Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32

From: Scott Wood <oss@buserror.net>
To: Jason Yan <yanaijie@huawei.com>,
	mpe@ellerman.id.au, linuxppc-dev@lists.ozlabs.org,
	diana.craciun@nxp.com, christophe.leroy@c-s.fr,
	benh@kernel.crashing.org, paulus@samba.org, npiggin@gmail.com,
	keescook@chromium.org, kernel-hardening@lists.openwall.com
Cc: wangkefeng.wang@huawei.com, linux-kernel@vger.kernel.org,
	jingxiangfeng@huawei.com, zhaohongjiang@huawei.com,
	thunder.leizhen@huawei.com, fanchengyang@huawei.com,
	yebin10@huawei.com
Subject: Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32
Date: Sat, 14 Sep 2019 09:28:55 -0500	[thread overview]
Message-ID: <65f56bfd05152d744b032e7df9c34b5d9ef2bfb5.camel@buserror.net> (raw)
In-Reply-To: <e02c727a-5505-80d3-9ba2-9fbb9c8253fe@huawei.com>

On Tue, 2019-09-10 at 13:34 +0800, Jason Yan wrote:
> Hi Scott,
> 
> On 2019/8/28 12:05, Scott Wood wrote:
> > On Fri, 2019-08-09 at 18:07 +0800, Jason Yan wrote:
> > > This series implements KASLR for powerpc/fsl_booke/32, as a security
> > > feature that deters exploit attempts relying on knowledge of the
> > > location
> > > of kernel internals.
> > > 
> > > Since CONFIG_RELOCATABLE has already supported, what we need to do is
> > > map or copy kernel to a proper place and relocate.
> > 
> > Have you tested this with a kernel that was loaded at a non-zero
> > address?  I
> > tried loading a kernel at 0x04000000 (by changing the address in the
> > uImage,
> > and setting bootm_low to 04000000 in U-Boot), and it works without
> > CONFIG_RANDOMIZE and fails with.
> > 
> 
> How did you change the load address of the uImage, by changing the
> kernel config CONFIG_PHYSICAL_START or the "-a/-e" parameter of mkimage?
> I tried both, but it did not work with or without CONFIG_RANDOMIZE.

With mkimage.  Did you set bootm_low in U-Boot as described above?  Was
CONFIG_RELOCATABLE set in the non-CONFIG_RANDOMIZE kernel?

-Scott