Re: [PATCH v3 2/3] KASLR: Handle memory limit specified by memmap and mem option
On 04/28/17 at 12:39pm, Kees Cook wrote: > On Wed, Apr 26, 2017 at 3:16 AM, Baoquan Hewrote: > > Option mem= will limit the max address a system can use and any memory > > region above the limit will be removed. > > > > Furthermore, memmap=nn[KMG] which has no offset specified has the same > > behaviour as mem=. > > > > KASLR needs to consider this when choosing the random position for > > decompressing the kernel. > > > > This patch implements that. > > > > Signed-off-by: Baoquan He > > Acked-by: Kees Cook > > Cc: "H. Peter Anvin" > > Cc: Thomas Gleixner > > Cc: Ingo Molnar > > Cc: x...@kernel.org > > Cc: Kees Cook > > Cc: Yinghai Lu > > Cc: Borislav Petkov > > --- > > arch/x86/boot/compressed/kaslr.c | 60 > > > > 1 file changed, 48 insertions(+), 12 deletions(-) > > > > diff --git a/arch/x86/boot/compressed/kaslr.c > > b/arch/x86/boot/compressed/kaslr.c > > index 53a06ec..e5eb0c3 100644 > > --- a/arch/x86/boot/compressed/kaslr.c > > +++ b/arch/x86/boot/compressed/kaslr.c > > @@ -78,6 +78,10 @@ static bool memmap_too_large; > > extern unsigned long get_cmd_line_ptr(void); > > > > > > +/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */ > > +unsigned long long mem_limit = ULLONG_MAX; > > + > > + > > enum mem_avoid_index { > > MEM_AVOID_ZO_RANGE = 0, > > MEM_AVOID_INITRD, > > @@ -128,16 +132,22 @@ parse_memmap(char *p, unsigned long long *start, > > unsigned long long *size) > > return -EINVAL; > > > > switch (*p) { > > - case '@': > > - /* Skip this region, usable */ > > - *start = 0; > > - *size = 0; > > - return 0; > > case '#': > > case '$': > > case '!': > > *start = memparse(p + 1, ); > > return 0; > > + case '@': > > + /* memmap=nn@ss specifies usable region, should be skipped > > */ > > + *size = 0; > > Please explicitly add a comment like /* Fall through. */ or something > here, to help future reviewers. :) Sure, will add. Thanks! > > > + default: > > + /* > > +* If w/o offset, only size specified, memmap=nn[KMG] has > > the > > +* same behaviour as mem=nn[KMG]. It limits the max address > > +* system can use. Region above the limit should be avoided. > > +*/ > > + *start = 0; > > + return 0; > > } > > > > return -EINVAL; > > @@ -163,9 +173,14 @@ static void mem_avoid_memmap(char *str) > > if (rc < 0) > > break; > > str = k; > > - /* A usable region that should not be skipped */ > > - if (size == 0) > > + > > + if (start == 0) { > > + /* Store the specified memory limit if size > 0 */ > > + if (size > 0) > > + mem_limit = size; > > + > > continue; > > + } > > > > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start; > > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size; > > @@ -189,6 +204,7 @@ static int handle_mem_memmap(void) > > size_t len = strlen((char *)args); > > char *tmp_cmdline; > > char *param, *val; > > + u64 mem_size; > > > > tmp_cmdline = malloc(COMMAND_LINE_SIZE); > > if (!tmp_cmdline ) > > @@ -211,8 +227,20 @@ static int handle_mem_memmap(void) > > return -1; > > } > > > > - if (!strcmp(param, "memmap")) > > + if (!strcmp(param, "memmap")) { > > mem_avoid_memmap(val); > > + } else if (!strcmp(param, "mem")) { > > + char *p = val; > > + > > + if (!strcmp(p, "nopentium")) > > + continue; > > + mem_size = memparse(p, ); > > + if (mem_size == 0) { > > + free(tmp_cmdline); > > + return -EINVAL; > > + } > > + mem_limit = mem_size; > > + } > > } > > > > free(tmp_cmdline); > > @@ -449,7 +477,8 @@ static void process_e820_entry(struct boot_e820_entry > > *entry, > > { > > struct mem_vector region, overlap; > > struct slot_area slot_area; > > - unsigned long start_orig; > > + unsigned long start_orig, end; > > + struct boot_e820_entry cur_entry; > > > > /* Skip non-RAM entries. */ > > if (entry->type != E820_TYPE_RAM) > > @@ -463,8 +492,15 @@
Re: [PATCH v3 2/3] KASLR: Handle memory limit specified by memmap and mem option
On 04/28/17 at 12:39pm, Kees Cook wrote: > On Wed, Apr 26, 2017 at 3:16 AM, Baoquan He wrote: > > Option mem= will limit the max address a system can use and any memory > > region above the limit will be removed. > > > > Furthermore, memmap=nn[KMG] which has no offset specified has the same > > behaviour as mem=. > > > > KASLR needs to consider this when choosing the random position for > > decompressing the kernel. > > > > This patch implements that. > > > > Signed-off-by: Baoquan He > > Acked-by: Kees Cook > > Cc: "H. Peter Anvin" > > Cc: Thomas Gleixner > > Cc: Ingo Molnar > > Cc: x...@kernel.org > > Cc: Kees Cook > > Cc: Yinghai Lu > > Cc: Borislav Petkov > > --- > > arch/x86/boot/compressed/kaslr.c | 60 > > > > 1 file changed, 48 insertions(+), 12 deletions(-) > > > > diff --git a/arch/x86/boot/compressed/kaslr.c > > b/arch/x86/boot/compressed/kaslr.c > > index 53a06ec..e5eb0c3 100644 > > --- a/arch/x86/boot/compressed/kaslr.c > > +++ b/arch/x86/boot/compressed/kaslr.c > > @@ -78,6 +78,10 @@ static bool memmap_too_large; > > extern unsigned long get_cmd_line_ptr(void); > > > > > > +/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */ > > +unsigned long long mem_limit = ULLONG_MAX; > > + > > + > > enum mem_avoid_index { > > MEM_AVOID_ZO_RANGE = 0, > > MEM_AVOID_INITRD, > > @@ -128,16 +132,22 @@ parse_memmap(char *p, unsigned long long *start, > > unsigned long long *size) > > return -EINVAL; > > > > switch (*p) { > > - case '@': > > - /* Skip this region, usable */ > > - *start = 0; > > - *size = 0; > > - return 0; > > case '#': > > case '$': > > case '!': > > *start = memparse(p + 1, ); > > return 0; > > + case '@': > > + /* memmap=nn@ss specifies usable region, should be skipped > > */ > > + *size = 0; > > Please explicitly add a comment like /* Fall through. */ or something > here, to help future reviewers. :) Sure, will add. Thanks! > > > + default: > > + /* > > +* If w/o offset, only size specified, memmap=nn[KMG] has > > the > > +* same behaviour as mem=nn[KMG]. It limits the max address > > +* system can use. Region above the limit should be avoided. > > +*/ > > + *start = 0; > > + return 0; > > } > > > > return -EINVAL; > > @@ -163,9 +173,14 @@ static void mem_avoid_memmap(char *str) > > if (rc < 0) > > break; > > str = k; > > - /* A usable region that should not be skipped */ > > - if (size == 0) > > + > > + if (start == 0) { > > + /* Store the specified memory limit if size > 0 */ > > + if (size > 0) > > + mem_limit = size; > > + > > continue; > > + } > > > > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start; > > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size; > > @@ -189,6 +204,7 @@ static int handle_mem_memmap(void) > > size_t len = strlen((char *)args); > > char *tmp_cmdline; > > char *param, *val; > > + u64 mem_size; > > > > tmp_cmdline = malloc(COMMAND_LINE_SIZE); > > if (!tmp_cmdline ) > > @@ -211,8 +227,20 @@ static int handle_mem_memmap(void) > > return -1; > > } > > > > - if (!strcmp(param, "memmap")) > > + if (!strcmp(param, "memmap")) { > > mem_avoid_memmap(val); > > + } else if (!strcmp(param, "mem")) { > > + char *p = val; > > + > > + if (!strcmp(p, "nopentium")) > > + continue; > > + mem_size = memparse(p, ); > > + if (mem_size == 0) { > > + free(tmp_cmdline); > > + return -EINVAL; > > + } > > + mem_limit = mem_size; > > + } > > } > > > > free(tmp_cmdline); > > @@ -449,7 +477,8 @@ static void process_e820_entry(struct boot_e820_entry > > *entry, > > { > > struct mem_vector region, overlap; > > struct slot_area slot_area; > > - unsigned long start_orig; > > + unsigned long start_orig, end; > > + struct boot_e820_entry cur_entry; > > > > /* Skip non-RAM entries. */ > > if (entry->type != E820_TYPE_RAM) > > @@ -463,8 +492,15 @@ static void process_e820_entry(struct boot_e820_entry > > *entry, > > if (entry->addr + entry->size < minimum) > > return; > > > > -
Re: [PATCH v3 2/3] KASLR: Handle memory limit specified by memmap and mem option
On Wed, Apr 26, 2017 at 3:16 AM, Baoquan Hewrote: > Option mem= will limit the max address a system can use and any memory > region above the limit will be removed. > > Furthermore, memmap=nn[KMG] which has no offset specified has the same > behaviour as mem=. > > KASLR needs to consider this when choosing the random position for > decompressing the kernel. > > This patch implements that. > > Signed-off-by: Baoquan He > Acked-by: Kees Cook > Cc: "H. Peter Anvin" > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: x...@kernel.org > Cc: Kees Cook > Cc: Yinghai Lu > Cc: Borislav Petkov > --- > arch/x86/boot/compressed/kaslr.c | 60 > > 1 file changed, 48 insertions(+), 12 deletions(-) > > diff --git a/arch/x86/boot/compressed/kaslr.c > b/arch/x86/boot/compressed/kaslr.c > index 53a06ec..e5eb0c3 100644 > --- a/arch/x86/boot/compressed/kaslr.c > +++ b/arch/x86/boot/compressed/kaslr.c > @@ -78,6 +78,10 @@ static bool memmap_too_large; > extern unsigned long get_cmd_line_ptr(void); > > > +/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */ > +unsigned long long mem_limit = ULLONG_MAX; > + > + > enum mem_avoid_index { > MEM_AVOID_ZO_RANGE = 0, > MEM_AVOID_INITRD, > @@ -128,16 +132,22 @@ parse_memmap(char *p, unsigned long long *start, > unsigned long long *size) > return -EINVAL; > > switch (*p) { > - case '@': > - /* Skip this region, usable */ > - *start = 0; > - *size = 0; > - return 0; > case '#': > case '$': > case '!': > *start = memparse(p + 1, ); > return 0; > + case '@': > + /* memmap=nn@ss specifies usable region, should be skipped */ > + *size = 0; Please explicitly add a comment like /* Fall through. */ or something here, to help future reviewers. :) > + default: > + /* > +* If w/o offset, only size specified, memmap=nn[KMG] has the > +* same behaviour as mem=nn[KMG]. It limits the max address > +* system can use. Region above the limit should be avoided. > +*/ > + *start = 0; > + return 0; > } > > return -EINVAL; > @@ -163,9 +173,14 @@ static void mem_avoid_memmap(char *str) > if (rc < 0) > break; > str = k; > - /* A usable region that should not be skipped */ > - if (size == 0) > + > + if (start == 0) { > + /* Store the specified memory limit if size > 0 */ > + if (size > 0) > + mem_limit = size; > + > continue; > + } > > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start; > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size; > @@ -189,6 +204,7 @@ static int handle_mem_memmap(void) > size_t len = strlen((char *)args); > char *tmp_cmdline; > char *param, *val; > + u64 mem_size; > > tmp_cmdline = malloc(COMMAND_LINE_SIZE); > if (!tmp_cmdline ) > @@ -211,8 +227,20 @@ static int handle_mem_memmap(void) > return -1; > } > > - if (!strcmp(param, "memmap")) > + if (!strcmp(param, "memmap")) { > mem_avoid_memmap(val); > + } else if (!strcmp(param, "mem")) { > + char *p = val; > + > + if (!strcmp(p, "nopentium")) > + continue; > + mem_size = memparse(p, ); > + if (mem_size == 0) { > + free(tmp_cmdline); > + return -EINVAL; > + } > + mem_limit = mem_size; > + } > } > > free(tmp_cmdline); > @@ -449,7 +477,8 @@ static void process_e820_entry(struct boot_e820_entry > *entry, > { > struct mem_vector region, overlap; > struct slot_area slot_area; > - unsigned long start_orig; > + unsigned long start_orig, end; > + struct boot_e820_entry cur_entry; > > /* Skip non-RAM entries. */ > if (entry->type != E820_TYPE_RAM) > @@ -463,8 +492,15 @@ static void process_e820_entry(struct boot_e820_entry > *entry, > if (entry->addr + entry->size < minimum) > return; > > - region.start = entry->addr; > - region.size = entry->size; > + /* Ignore entries above memory limit */ > + end = min(entry->size + entry->addr, mem_limit); > + if
Re: [PATCH v3 2/3] KASLR: Handle memory limit specified by memmap and mem option
On Wed, Apr 26, 2017 at 3:16 AM, Baoquan He wrote: > Option mem= will limit the max address a system can use and any memory > region above the limit will be removed. > > Furthermore, memmap=nn[KMG] which has no offset specified has the same > behaviour as mem=. > > KASLR needs to consider this when choosing the random position for > decompressing the kernel. > > This patch implements that. > > Signed-off-by: Baoquan He > Acked-by: Kees Cook > Cc: "H. Peter Anvin" > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: x...@kernel.org > Cc: Kees Cook > Cc: Yinghai Lu > Cc: Borislav Petkov > --- > arch/x86/boot/compressed/kaslr.c | 60 > > 1 file changed, 48 insertions(+), 12 deletions(-) > > diff --git a/arch/x86/boot/compressed/kaslr.c > b/arch/x86/boot/compressed/kaslr.c > index 53a06ec..e5eb0c3 100644 > --- a/arch/x86/boot/compressed/kaslr.c > +++ b/arch/x86/boot/compressed/kaslr.c > @@ -78,6 +78,10 @@ static bool memmap_too_large; > extern unsigned long get_cmd_line_ptr(void); > > > +/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */ > +unsigned long long mem_limit = ULLONG_MAX; > + > + > enum mem_avoid_index { > MEM_AVOID_ZO_RANGE = 0, > MEM_AVOID_INITRD, > @@ -128,16 +132,22 @@ parse_memmap(char *p, unsigned long long *start, > unsigned long long *size) > return -EINVAL; > > switch (*p) { > - case '@': > - /* Skip this region, usable */ > - *start = 0; > - *size = 0; > - return 0; > case '#': > case '$': > case '!': > *start = memparse(p + 1, ); > return 0; > + case '@': > + /* memmap=nn@ss specifies usable region, should be skipped */ > + *size = 0; Please explicitly add a comment like /* Fall through. */ or something here, to help future reviewers. :) > + default: > + /* > +* If w/o offset, only size specified, memmap=nn[KMG] has the > +* same behaviour as mem=nn[KMG]. It limits the max address > +* system can use. Region above the limit should be avoided. > +*/ > + *start = 0; > + return 0; > } > > return -EINVAL; > @@ -163,9 +173,14 @@ static void mem_avoid_memmap(char *str) > if (rc < 0) > break; > str = k; > - /* A usable region that should not be skipped */ > - if (size == 0) > + > + if (start == 0) { > + /* Store the specified memory limit if size > 0 */ > + if (size > 0) > + mem_limit = size; > + > continue; > + } > > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start; > mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size; > @@ -189,6 +204,7 @@ static int handle_mem_memmap(void) > size_t len = strlen((char *)args); > char *tmp_cmdline; > char *param, *val; > + u64 mem_size; > > tmp_cmdline = malloc(COMMAND_LINE_SIZE); > if (!tmp_cmdline ) > @@ -211,8 +227,20 @@ static int handle_mem_memmap(void) > return -1; > } > > - if (!strcmp(param, "memmap")) > + if (!strcmp(param, "memmap")) { > mem_avoid_memmap(val); > + } else if (!strcmp(param, "mem")) { > + char *p = val; > + > + if (!strcmp(p, "nopentium")) > + continue; > + mem_size = memparse(p, ); > + if (mem_size == 0) { > + free(tmp_cmdline); > + return -EINVAL; > + } > + mem_limit = mem_size; > + } > } > > free(tmp_cmdline); > @@ -449,7 +477,8 @@ static void process_e820_entry(struct boot_e820_entry > *entry, > { > struct mem_vector region, overlap; > struct slot_area slot_area; > - unsigned long start_orig; > + unsigned long start_orig, end; > + struct boot_e820_entry cur_entry; > > /* Skip non-RAM entries. */ > if (entry->type != E820_TYPE_RAM) > @@ -463,8 +492,15 @@ static void process_e820_entry(struct boot_e820_entry > *entry, > if (entry->addr + entry->size < minimum) > return; > > - region.start = entry->addr; > - region.size = entry->size; > + /* Ignore entries above memory limit */ > + end = min(entry->size + entry->addr, mem_limit); > + if (entry->addr >= end) > + return; > + cur_entry.addr = entry->addr; > + cur_entry.size = end - entry->addr; > + > + region.start =
[PATCH v3 2/3] KASLR: Handle memory limit specified by memmap and mem option
Option mem= will limit the max address a system can use and any memory region above the limit will be removed. Furthermore, memmap=nn[KMG] which has no offset specified has the same behaviour as mem=. KASLR needs to consider this when choosing the random position for decompressing the kernel. This patch implements that. Signed-off-by: Baoquan HeAcked-by: Kees Cook Cc: "H. Peter Anvin" Cc: Thomas Gleixner Cc: Ingo Molnar Cc: x...@kernel.org Cc: Kees Cook Cc: Yinghai Lu Cc: Borislav Petkov --- arch/x86/boot/compressed/kaslr.c | 60 1 file changed, 48 insertions(+), 12 deletions(-) diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c index 53a06ec..e5eb0c3 100644 --- a/arch/x86/boot/compressed/kaslr.c +++ b/arch/x86/boot/compressed/kaslr.c @@ -78,6 +78,10 @@ static bool memmap_too_large; extern unsigned long get_cmd_line_ptr(void); +/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */ +unsigned long long mem_limit = ULLONG_MAX; + + enum mem_avoid_index { MEM_AVOID_ZO_RANGE = 0, MEM_AVOID_INITRD, @@ -128,16 +132,22 @@ parse_memmap(char *p, unsigned long long *start, unsigned long long *size) return -EINVAL; switch (*p) { - case '@': - /* Skip this region, usable */ - *start = 0; - *size = 0; - return 0; case '#': case '$': case '!': *start = memparse(p + 1, ); return 0; + case '@': + /* memmap=nn@ss specifies usable region, should be skipped */ + *size = 0; + default: + /* +* If w/o offset, only size specified, memmap=nn[KMG] has the +* same behaviour as mem=nn[KMG]. It limits the max address +* system can use. Region above the limit should be avoided. +*/ + *start = 0; + return 0; } return -EINVAL; @@ -163,9 +173,14 @@ static void mem_avoid_memmap(char *str) if (rc < 0) break; str = k; - /* A usable region that should not be skipped */ - if (size == 0) + + if (start == 0) { + /* Store the specified memory limit if size > 0 */ + if (size > 0) + mem_limit = size; + continue; + } mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start; mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size; @@ -189,6 +204,7 @@ static int handle_mem_memmap(void) size_t len = strlen((char *)args); char *tmp_cmdline; char *param, *val; + u64 mem_size; tmp_cmdline = malloc(COMMAND_LINE_SIZE); if (!tmp_cmdline ) @@ -211,8 +227,20 @@ static int handle_mem_memmap(void) return -1; } - if (!strcmp(param, "memmap")) + if (!strcmp(param, "memmap")) { mem_avoid_memmap(val); + } else if (!strcmp(param, "mem")) { + char *p = val; + + if (!strcmp(p, "nopentium")) + continue; + mem_size = memparse(p, ); + if (mem_size == 0) { + free(tmp_cmdline); + return -EINVAL; + } + mem_limit = mem_size; + } } free(tmp_cmdline); @@ -449,7 +477,8 @@ static void process_e820_entry(struct boot_e820_entry *entry, { struct mem_vector region, overlap; struct slot_area slot_area; - unsigned long start_orig; + unsigned long start_orig, end; + struct boot_e820_entry cur_entry; /* Skip non-RAM entries. */ if (entry->type != E820_TYPE_RAM) @@ -463,8 +492,15 @@ static void process_e820_entry(struct boot_e820_entry *entry, if (entry->addr + entry->size < minimum) return; - region.start = entry->addr; - region.size = entry->size; + /* Ignore entries above memory limit */ + end = min(entry->size + entry->addr, mem_limit); + if (entry->addr >= end) + return; + cur_entry.addr = entry->addr; + cur_entry.size = end - entry->addr; + + region.start = cur_entry.addr; + region.size = cur_entry.size; /* Give up if slot area array is full. */ while (slot_area_index < MAX_SLOT_AREA) { @@ -478,7 +514,7 @@ static void process_e820_entry(struct boot_e820_entry *entry, region.start =
[PATCH v3 2/3] KASLR: Handle memory limit specified by memmap and mem option
Option mem= will limit the max address a system can use and any memory region above the limit will be removed. Furthermore, memmap=nn[KMG] which has no offset specified has the same behaviour as mem=. KASLR needs to consider this when choosing the random position for decompressing the kernel. This patch implements that. Signed-off-by: Baoquan He Acked-by: Kees Cook Cc: "H. Peter Anvin" Cc: Thomas Gleixner Cc: Ingo Molnar Cc: x...@kernel.org Cc: Kees Cook Cc: Yinghai Lu Cc: Borislav Petkov --- arch/x86/boot/compressed/kaslr.c | 60 1 file changed, 48 insertions(+), 12 deletions(-) diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c index 53a06ec..e5eb0c3 100644 --- a/arch/x86/boot/compressed/kaslr.c +++ b/arch/x86/boot/compressed/kaslr.c @@ -78,6 +78,10 @@ static bool memmap_too_large; extern unsigned long get_cmd_line_ptr(void); +/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */ +unsigned long long mem_limit = ULLONG_MAX; + + enum mem_avoid_index { MEM_AVOID_ZO_RANGE = 0, MEM_AVOID_INITRD, @@ -128,16 +132,22 @@ parse_memmap(char *p, unsigned long long *start, unsigned long long *size) return -EINVAL; switch (*p) { - case '@': - /* Skip this region, usable */ - *start = 0; - *size = 0; - return 0; case '#': case '$': case '!': *start = memparse(p + 1, ); return 0; + case '@': + /* memmap=nn@ss specifies usable region, should be skipped */ + *size = 0; + default: + /* +* If w/o offset, only size specified, memmap=nn[KMG] has the +* same behaviour as mem=nn[KMG]. It limits the max address +* system can use. Region above the limit should be avoided. +*/ + *start = 0; + return 0; } return -EINVAL; @@ -163,9 +173,14 @@ static void mem_avoid_memmap(char *str) if (rc < 0) break; str = k; - /* A usable region that should not be skipped */ - if (size == 0) + + if (start == 0) { + /* Store the specified memory limit if size > 0 */ + if (size > 0) + mem_limit = size; + continue; + } mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start; mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size; @@ -189,6 +204,7 @@ static int handle_mem_memmap(void) size_t len = strlen((char *)args); char *tmp_cmdline; char *param, *val; + u64 mem_size; tmp_cmdline = malloc(COMMAND_LINE_SIZE); if (!tmp_cmdline ) @@ -211,8 +227,20 @@ static int handle_mem_memmap(void) return -1; } - if (!strcmp(param, "memmap")) + if (!strcmp(param, "memmap")) { mem_avoid_memmap(val); + } else if (!strcmp(param, "mem")) { + char *p = val; + + if (!strcmp(p, "nopentium")) + continue; + mem_size = memparse(p, ); + if (mem_size == 0) { + free(tmp_cmdline); + return -EINVAL; + } + mem_limit = mem_size; + } } free(tmp_cmdline); @@ -449,7 +477,8 @@ static void process_e820_entry(struct boot_e820_entry *entry, { struct mem_vector region, overlap; struct slot_area slot_area; - unsigned long start_orig; + unsigned long start_orig, end; + struct boot_e820_entry cur_entry; /* Skip non-RAM entries. */ if (entry->type != E820_TYPE_RAM) @@ -463,8 +492,15 @@ static void process_e820_entry(struct boot_e820_entry *entry, if (entry->addr + entry->size < minimum) return; - region.start = entry->addr; - region.size = entry->size; + /* Ignore entries above memory limit */ + end = min(entry->size + entry->addr, mem_limit); + if (entry->addr >= end) + return; + cur_entry.addr = entry->addr; + cur_entry.size = end - entry->addr; + + region.start = cur_entry.addr; + region.size = cur_entry.size; /* Give up if slot area array is full. */ while (slot_area_index < MAX_SLOT_AREA) { @@ -478,7 +514,7 @@ static void process_e820_entry(struct boot_e820_entry *entry, region.start = ALIGN(region.start, CONFIG_PHYSICAL_ALIGN); /* Did we raise the address above this e820 region? */ - if (region.start > entry->addr +