Dear Baoquan, > > Our customer reported that Kernel text may be located on non-mirror > > region (movable zone) when both address range mirroring feature and > > KASLR are enabled.
I know your customer :) > > The functions of address range mirroring feature are as follows. > > - The physical memory region whose descriptors in EFI memory map have > > EFI_MEMORY_MORE_RELIABLE attribute (bit: 16) are mirrored > > - The function arranges such mirror region into normal zone and other > region > > into movable zone in order to locate kernel code and data on mirror > > region > > > > So we need restrict kernel to be located inside mirror region if it is > > existed. > > > > The method is very simple. If efi is enabled, just iterate all efi > > memory map and pick up mirror region to process for adding candidate > > of slot. If efi disabled or no mirror region existed, still process > > e820 memory map. This won't bring much efficiency loss, at worst we > > just go through all efi memory maps and found no mirror. > > > > One question: > > From code, though mirror regions are existed, they are meaningful only > > if kernelcore=mirror kernel option is specified. Not sure if my > > understanding is correct. Your understanding is almost correct. Only when "kernelcore=mirror" specified, the above procedure works. But, if mirrored regions are existed, bootmem allocator tries to allocate from mirrored region independently of "kerenelcore=mirror" option. So, IMHO, kernel text is important, so putting it to mirrored (more reliable) region is reasonable whether or not "kernelcore=mirror" is specified. Anyway thanks for submitting patch. We have Address Range Mirroring capable machine, so we'll test your patch. Sincerely, Taku Izumi > > Since you are the author of kernelcore=mirror related code and expert on > mirror feature, could you help answer above question? > > Thanks > Baoquan > > > > NOTE: > > I haven't got a machine with efi mirror region enabled, so only test > > the > > e820 map processing case and the case of no mirror region on efi machine. > > So set this as a RFC patchset, will post formal one after above > > question is made clear and mirror issue test passed. > > > > Baoquan He (2): > > x86/boot/KASLR: Adapt process_e820_entry for all kinds of memory map > > x86/boot/KASLR: Restrict kernel to be randomized in mirror regions if > > existed > > > > arch/x86/boot/compressed/kaslr.c | 129 > > +++++++++++++++++++++++++++++++-------- > > 1 file changed, 104 insertions(+), 25 deletions(-) > > > > -- > > 2.5.5 > >
