Commit-ID: 90397a41779645d3abba5599f6bb538fdcab9339 Gitweb: http://git.kernel.org/tip/90397a41779645d3abba5599f6bb538fdcab9339 Author: Thomas Garnier <thgarnie@xxxxxxxxxx> AuthorDate: Tue, 21 Jun 2016 17:47:06 -0700 Committer: Ingo Molnar <mingo@xxxxxxxxxx> CommitDate: Fri, 8 Jul 2016 17:35:21 +0200 x86/mm: Add memory hotplug support for KASLR memory randomization Add a new option (CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING) to define the padding used for the physical memory mapping section when KASLR memory is enabled. It ensures there is enough virtual address space when CONFIG_MEMORY_HOTPLUG is used. The default value is 10 terabytes. If CONFIG_MEMORY_HOTPLUG is not used, no space is reserved increasing the entropy available. Signed-off-by: Thomas Garnier <thgarnie@xxxxxxxxxx> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Cc: Alexander Kuleshov <kuleshovmail@xxxxxxxxx> Cc: Alexander Popov <alpopov@xxxxxxxxxxxxxx> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Cc: Andy Lutomirski <luto@xxxxxxxxxx> Cc: Aneesh Kumar K.V <aneesh.kumar@xxxxxxxxxxxxxxxxxx> Cc: Baoquan He <bhe@xxxxxxxxxx> Cc: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> Cc: Borislav Petkov <bp@xxxxxxxxx> Cc: Borislav Petkov <bp@xxxxxxx> Cc: Brian Gerst <brgerst@xxxxxxxxx> Cc: Christian Borntraeger <borntraeger@xxxxxxxxxx> Cc: Dan Williams <dan.j.williams@xxxxxxxxx> Cc: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx> Cc: Dave Young <dyoung@xxxxxxxxxx> Cc: Denys Vlasenko <dvlasenk@xxxxxxxxxx> Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx> Cc: H. Peter Anvin <hpa@xxxxxxxxx> Cc: Jan Beulich <JBeulich@xxxxxxxx> Cc: Joerg Roedel <jroedel@xxxxxxx> Cc: Jonathan Corbet <corbet@xxxxxxx> Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx> Cc: Juergen Gross <jgross@xxxxxxxx> Cc: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Cc: Lv Zheng <lv.zheng@xxxxxxxxx> Cc: Mark Salter <msalter@xxxxxxxxxx> Cc: Martin Schwidefsky <schwidefsky@xxxxxxxxxx> Cc: Matt Fleming <matt@xxxxxxxxxxxxxxxxxxx> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx> Cc: Stephen Smalley <sds@xxxxxxxxxxxxx> Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Cc: Toshi Kani <toshi.kani@xxxxxxx> Cc: Xiao Guangrong <guangrong.xiao@xxxxxxxxxxxxxxx> Cc: Yinghai Lu <yinghai@xxxxxxxxxx> Cc: kernel-hardening@xxxxxxxxxxxxxxxxxx Cc: linux-doc@xxxxxxxxxxxxxxx Link: http://lkml.kernel.org/r/1466556426-32664-10-git-send-email-keescook@xxxxxxxxxxxx Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx> --- arch/x86/Kconfig | 15 +++++++++++++++ arch/x86/mm/kaslr.c | 7 ++++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 9719b8e..703413f 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -2010,6 +2010,21 @@ config RANDOMIZE_MEMORY If unsure, say N. +config RANDOMIZE_MEMORY_PHYSICAL_PADDING + hex "Physical memory mapping padding" if EXPERT + depends on RANDOMIZE_MEMORY + default "0xa" if MEMORY_HOTPLUG + default "0x0" + range 0x1 0x40 if MEMORY_HOTPLUG + range 0x0 0x40 + ---help--- + Define the padding in terabytes added to the existing physical + memory size during kernel memory randomization. It is useful + for memory hotplug support but reduces the entropy available for + address randomization. + + If unsure, leave at the default value. + config HOTPLUG_CPU bool "Support for hot-pluggable CPUs" depends on SMP diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c index c939cfe..26dccd6 100644 --- a/arch/x86/mm/kaslr.c +++ b/arch/x86/mm/kaslr.c @@ -92,8 +92,13 @@ void __init kernel_randomize_memory(void) if (!kaslr_memory_enabled()) return; + /* + * Update Physical memory mapping to available and + * add padding if needed (especially for memory hotplug support). + */ BUG_ON(kaslr_regions[0].base != &page_offset_base); - memory_tb = ((max_pfn << PAGE_SHIFT) >> TB_SHIFT); + memory_tb = ((max_pfn << PAGE_SHIFT) >> TB_SHIFT) + + CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING; /* Adapt phyiscal memory region size based on available memory */ if (memory_tb < kaslr_regions[0].size_tb) -- To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
|