From patchwork Tue Aug 9 16:35:54 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Garnier X-Patchwork-Id: 9271743 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5ABAC60754 for ; Tue, 9 Aug 2016 16:36:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4BF7627569 for ; Tue, 9 Aug 2016 16:36:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 40A1B28364; Tue, 9 Aug 2016 16:36:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, RCVD_IN_DNSWL_MED, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 787DF2833F for ; Tue, 9 Aug 2016 16:36:34 +0000 (UTC) Received: (qmail 20248 invoked by uid 550); 9 Aug 2016 16:36:30 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: kernel-hardening@lists.openwall.com Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 20208 invoked from network); 9 Aug 2016 16:36:29 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sjvnJgfjnkiND5CI6i3JkfvSupsshjOL/xKH9Go0Dro=; b=prKmyNaTOuSGSplY5q2ViWxHQ+ZX+ltkHDuEMKpz7RkQLCUyoNBN3mTYFxT3rbS2C3 gV7X3jT4Bg9phu7r+kkS1uaj2kOVIipcw26io+r+C7cTlxDIIxQhxCRiZbm6fEEHwSdK qNjjgd9WqeGmfulMcGPGv09U6KUeAV2dO1gATOERZqxhy8TQ4TotYyZOTAaBbMHCYiMu 4tVxA0Ce23zAD0z13bRDvQW8foNSlZH3sbIpz/QjfEZUNgeuumqHGTutGkxami6s4/Ac p81KFayfElTibi9IfFJOUBb+sGBaXljcmgyNXg2tyLJkXoxQODR0VAVjjK5fYq8rqQEZ gJGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sjvnJgfjnkiND5CI6i3JkfvSupsshjOL/xKH9Go0Dro=; b=Qe5DI5bgnQgDOXhqn4OW3gMFlUFYE/7g6nbTqOHcRfaGYDhsb5+PbFJi49v+MiEl19 CVn1g6VfDi7tXYziO+2o4272VHB+fGa2LAPXpFS2/6P98RaXE/ZYjbxyEgPIHt28vjy0 yzzGqk6j3qNnnlSyF9l8gOeQ5OlZ1Lz8UrJWg/0dt6gyYIkTtlQYJZPhDIXNtuamljYZ YMTGquMI3xn8ooZMvtW8RHyT6kF2kGu5vX7dO1xjpSH8u1GUQHp2pXQRdYmE0DRGFgmX 8jzWVXIvsSBLZSkpu31rtvs81xzztMsNf3fjDLuK8UO2hjmSjoA/Ff3hWD51n+Bzydkx zwLw== X-Gm-Message-State: AEkooutWMfcaEgXgnDyyDNvHE6+4zXt64dw+VlRutnQrM2l5bhCKvdhenRW9eQPvbP7jE9CW X-Received: by 10.98.100.67 with SMTP id y64mr174161339pfb.84.1470760577465; Tue, 09 Aug 2016 09:36:17 -0700 (PDT) From: Thomas Garnier To: Thomas Gleixner , Ingo Molnar , "H . Peter Anvin" , Borislav Petkov , Joerg Roedel , Dave Young , "Rafael J . Wysocki" , Lv Zheng , Thomas Garnier , Baoquan He , Dave Hansen , Mark Salter , Aleksey Makarov , Kees Cook , Andrew Morton , Christian Borntraeger , Fabian Frederick , Toshi Kani , Dan Williams Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com Date: Tue, 9 Aug 2016 09:35:54 -0700 Message-Id: <1470760554-129111-2-git-send-email-thgarnie@google.com> X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020 In-Reply-To: <1470760554-129111-1-git-send-email-thgarnie@google.com> References: <1470760554-129111-1-git-send-email-thgarnie@google.com> Subject: [kernel-hardening] [PATCH v2 2/2] x86/KASLR: Increase BRK pages for KASLR memory randomization X-Virus-Scanned: ClamAV using ClamSMTP Default implementation expects 6 pages maximum are needed for low page allocations. If KASLR memory randomization is enabled, the worse case of e820 layout would require 12 pages (no large pages). It is due to the PUD level randomization and the variable e820 memory layout. This bug was found while doing extensive testing of KASLR memory randomization on different type of hardware. Fixes: 021182e52fe0 ("Enable KASLR for physical mapping memory regions") Signed-off-by: Thomas Garnier --- Based on next-20160805 --- arch/x86/mm/init.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index 6209289..796e7af 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -122,8 +122,18 @@ __ref void *alloc_low_pages(unsigned int num) return __va(pfn << PAGE_SHIFT); } -/* need 3 4k for initial PMD_SIZE, 3 4k for 0-ISA_END_ADDRESS */ -#define INIT_PGT_BUF_SIZE (6 * PAGE_SIZE) +/* + * By default need 3 4k for initial PMD_SIZE, 3 4k for 0-ISA_END_ADDRESS. + * With KASLR memory randomization, depending on the machine e860 memory layout + * and the PUD alignement. We may need twice more pages when KASLR memoy + * randomization is enabled. + */ +#ifndef CONFIG_RANDOMIZE_MEMORY +#define INIT_PGD_PAGE_COUNT 6 +#else +#define INIT_PGD_PAGE_COUNT 12 +#endif +#define INIT_PGT_BUF_SIZE (INIT_PGD_PAGE_COUNT * PAGE_SIZE) RESERVE_BRK(early_pgt_alloc, INIT_PGT_BUF_SIZE); void __init early_alloc_pgt_buf(void) {