Changes since v1: * Add support for shuffling hot-added memory (Andrew) * Update cover letter and commit message to clarify the performance impact and relevance to future platforms [1]: https://lkml.org/lkml/2018/9/15/366 --- Some data exfiltration and return-oriented-programming attacks rely on the ability to infer the location of sensitive data objects. The kernel page allocator, especially early in system boot, has predictable first-in-first out behavior for physical pages. Pages are freed in physical address order when first onlined. Quoting Kees: "While we already have a base-address randomization (CONFIG_RANDOMIZE_MEMORY), attacks against the same hardware and memory layouts would certainly be using the predictability of allocation ordering (i.e. for attacks where the base address isn't important: only the relative positions between allocated memory). This is common in lots of heap-style attacks. They try to gain control over ordering by spraying allocations, etc. I'd really like to see this because it gives us something similar to CONFIG_SLAB_FREELIST_RANDOM but for the page allocator." Another motivation for this change is performance in the presence of a memory-side cache. In the future, memory-side-cache technology will be available on generally available server platforms. The proposed randomization approach has been measured to improve the cache conflict rate by a factor of 2.5X on a well-known Java benchmark. It avoids performance peaks and valleys to provide more predictable performance. More details in the patch1 commit message. --- Dan Williams (3): mm: Shuffle initial free memory mm: Move buddy list manipulations into helpers mm: Maintain randomization of page free lists include/linux/list.h | 17 +++ include/linux/mm.h | 8 + include/linux/mm_types.h | 3 + include/linux/mmzone.h | 57 ++++++++++ mm/bootmem.c | 9 +- mm/compaction.c | 4 - mm/memory_hotplug.c | 2 mm/nobootmem.c | 7 + mm/page_alloc.c | 267 +++++++++++++++++++++++++++++++++++++++------- 9 files changed, 321 insertions(+), 53 deletions(-)
