From: Andy Lutomirski <luto@kernel.org>
To: Kristen Carlson Accardi <kristen@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Arjan van de Ven <arjan@linux.intel.com>,
Kees Cook <keescook@chromium.org>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
X86 ML <x86@kernel.org>, LKML <linux-kernel@vger.kernel.org>,
Kernel Hardening <kernel-hardening@lists.openwall.com>
Subject: Re: [RFC PATCH 08/11] x86: Add support for finer grained KASLR
Date: Wed, 5 Feb 2020 17:17:11 -0800 [thread overview]
Message-ID: <CALCETrVnCAzj0atoE1hLjHgmWjWAKVdSLm-UMtukUwWgr7-N9Q@mail.gmail.com> (raw)
In-Reply-To: <20200205223950.1212394-9-kristen@linux.intel.com>
On Wed, Feb 5, 2020 at 2:39 PM Kristen Carlson Accardi
<kristen@linux.intel.com> wrote:
>
> At boot time, find all the function sections that have separate .text
> sections, shuffle them, and then copy them to new locations. Adjust
> any relocations accordingly.
>
> + sort(base, num_syms, sizeof(int), kallsyms_cmp, kallsyms_swp);
Hah, here's a huge bottleneck. Unless you are severely
memory-constrained, never do a sort with an expensive swap function
like this. Instead allocate an array of indices that starts out as
[0, 1, 2, ...]. Sort *that* where the swap function just swaps the
indices. Then use the sorted list of indices to permute the actual
data. The result is exactly one expensive swap per item instead of
one expensive swap per swap.
--Andy
next prev parent reply other threads:[~2020-02-06 1:17 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-05 22:39 [RFC PATCH 00/11] Finer grained kernel address space randomization Kristen Carlson Accardi
2020-02-05 22:39 ` [RFC PATCH 01/11] modpost: Support >64K sections Kristen Carlson Accardi
2020-02-06 12:38 ` Kees Cook
2020-02-05 22:39 ` [RFC PATCH 02/11] x86: tools/relocs: Support >64K section headers Kristen Carlson Accardi
2020-02-06 12:39 ` Kees Cook
2020-02-05 22:39 ` [RFC PATCH 03/11] x86/boot: Allow a "silent" kaslr random byte fetch Kristen Carlson Accardi
2020-02-06 1:08 ` Andy Lutomirski
2020-02-06 11:48 ` Kees Cook
2020-02-06 16:58 ` Kristen Carlson Accardi
2020-02-05 22:39 ` [RFC PATCH 04/11] x86/boot/KASLR: Introduce PRNG for faster shuffling Kristen Carlson Accardi
2020-02-06 1:11 ` Andy Lutomirski
2020-02-06 15:10 ` Jason A. Donenfeld
2020-02-07 7:23 ` Jean-Philippe Aumasson
2020-02-07 9:05 ` Kees Cook
2020-02-07 16:52 ` Kristen Carlson Accardi
2020-02-05 22:39 ` [RFC PATCH 05/11] x86: Makefile: Add build and config option for CONFIG_FG_KASLR Kristen Carlson Accardi
2020-02-06 10:30 ` Peter Zijlstra
2020-02-06 11:52 ` Kees Cook
2020-02-25 17:55 ` Arvind Sankar
2020-02-26 19:13 ` Kristen Carlson Accardi
2020-03-24 21:24 ` Kristen Carlson Accardi
2020-03-25 15:34 ` Kees Cook
2020-02-05 22:39 ` [RFC PATCH 06/11] x86: make sure _etext includes function sections Kristen Carlson Accardi
2020-02-06 12:26 ` Kees Cook
2020-02-06 13:15 ` Jann Horn
2020-02-06 16:27 ` David Laight
2020-02-06 14:39 ` Arvind Sankar
2020-02-06 15:29 ` Arvind Sankar
2020-02-06 16:11 ` Andy Lutomirski
2020-02-06 14:57 ` Arvind Sankar
2020-02-06 15:45 ` Arvind Sankar
2020-02-06 19:41 ` Kristen Carlson Accardi
2020-02-06 20:02 ` Andy Lutomirski
2020-02-07 9:24 ` Peter Zijlstra
2020-02-10 1:43 ` Kees Cook
2020-02-10 10:51 ` Peter Zijlstra
2020-02-10 15:54 ` Arjan van de Ven
2020-02-10 16:36 ` Arvind Sankar
2020-02-21 19:50 ` Josh Poimboeuf
2020-02-21 23:05 ` Arvind Sankar
2020-02-05 22:39 ` [RFC PATCH 07/11] x86/tools: Adding relative relocs for randomized functions Kristen Carlson Accardi
2020-02-06 12:37 ` Kees Cook
2020-02-05 22:39 ` [RFC PATCH 08/11] x86: Add support for finer grained KASLR Kristen Carlson Accardi
2020-02-06 1:17 ` Andy Lutomirski [this message]
2020-02-06 11:56 ` Kees Cook
2020-02-06 17:36 ` Kristen Carlson Accardi
2020-02-06 10:38 ` Peter Zijlstra
2020-02-06 12:06 ` Kees Cook
2020-02-06 14:52 ` Peter Zijlstra
2020-02-06 17:25 ` Kristen Carlson Accardi
2020-02-06 17:35 ` Peter Zijlstra
2020-02-06 17:43 ` Kristen Carlson Accardi
2020-02-25 17:49 ` Arvind Sankar
2020-02-26 19:26 ` Kristen Carlson Accardi
2020-02-05 22:39 ` [RFC PATCH 09/11] kallsyms: hide layout and expose seed Kristen Carlson Accardi
2020-02-06 12:32 ` Kees Cook
2020-02-06 17:51 ` Kristen Carlson Accardi
2020-02-06 19:27 ` Jann Horn
2020-03-02 19:01 ` Kristen Carlson Accardi
2020-03-02 19:08 ` Kees Cook
2020-03-02 19:19 ` Kristen Carlson Accardi
2020-02-27 2:42 ` Baoquan He
2020-02-27 16:02 ` Kees Cook
2020-02-28 3:36 ` Baoquan He
2020-02-05 22:39 ` [RFC PATCH 10/11] module: Reorder functions Kristen Carlson Accardi
2020-02-06 12:41 ` Kees Cook
2020-02-11 12:39 ` Jessica Yu
2020-02-05 22:39 ` [RFC PATCH 11/11] x86/boot: Move "boot heap" out of .bss Kristen Carlson Accardi
2020-02-06 0:11 ` Arvind Sankar
2020-02-06 0:33 ` Kristen Carlson Accardi
2020-02-06 11:13 ` Kees Cook
2020-02-06 14:25 ` Arvind Sankar
2020-02-06 21:32 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrVnCAzj0atoE1hLjHgmWjWAKVdSLm-UMtukUwWgr7-N9Q@mail.gmail.com \
--to=luto@kernel.org \
--cc=arjan@linux.intel.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=kristen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
--subject='Re: [RFC PATCH 08/11] x86: Add support for finer grained KASLR' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).