On Fri, May 12, 2017 at 10:46 PM, Baoquan He <b...@redhat.com> wrote:
> People reported kernel panic occurs during system boots up with mem boot
> option.
> After checking code, several problems are found about memmap= and mem= in
> boot stage
> kaslr.
>
> *) In commit f28442497b5c ("x86/boot: Fix KASLR and memmap= collision"), only
> one memmap
> entry is considered and only the last one if multiple memmap entries are
> specified.
>
> *) mem= and memmap=nn[KMG] are not considered yet. They are used to limit max
> address
> of system. Kernel can't be randomized to be above the limit.
>
> *) kernel-parameters.txt doesn't tell the updated behaviour of memmap=.
>
> This patchset tries to solve above issues, and it sits on top of
> tip:x86/boot branch.
Thanks for keeping at this. I think they look good now!
Acked-by: Kees Cook <keesc...@chromium.org>
-Kees
>
> Changelog
> v4->v5:
> 1. Change patch log according to Thomas's comment.
>
> 2. Put "Fall through" to the right place in parse_memmap() according
> to Kees's suggestion.
>
> v3->v4:
> 1. Code improved patch 1/3 according to Kees's suggestion.
>
> 2. Add 'Fall through' in switch case of parse_memmap() which
> is suggestd by Kees.
>
> v2->v3:
> No functionality change in this round.
> 1. Use local static variable insted of global variable
> mem_avoid_memmap_index in patch 1/3.
>
> 2. Fix a typo in patch 3/3.
>
> v1->v2:
> 1. The original patch 1/4 has been put in tip:x86/boot and no update,
> so it's not included in this post.
>
> 2. Use patch log Ingo reorganized.
>
> 3. lib/ctype.c and lib/cmdline.c are needed for kaslr.c, while those
> EXPORT_SYMBOL(x) contained caused failure of build on 32-bit allmodconfig:
> ......
> ld: -r and -shared may not be used together
> scripts/Makefile.build:294: recipe for target
> 'arch/x86/boot/compressed/kaslr.o' failed
> ......
> Disabling the symbol exporting removes the build failure.
>
> 4. Use dynamic allocation to allocate memory to contain copied kernel
> cmdline
> buffer, it's implemented in include/linux/decompress/mm.h.
>
> Baoquan He (3):
> KASLR: Parse all memmap entries in command line
> KASLR: Handle memory limit specified by memmap and mem option
> Documentation/kernel-parameters.txt: Update 'memmap=' option
> description
>
> Documentation/admin-guide/kernel-parameters.txt | 9 ++
> arch/x86/boot/compressed/cmdline.c | 2 +-
> arch/x86/boot/compressed/kaslr.c | 190
> ++++++++++++++++--------
> arch/x86/boot/string.c | 8 +
> 4 files changed, 143 insertions(+), 66 deletions(-)
>
> --
> 2.5.5
>
--
Kees Cook
Pixel Security
