From: mark.rutland@arm.com (Mark Rutland)
To: linux-arm-kernel@lists.infradead.org
Subject: [Query] ARM64 kaslr support - randomness, seeding and kdump
Date: Tue, 13 Mar 2018 11:20:17 +0000 [thread overview]
Message-ID: <20180313112016.ocx4qqhji3zfwjhs@lakrids.cambridge.arm.com> (raw)
In-Reply-To: <20180313110747.GJ25863@linaro.org>
On Tue, Mar 13, 2018 at 08:07:49PM +0900, AKASHI Takahiro wrote:
> On Tue, Mar 13, 2018 at 10:47:15AM +0000, Mark Rutland wrote:
> > On Tue, Mar 13, 2018 at 07:22:03PM +0900, AKASHI Takahiro wrote:
> > > On Mon, Mar 12, 2018 at 08:58:00PM +0000, Ard Biesheuvel wrote:
> > > > On 12 March 2018 at 20:14, Bhupesh Sharma <bhsharma@redhat.com> wrote:
> >
> > > More importantly, neither arm64 _kexec_ supports kaslr.
> >
> > The below is just considering this, and ignoring kdump (where I don't
> > think we care at all about KASLR).
> >
> > > Currently kexec-tools is set to determine where the kernel actually be
> > > loaded, using a constant offset, text_offset, which comes from an image's
> > > boot header and relocation of an image to the load address is performed
> > > at the very end of the first kernel without knowing whether the 2nd kernel
> > > has kaslr support enabled or not.
> >
> > The kexec tools shouldn't need to know whether the kernel supports KASLR
> > at all.
> >
> > If the new kernel image has bit 3 (Kernel physical placement) set, kexec
> > tools can choose to randomize the physical load address, regardless of
> > whether that kernel has KASLR enabled.
>
> So, by definition, is randomness, if we say so, in physical address not
> part of KASLR?
Physical randomization is not part of the kernel's KASLR implementation.
We happen to do it in the EFI stub, because we can in that context. But
generally, physical randomization is not part of arm64's in-kernel
KASLR.
For various reasons, the physical address that the kernel is loaded to
may be arbitrary, so we have to cope with physical randomization
regardless.
Thanks,
Mark.
next prev parent reply other threads:[~2018-03-13 11:20 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-12 20:14 [Query] ARM64 kaslr support - randomness, seeding and kdump Bhupesh Sharma
2018-03-12 20:58 ` Ard Biesheuvel
2018-03-13 1:54 ` Dave Young
2018-03-13 10:22 ` AKASHI Takahiro
2018-03-13 10:47 ` Mark Rutland
2018-03-13 11:07 ` AKASHI Takahiro
2018-03-13 11:20 ` Mark Rutland [this message]
2018-03-13 19:48 ` Bhupesh Sharma
2018-03-14 2:10 ` AKASHI Takahiro
2018-03-14 5:03 ` Bhupesh Sharma
2018-03-14 6:40 ` AKASHI Takahiro
2018-03-14 18:24 ` Mark Rutland
2018-03-16 9:35 ` Bhupesh Sharma
2018-04-06 2:09 ` AKASHI Takahiro
2018-04-09 4:01 ` Bhupesh Sharma
2018-04-09 4:31 ` AKASHI Takahiro
2018-04-09 9:28 ` Ard Biesheuvel
2018-04-09 9:39 ` Baoquan He
2018-04-09 18:28 ` Bhupesh Sharma
2018-04-10 0:47 ` AKASHI Takahiro
2018-04-14 20:14 ` Bhupesh Sharma
2018-04-18 11:52 ` Mark Rutland
2018-04-23 20:34 ` Bhupesh Sharma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180313112016.ocx4qqhji3zfwjhs@lakrids.cambridge.arm.com \
--to=mark.rutland@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).