Hi Ingo, Kees, Baoquan and Chao

At 03/12/2018 06:57 PM, Ingo Molnar wrote:
[...]
So there's apparently a mis-design here:

  - KASLR needs to be done very early on during bootup: - it's not realistic to
    expect KASLR to be done with a booted up kernel, because pointers to various
    KASLR-ed objects are already widely spread out in memory.

  - But for some unfathomable reason the memory hotplug attribute of memory
    regions is not part of the regular memory map but part of late-init ACPI 
data
    structures.

The right solution would be _not_ to fudge the KASLR location, but to provide 
the
memory hotplug information to early code, preferably via the primary memory map.
KASLR can then make use of it and avoid those regions, just like it avoids other
memory regions already.

In addition to that hardware makers (including virtualized hardware) should also
fix their systems to provide memory hotplug information to early code.


Yes, but before this, can we fix this problem by the following patch which has been sent and reviewed by Kees before[1]. its solution is:

  Extend movable_node option to restrict kernel to be randomized in
  immovable nodes by adding a parameter. this parameter sets up
  the boundaries between the home nodes and other nodes.

My reason is here:

  - What we really want to solve is the KASLR breaks *physical Node
    hotplug*, Keep the decompressed kernel in an immovable node is
    enough.

  - AFAICS, there are not too many systems where physical Node hotplug
    actually works in practice, and there mush be one node called *home
    node* which is immovable for storing basic information.

  - the node in modern systems could have double-digit gigabytes memory,
    It can completely satisfy the operation of KASLR.

So, Just restrict kernel to be randomized in the home node, and ignore
other nodes when kernel has the *movable_node* option in the command
line.

Thoughts? may I rebase and resend the patch?

[1] https://lkml.org/lkml/2017/8/3/401

Thanks,

        dou


Reply via email to