[PATCH] arm64: kaslr: consider parange is bigger than linear_region_size

Keun-O Park kpark3469 at gmail.com
Thu Feb 27 21:55:44 PST 2025 

How about adding a warning message in case of linear region
randomization failure?
And, there might be two options in my mind by now to consider hotplug memory.
Either giving an option for users to override "parange" as kernel
param or providing the legacy way((memblock_end_of_DRAM() -
memblock_start_of_DRAM()) when CONFIG_MEMORY_HOTPLUG is off.
Users believe KASLR will work fine by enabling CONFIG_RANDOMIZE_BASE.
In case of linear region randomization failure, I think at least users
need to know about this failure.
Can you share your thoughts on this please?

On Tue, Feb 25, 2025 at 12:28 PM Ard Biesheuvel <ardb at kernel.org> wrote:
>
> On Tue, 25 Feb 2025 at 05:48, Keun-O Park <kpark3469 at gmail.com> wrote:
> >
> > On Mon, Feb 24, 2025 at 10:21 AM Keun-O Park <kpark3469 at gmail.com> wrote:
> > >
> > > From: Keuno Park <keun-o.park at katim.com>
> > >
> > > On systems using 4KB pages and having 39 VA_BITS, linear_region_size
> > > gets 256GiB space. It was observed that some SoCs such as Qualcomm
> > > QCM8550 returns 40bits of PA range from MMFR0_EL1. This leads range
> > > value to have minus as the variable range is s64, so that all the
> > > calculations for randomizing linear address space are skpped.
> > > As a result of this, the kernel's linear region is not randomized.
> > > For this case, this patch sets the range by calculating memblock
> > > DRAM range to randomize the linear region of kernel.
> > >
> > > Change-Id: Ib29e45f44928937881d514fb87b4cac828b5a3f5
> > > Fixes: 97d6786e0669 ("arm64: mm: account for hotplug memory when randomizing the linear region")
> > > Signed-off-by: Keuno Park <keun-o.park at katim.com>
> > > ---
> > >  arch/arm64/mm/init.c | 5 +++++
> > >  1 file changed, 5 insertions(+)
> > >
> > > diff --git a/arch/arm64/mm/init.c b/arch/arm64/mm/init.c
> > > index 9c0b8d9558fc..2ee657e2d60f 100644
> > > --- a/arch/arm64/mm/init.c
> > > +++ b/arch/arm64/mm/init.c
> > > @@ -290,6 +290,11 @@ void __init arm64_memblock_init(void)
> > >                 s64 range = linear_region_size -
> > >                             BIT(id_aa64mmfr0_parange_to_phys_shift(parange));
> > >
> > > +               if (range < 0) {
> > > +                       range = linear_region_size -
> > > +                               (memblock_end_of_DRAM() - memblock_start_of_DRAM());
> > > +               }
> > > +
> ..
> >
> > In most cases, the hotplug memory code will be working the same as before.
>
> How so? Such memory will usually appear above memblock_end_of_DRAM(),
> and due to the randomization, there may not be any space left there.

More information about the linux-arm-kernel mailing list