Nov 2017 20:42:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:To:Subject:Message-ID:Date:From: References:In-Reply-To:MIME-Version:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=HCIbGaoR3siWu9fPntVQ9CoczZP/IcUCC6juU4KV6tQ=; b=aJkhfcuJP85geN 3p+kLIgAoSyiJRpT0DC5r2gWtjAil/qoR72RqF2Rjz5V4Ywdl0Utmm5euR+GF+JWX/rcKmH8k5m7t UkR8F7lzrj6Q9H+GmtdpokBV40v30k/B5pFR7jE/cscvWcQzEfzpRJuQANTZ4lpB7wcw/7fKEKynQ EljPrrd0TmWQkjjWHs1lY+FqEj6DvVWK9K1cGgFH/sDEpSKZh751G8ebUs5k8pH62ztkiv9MEMSIw YhUJQGzrF8zraFu2B8ZYxyRmtmToCS7sKNjsrptcwxqnJo/gBa51t7ekdTdSH9z3m3cy0Ex4tbpG8 uIUCGWZ4Fsb4+4YNb08g==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1eJmhf-000720-Cp; Tue, 28 Nov 2017 20:42:03 +0000 Received: from mail-it0-x244.google.com ([2607:f8b0:4001:c0b::244]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1eJmhc-00071T-7o for linux-arm-kernel@lists.infradead.org; Tue, 28 Nov 2017 20:42:02 +0000 Received: by mail-it0-x244.google.com with SMTP id f190so1351461ita.5 for ; Tue, 28 Nov 2017 12:41:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=NNW1dEul6KOTsGN54ZpKyI9hdaUTFSkEYxFSoQb6kwQ=; b=ZRKVCNMi8JTXoVYkw3HYcwdXlpSwWcSc5UBb0nJ7hlCG3882GZNb4wS2xDs83IyowD DyaBscRWpUhALbAy4aYC4xVtUjRc65QXfRsZJajsYEEN/YxSsIQQ/PQjQ8v7pU5fzE4Z I7TVjicaxiIa4InZUCQfnayKdPrBt5sqw9kJ4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=NNW1dEul6KOTsGN54ZpKyI9hdaUTFSkEYxFSoQb6kwQ=; b=ngKiV+VtjIbIcnL80J/eZ7Oy96Fe3PwuhDKachZlDYJUrZjXd8GfDnKgcx5cs7Xx5G F3O2P8rD3K/PT+UXHkJdTS4r1E+qjffbY7paOXMjgvDncb5sBPEco8cdTrxSj14uZFqR f2BHZqAzJz58s/9iAwg+a3oQMP6sJKYNpmxzAbsYC9Ftd+55arpEG4Ao9oG/QQUtvB/j DJEno/mxatkOATihFv/ukDANOCpuab5KWMl1zWLF0ihKrQ/t3zAL3gKWGzAVcTZgTgaV 05xqEjH25yIQTBgkAyAPSgGlXv/Rm9kJVLznhW/ZcDfQhccWvkeSGu6/CP3F1GVK3Vw6 eK8A== X-Gm-Message-State: AJaThX7sm8eQKyDwhlbkP88i0CYuVGEtuNwS3rfie+EffIOAzrb4h4+m 47dUVYMGd9lztRoAS0wWhMmBvrOxzk69dixSWfaeWA== X-Google-Smtp-Source: AGs4zMaaMPxLptV475rpyVVlSvNfZaYDaoq+oJAXayUiaw2/M1+MZrVMH41mhmWgb3GnBOgGZ0NCwp7ExCIdBihVaxM= X-Received: by 10.36.78.212 with SMTP id r203mr4214119ita.58.1511901699193; Tue, 28 Nov 2017 12:41:39 -0800 (PST) MIME-Version: 1.0 Received: by 10.107.104.16 with HTTP; Tue, 28 Nov 2017 12:41:38 -0800 (PST) In-Reply-To: <1511235853-8407-1-git-send-email-puck.chen@hisilicon.com> References: <1511235853-8407-1-git-send-email-puck.chen@hisilicon.com> From: Ard Biesheuvel Date: Tue, 28 Nov 2017 20:41:38 +0000 Message-ID: Subject: Re: [PATCH] arm64: kaslr: Fix kaslr end boundary of virt addr To: Chen Feng X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20171128_124200_321918_4D0AD75E X-CRM114-Status: GOOD ( 20.59 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Dan Zhao , chenxiang9@huawei.com, Yiping Xu , Catalin Marinas , Zhuangluan Su , Will Deacon , "linux-kernel@vger.kernel.org" , xuyoujun4@huawei.com, houyu3@huawei.com, "linux-arm-kernel@lists.infradead.org" , chenya99@hisilicon.com Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On 21 November 2017 at 03:44, Chen Feng wrote: > With kaslr and kasan enable both, I got the follow issue. > > [ 16.130523s]kasan: reg->base = 100000000, phys_end =1c0000000,start = ffffffff40000000, end = ffffffc000000000 > [ 16.142517s]___alloc_bootmem_nopanic:257 > [ 16.148284s]__alloc_memory_core_early:63, addr = 197fc7fc0 > [ 16.155670s]__alloc_memory_core_early:65, virt = ffffffffd7fc7fc0 > [ 16.163635s]__alloc_memory_core_early:67, toshow = ffffff8ffaff8ff8 > [ 16.171783s]__alloc_memory_core_early:69, show_phy = ffffffe2649f8ff8 > [ 16.180145s]Unable to handle kernel paging request at virtual address ffffff8ffaff8ff8 > [ 16.189971s]pgd = ffffffad9c507000 > [ 16.195220s][ffffff8ffaff8ff8] *pgd=0000000197fc8003, *pud=0000000197fc8003 > > *reg->base = 100000000, phys_end =1c0000000,start = ffffffff40000000, end = ffffffc000000000* > > memstart_addr 0 > ARM64_MEMSTART_ALIGN 0x40000000 > memstart_offset_seed 0xffc7 > PHYS_OFFSET = 0 - memstart_addr = 0 - 3E40000000 = FFFFFFC1C0000000 > > reg->base = 0x100000000 -> 0xffffffff40000000 > phys_end = 0x1c0000000 -> 0xffffffc000000000 This is confused, end less than start. > This looks a bit weird because we add the PAGE_OFFSET, but it simply wraps at the top of the address space. So this code in kasan_init() void *start = (void *)__phys_to_virt(reg->base); void *end = (void *)__phys_to_virt(reg->base + reg->size); if (start >= end) break; is essentially incorrect, because it translates an address that is strictly outside of the current memblock region. If the KASLR code happens to map DRAM all the way at the top of the linear region (which is what occurs in your case), end - 1 is the last valid address. So I think the minimal correct fix would be given that mappings in the linear region are congruent with the underlying physical regions (unless I am missing something wrt special start/end values in memblock, but in that case, they should not be p2v translated before the evaluation) However, since having DRAM at the very top appears to break other things as well vmemmap : 0xffffffbf00000000 - 0xffffffc000000000 ( 4 GB maximum) 0xffffffbfff000000 - 0xffffffbf00000000 (17592186040336 MB actual) memory : 0xffffffffc0000000 - 0x 0 ( 1024 MB) I will leave it to Will and/or Catalin to decide whether they prefer to follow your approach instead, and prevent KASLR from mapping DRAM all the way at the top of the address space. Otherwise, we'll need to track down all problematic uses of __phys_to_virt() et al, because there will surely be more. Thanks, Ard. > And In memblock it use "start_addr + size" as the end addr. So in function kasan_init, > if the start >= end, it will not map the hole block address. But the memory in this > block is valid. And it can be allocated as well. > > So donot use the last memory region. Changing "range = range / ARM64_MEMSTART_ALIGN + 1" to > range = range / ARM64_MEMSTART_ALIGN; > > Signed-off-by: Chen Feng > Signed-off-by: Chen Xiang > --- > arch/arm64/mm/init.c | 7 ++----- > 1 file changed, 2 insertions(+), 5 deletions(-) > > diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c > index 716d122..60112c0 100644 > --- a/arch/arm64/mm/init.c > +++ b/arch/arm64/mm/init.c > @@ -267,11 +267,8 @@ void __init arm64_memblock_init(void) > * margin, the size of the region that the available physical > * memory spans, randomize the linear region as well. > */ > - if (memstart_offset_seed > 0 && range >= ARM64_MEMSTART_ALIGN) { > - range = range / ARM64_MEMSTART_ALIGN + 1; > - memstart_addr -= ARM64_MEMSTART_ALIGN * > - ((range * memstart_offset_seed) >> 16); > - } > + if (memstart_offset_seed > 0 && range >= ARM64_MEMSTART_ALIGN) > + memstart_addr -= (range * memstart_offset_seed) >> 16; > } > > /* > -- > 1.9.1 > diff --git a/arch/arm64/mm/kasan_init.c b/arch/arm64/mm/kasan_init.c index acba49fb5aac..3214aa9d90be 100644 --- a/arch/arm64/mm/kasan_init.c +++ b/arch/arm64/mm/kasan_init.c @@ -216,7 +216,7 @@ void __init kasan_init(void) for_each_memblock(memory, reg) { void *start = (void *)__phys_to_virt(reg->base); - void *end = (void *)__phys_to_virt(reg->base + reg->size); + void *end = start + reg->size; if (start >= end) break;