From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=095g=DF=kernelnewbies.org=kernelnewbies-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.3 required=3.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,MENTIONS_GIT_HOSTING,
	SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 547BAC2D0A8
	for <kernelnewbies@archiver.kernel.org>; Mon, 28 Sep 2020 14:12:54 +0000 (UTC)
Received: from shelob.surriel.com (shelob.surriel.com [96.67.55.147])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 90B1C21924
	for <kernelnewbies@archiver.kernel.org>; Mon, 28 Sep 2020 14:12:53 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="cXl8XE2U"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 90B1C21924
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernelnewbies-bounces@kernelnewbies.org
Received: from localhost ([::1] helo=shelob.surriel.com)
	by shelob.surriel.com with esmtp (Exim 4.94)
	(envelope-from <kernelnewbies-bounces@kernelnewbies.org>)
	id 1kMttF-0006TH-HP; Mon, 28 Sep 2020 10:12:29 -0400
Received: from mail-ej1-x643.google.com ([2a00:1450:4864:20::643])
 by shelob.surriel.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94)
 (envelope-from <pintu.ping@gmail.com>) id 1kMttD-0006TB-0S
 for kernelnewbies@kernelnewbies.org; Mon, 28 Sep 2020 10:12:27 -0400
Received: by mail-ej1-x643.google.com with SMTP id q13so8693375ejo.9
 for <kernelnewbies@kernelnewbies.org>; Mon, 28 Sep 2020 07:12:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:references:in-reply-to:from:date:message-id:subject:to
 :cc; bh=Tefr7BiFg39dwwsMVzHhoZjOTiYyT1GtzIbXqdzA3RQ=;
 b=cXl8XE2U4M1Uq5WJZJO+7kQtPfIkT7190lUQPtIRikXcIVUCIifzMHW932m5pjfAaW
 0Tb49s8LXw6flO8kvaqPRkA/68nTljoblmBx87fY2t+GKGsAJUuKE29SNGbc/E0eomfN
 GP44GTROn2cLLqVB2CTbgR6PTIW4aIfK46QKSuQ9BUDmrDjgIlS3TLD25IpWqvyibf0s
 aDIGop+wujTvC8qBgG+gIcia3TMfAxM1IMG5CvVPfkbmILuuHqMjjDarHTWmumyRToW/
 gc0NVTasRm3wnPL2oBdiB5shLfc/qm/Bq/tT8enqX0rtIFnnDvDrcisZq40p6nYb8SP+
 kpfw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=Tefr7BiFg39dwwsMVzHhoZjOTiYyT1GtzIbXqdzA3RQ=;
 b=lUIM3gmwe9Yy5WBq1snBj9esDrzGWh1dLnZYQTyRxP5luyx0dFrU6mfeIv0ooze6g6
 BvcYNm15euBC0OQ89DopL+jtRYYz8gnbZJ5c4BOuHmQiEuAvcQRg4BoK0SqxSN4rm1e/
 qdwQmnwH88IYU91YDy2Rs89cJ5jiTbL2OvW9Qc8W0zLrphsQWLxHN2Ca5EgCWw+Ufe/C
 /3SYVjtD55DHj8gcGwhMFYyQ9XLD8bEvqF/oUg/BYwRuxRvBVyMyQe6ItdaZeoLqH33T
 IXs5lXMrXi6g+m3JULgzTvP/DmwLXHR7PW/BkSbOnt3wjLApVY3LbxHFLOPg4LB/tN58
 6SEg==
X-Gm-Message-State: AOAM530LXTyjcBhaThYSMnun+TZkr0l8cRyZWvMPtBjlNVrH4l9O/9g8
 wJDtF4T+91Kf5U3RuyPCOl16nYjEJor3gYwjZ7s=
X-Google-Smtp-Source: ABdhPJwRJJpw0/VWqUdH/OPHzpw/+li0Sr+sfPnK0ny3I4lyCpu0qLK2vlTmQKvyJOoIJrNZrOL4b8SI0FBQTEppbi0=
X-Received: by 2002:a17:906:e24d:: with SMTP id
 gq13mr1789288ejb.152.1601302285000; 
 Mon, 28 Sep 2020 07:11:25 -0700 (PDT)
MIME-Version: 1.0
References: <CAOuPNLjtG_VHL1M8-=pKNNRmWQg_8oC0YG7C8H3gQcbJ+0B3=A@mail.gmail.com>
 <202009251301.A1FD183582@keescook>
 <CAMj1kXGtv84JHQfKoqOYyq=3m2w0Yuj_n4_Teo83zvdZ9kpZhw@mail.gmail.com>
 <202009251338.D17FB071@keescook>
 <CAMj1kXEWutwE-fP9bc=tsyPoTuV6J7bLzLpkZ213P9y9JszkTw@mail.gmail.com>
 <202009251647.FD8CECD4@keescook>
 <CAOuPNLif93a1uHhqsKFwhd35nfCnmRu_uxpB62shOEKyQ96hNw@mail.gmail.com>
 <202009260933.C603CD8@keescook>
 <CAOuPNLiM+ghH_7eNkAfA=jDgHrc+2_jB_n3FvYG-JMN0EiNfGA@mail.gmail.com>
In-Reply-To: <CAOuPNLiM+ghH_7eNkAfA=jDgHrc+2_jB_n3FvYG-JMN0EiNfGA@mail.gmail.com>
From: Pintu Agarwal <pintu.ping@gmail.com>
Date: Mon, 28 Sep 2020 19:41:13 +0530
Message-ID: <CAOuPNLiw1FyzHq2DykRFwgG0BeaWaNymiV8_DmD=ump7P8W_ow@mail.gmail.com>
Subject: Re: KASLR support on ARM with Kernel 4.9 and 4.14
To: Kees Cook <keescook@chromium.org>
Cc: Mark Rutland <mark.rutland@arm.com>, Thomas Garnier <thgarnie@google.com>,
 Arnd Bergmann <arnd@arndb.de>, Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 Marc Zyngier <marc.zyngier@arm.com>, open list <linux-kernel@vger.kernel.org>,
 Kernelnewbies <kernelnewbies@kernelnewbies.org>,
 Russell King - ARM Linux <linux@armlinux.org.uk>,
 Ard Biesheuvel <ardb@kernel.org>, Tony Lindgren <tony@atomide.com>,
 nico@linaro.org, Dave Martin <dave.martin@arm.com>, matt@codeblueprint.co.uk,
 "moderated list:ARM/FREESCALE IMX / MXC ARM ARCHITECTURE"
 <linux-arm-kernel@lists.infradead.org>
X-BeenThere: kernelnewbies@kernelnewbies.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Learn about the Linux kernel <kernelnewbies.kernelnewbies.org>
List-Unsubscribe: <https://lists.kernelnewbies.org/mailman/options/kernelnewbies>, 
 <mailto:kernelnewbies-request@kernelnewbies.org?subject=unsubscribe>
List-Archive: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/>
List-Post: <mailto:kernelnewbies@kernelnewbies.org>
List-Help: <mailto:kernelnewbies-request@kernelnewbies.org?subject=help>
List-Subscribe: <https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies>, 
 <mailto:kernelnewbies-request@kernelnewbies.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kernelnewbies-bounces@kernelnewbies.org

On Mon, 28 Sep 2020 at 19:15, Pintu Agarwal <pintu.ping@gmail.com> wrote:
>
> On Sat, 26 Sep 2020 at 22:10, Kees Cook <keescook@chromium.org> wrote:
>
> > > >> I wonder if this is an Android Common kernel?
> > > It uses the below kernel for 4.14:
> > > https://gitlab.com/quicla/kernel/msm-4.14/-/tree/LE.UM.3.4.2.r1.5  (or
> > > similar branch).
> >
> > Okay, so yes. And this appears to have the hashing of %p backported. I
> > cannot, however, explain why it's showing hashed pointers instead of
> > just NULL, though.
> >
> > It might be related to these commits but they're not in that kernel:
> > 3e5903eb9cff ("vsprintf: Prevent crash when dereferencing invalid pointers")
> > 7bd57fbc4a4d ("vsprintf: don't obfuscate NULL and error pointers")
> >
> > > ==> The case where symbol addresses are changing.
> > >
> > > kptr_restrict is set to 2 by default:
> > > / # cat /proc/sys/kernel/kptr_restrict
> > > 2
> > >
> > > Basically, the goal is:
> > > * To understand how addresses are changing in 4.14 Kernel (without
> > > KASLR support)?
> > > * Is it possible to support the same in 4.9 Kernel ?
> >
> > Try setting kptr_restrict to 0 and see if the symbol addresses change? I
> > suspect Ard is correct: there's no KASLR here, just hashed pointers
> > behaving weird on an old non-stock kernel. :)
> >
>
> Okay. Thank you so much for your comments and suggestions.
> You mean to say, setting kptr_restrict to 0 may avoid changing symbol
> addresses in 4.14 ?
> And, sorry, I could not understand the thing about this "hashed pointers".
> How can I check this behavior in source code to understand better?
> Is it possible to give some reference ?
> I wanted to disable this hash pointer on 4.14 kernel and check the behavior.
> Also if possible, we would like to make this similar change on 4.9
> kernel as well.
>

Okay, I found these changes in 4.14 kernel:
https://gitlab.com/quicla/kernel/msm-4.14/-/commit/e63732dbfe017aa0dbabac9d096b5fde8afbd395

Are we talking about this?
I cound not find this in 4.9 kernel.

I will disable kptr_restrict and check or, I will enable
CONFIG_DEBUG_CONSOLE_UNHASHED_POINTERS and check.


Thanks,
Pintu

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies