Merge branch 'x86-boot-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 boot updates from Ingo Molnar:
 "The main changes in this cycle were KASLR improvements for rare
  environments with special boot options, by Baoquan He. Also misc
  smaller changes/cleanups"

* 'x86-boot-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  x86/debug: Extend the lower bound of crash kernel low reservations
  x86/boot: Remove unused copy_*_gs() functions
  x86/KASLR: Use the right memcpy() implementation
  Documentation/kernel-parameters.txt: Update 'memmap=' boot option description
  x86/KASLR: Handle the memory limit specified by the 'memmap=' and 'mem=' boot options
  x86/KASLR: Parse all 'memmap=' boot option entries
This commit is contained in:
Linus Torvalds 2017-07-03 13:40:38 -07:00
commit 25e09ca524
6 changed files with 145 additions and 87 deletions

View File

@ -2136,6 +2136,12 @@
memmap=nn[KMG]@ss[KMG]
[KNL] Force usage of a specific region of memory.
Region of memory to be used is from ss to ss+nn.
If @ss[KMG] is omitted, it is equivalent to mem=nn[KMG],
which limits max address to nn[KMG].
Multiple different regions can be specified,
comma delimited.
Example:
memmap=100M@2G,100M#3G,1G!1024G
memmap=nn[KMG]#ss[KMG]
[KNL,ACPI] Mark specific memory as ACPI data.
@ -2148,6 +2154,9 @@
memmap=64K$0x18690000
or
memmap=0x10000$0x18690000
Some bootloaders may need an escape character before '$',
like Grub2, otherwise '$' and the following number
will be eaten.
memmap=nn[KMG]!ss[KMG]
[KNL,X86] Mark specific memory as protected.

View File

@ -13,7 +13,7 @@ static inline char rdfs8(addr_t addr)
return *((char *)(fs + addr));
}
#include "../cmdline.c"
static unsigned long get_cmd_line_ptr(void)
unsigned long get_cmd_line_ptr(void)
{
unsigned long cmd_line_ptr = boot_params->hdr.cmd_line_ptr;

View File

@ -9,16 +9,42 @@
* contain the entire properly aligned running kernel image.
*
*/
/*
* isspace() in linux/ctype.h is expected by next_args() to filter
* out "space/lf/tab". While boot/ctype.h conflicts with linux/ctype.h,
* since isdigit() is implemented in both of them. Hence disable it
* here.
*/
#define BOOT_CTYPE_H
/*
* _ctype[] in lib/ctype.c is needed by isspace() of linux/ctype.h.
* While both lib/ctype.c and lib/cmdline.c will bring EXPORT_SYMBOL
* which is meaningless and will cause compiling error in some cases.
* So do not include linux/export.h and define EXPORT_SYMBOL(sym)
* as empty.
*/
#define _LINUX_EXPORT_H
#define EXPORT_SYMBOL(sym)
#include "misc.h"
#include "error.h"
#include "../boot.h"
#include "../string.h"
#include <generated/compile.h>
#include <linux/module.h>
#include <linux/uts.h>
#include <linux/utsname.h>
#include <linux/ctype.h>
#include <generated/utsrelease.h>
/* Macros used by the included decompressor code below. */
#define STATIC
#include <linux/decompress/mm.h>
extern unsigned long get_cmd_line_ptr(void);
/* Simplified build-specific string for starting entropy. */
static const char build_str[] = UTS_RELEASE " (" LINUX_COMPILE_BY "@"
LINUX_COMPILE_HOST ") (" LINUX_COMPILER ") " UTS_VERSION;
@ -62,6 +88,11 @@ struct mem_vector {
static bool memmap_too_large;
/* Store memory limit specified by "mem=nn[KMG]" or "memmap=nn[KMG]" */
unsigned long long mem_limit = ULLONG_MAX;
enum mem_avoid_index {
MEM_AVOID_ZO_RANGE = 0,
MEM_AVOID_INITRD,
@ -85,49 +116,14 @@ static bool mem_overlaps(struct mem_vector *one, struct mem_vector *two)
return true;
}
/**
* _memparse - Parse a string with mem suffixes into a number
* @ptr: Where parse begins
* @retptr: (output) Optional pointer to next char after parse completes
*
* Parses a string into a number. The number stored at @ptr is
* potentially suffixed with K, M, G, T, P, E.
*/
static unsigned long long _memparse(const char *ptr, char **retptr)
char *skip_spaces(const char *str)
{
char *endptr; /* Local pointer to end of parsed string */
unsigned long long ret = simple_strtoull(ptr, &endptr, 0);
switch (*endptr) {
case 'E':
case 'e':
ret <<= 10;
case 'P':
case 'p':
ret <<= 10;
case 'T':
case 't':
ret <<= 10;
case 'G':
case 'g':
ret <<= 10;
case 'M':
case 'm':
ret <<= 10;
case 'K':
case 'k':
ret <<= 10;
endptr++;
default:
break;
}
if (retptr)
*retptr = endptr;
return ret;
while (isspace(*str))
++str;
return (char *)str;
}
#include "../../../../lib/ctype.c"
#include "../../../../lib/cmdline.c"
static int
parse_memmap(char *p, unsigned long long *start, unsigned long long *size)
@ -142,40 +138,41 @@ parse_memmap(char *p, unsigned long long *start, unsigned long long *size)
return -EINVAL;
oldp = p;
*size = _memparse(p, &p);
*size = memparse(p, &p);
if (p == oldp)
return -EINVAL;
switch (*p) {
case '@':
/* Skip this region, usable */
*start = 0;
*size = 0;
return 0;
case '#':
case '$':
case '!':
*start = _memparse(p + 1, &p);
*start = memparse(p + 1, &p);
return 0;
case '@':
/* memmap=nn@ss specifies usable region, should be skipped */
*size = 0;
/* Fall through */
default:
/*
* If w/o offset, only size specified, memmap=nn[KMG] has the
* same behaviour as mem=nn[KMG]. It limits the max address
* system can use. Region above the limit should be avoided.
*/
*start = 0;
return 0;
}
return -EINVAL;
}
static void mem_avoid_memmap(void)
static void mem_avoid_memmap(char *str)
{
char arg[128];
static int i;
int rc;
int i;
char *str;
/* See if we have any memmap areas */
rc = cmdline_find_option("memmap", arg, sizeof(arg));
if (rc <= 0)
if (i >= MAX_MEMMAP_REGIONS)
return;
i = 0;
str = arg;
while (str && (i < MAX_MEMMAP_REGIONS)) {
int rc;
unsigned long long start, size;
@ -188,9 +185,14 @@ static void mem_avoid_memmap(void)
if (rc < 0)
break;
str = k;
/* A usable region that should not be skipped */
if (size == 0)
if (start == 0) {
/* Store the specified memory limit if size > 0 */
if (size > 0)
mem_limit = size;
continue;
}
mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].start = start;
mem_avoid[MEM_AVOID_MEMMAP_BEGIN + i].size = size;
@ -202,6 +204,57 @@ static void mem_avoid_memmap(void)
memmap_too_large = true;
}
static int handle_mem_memmap(void)
{
char *args = (char *)get_cmd_line_ptr();
size_t len = strlen((char *)args);
char *tmp_cmdline;
char *param, *val;
u64 mem_size;
if (!strstr(args, "memmap=") && !strstr(args, "mem="))
return 0;
tmp_cmdline = malloc(len + 1);
if (!tmp_cmdline )
error("Failed to allocate space for tmp_cmdline");
memcpy(tmp_cmdline, args, len);
tmp_cmdline[len] = 0;
args = tmp_cmdline;
/* Chew leading spaces */
args = skip_spaces(args);
while (*args) {
args = next_arg(args, &param, &val);
/* Stop at -- */
if (!val && strcmp(param, "--") == 0) {
warn("Only '--' specified in cmdline");
free(tmp_cmdline);
return -1;
}
if (!strcmp(param, "memmap")) {
mem_avoid_memmap(val);
} else if (!strcmp(param, "mem")) {
char *p = val;
if (!strcmp(p, "nopentium"))
continue;
mem_size = memparse(p, &p);
if (mem_size == 0) {
free(tmp_cmdline);
return -EINVAL;
}
mem_limit = mem_size;
}
}
free(tmp_cmdline);
return 0;
}
/*
* In theory, KASLR can put the kernel anywhere in the range of [16M, 64T).
* The mem_avoid array is used to store the ranges that need to be avoided
@ -323,7 +376,7 @@ static void mem_avoid_init(unsigned long input, unsigned long input_size,
/* We don't need to set a mapping for setup_data. */
/* Mark the memmap regions we need to avoid */
mem_avoid_memmap();
handle_mem_memmap();
#ifdef CONFIG_X86_VERBOSE_BOOTUP
/* Make sure video RAM can be used. */
@ -432,7 +485,8 @@ static void process_e820_entry(struct boot_e820_entry *entry,
{
struct mem_vector region, overlap;
struct slot_area slot_area;
unsigned long start_orig;
unsigned long start_orig, end;
struct boot_e820_entry cur_entry;
/* Skip non-RAM entries. */
if (entry->type != E820_TYPE_RAM)
@ -446,8 +500,15 @@ static void process_e820_entry(struct boot_e820_entry *entry,
if (entry->addr + entry->size < minimum)
return;
region.start = entry->addr;
region.size = entry->size;
/* Ignore entries above memory limit */
end = min(entry->size + entry->addr, mem_limit);
if (entry->addr >= end)
return;
cur_entry.addr = entry->addr;
cur_entry.size = end - entry->addr;
region.start = cur_entry.addr;
region.size = cur_entry.size;
/* Give up if slot area array is full. */
while (slot_area_index < MAX_SLOT_AREA) {
@ -461,7 +522,7 @@ static void process_e820_entry(struct boot_e820_entry *entry,
region.start = ALIGN(region.start, CONFIG_PHYSICAL_ALIGN);
/* Did we raise the address above this e820 region? */
if (region.start > entry->addr + entry->size)
if (region.start > cur_entry.addr + cur_entry.size)
return;
/* Reduce size by any delta from the original address. */

View File

@ -65,23 +65,3 @@ GLOBAL(copy_to_fs)
popw %es
retl
ENDPROC(copy_to_fs)
#if 0 /* Not currently used, but can be enabled as needed */
GLOBAL(copy_from_gs)
pushw %ds
pushw %gs
popw %ds
calll memcpy
popw %ds
retl
ENDPROC(copy_from_gs)
GLOBAL(copy_to_gs)
pushw %es
pushw %gs
popw %es
calll memcpy
popw %es
retl
ENDPROC(copy_to_gs)
#endif

View File

@ -122,6 +122,14 @@ unsigned long long simple_strtoull(const char *cp, char **endp, unsigned int bas
return result;
}
long simple_strtol(const char *cp, char **endp, unsigned int base)
{
if (*cp == '-')
return -simple_strtoull(cp + 1, endp, base);
return simple_strtoull(cp, endp, base);
}
/**
* strlen - Find the length of a string
* @s: The string to be sized

View File

@ -503,7 +503,7 @@ static int __init reserve_crashkernel_low(void)
return 0;
}
low_base = memblock_find_in_range(low_size, 1ULL << 32, low_size, CRASH_ALIGN);
low_base = memblock_find_in_range(0, 1ULL << 32, low_size, CRASH_ALIGN);
if (!low_base) {
pr_err("Cannot reserve %ldMB crashkernel low memory, please try smaller size.\n",
(unsigned long)(low_size >> 20));