From: Mark Rutland <mark.rutland@arm.com>
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Mark Brown <broonie@kernel.org>, Will Deacon <will@kernel.org>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH] arm64: kaslr: Print warning if KASLR is disabled due to lack of seed
Date: Fri, 8 Nov 2019 14:14:27 +0000 [thread overview]
Message-ID: <20191108141426.GC11465@lakrids.cambridge.arm.com> (raw)
In-Reply-To: <20191108133830.GB22834@arrakis.emea.arm.com>
On Fri, Nov 08, 2019 at 01:38:31PM +0000, Catalin Marinas wrote:
> On Thu, Nov 07, 2019 at 12:12:41PM +0000, Mark Brown wrote:
> > diff --git a/arch/arm64/kernel/kaslr.c b/arch/arm64/kernel/kaslr.c
> > index 416f537bf614..c2ba5e783ada 100644
> > --- a/arch/arm64/kernel/kaslr.c
> > +++ b/arch/arm64/kernel/kaslr.c
> > @@ -98,8 +98,10 @@ u64 __init kaslr_early_init(u64 dt_phys)
> > * Retrieve (and wipe) the seed from the FDT
> > */
> > seed = get_kaslr_seed(fdt);
> > - if (!seed)
> > + if (!seed) {
> > + pr_warn("No seed available for KASLR, disabling\n");
> > return 0;
> > + }
> >
> > /*
> > * Check if 'nokaslr' appears on the command line, and
>
> For some reason, this patch locks up the VM on TX2, stuck in a recursive
> fault. Too early for a printk?
We call kaslr_early_init() before start_kernel(), so we haven't set up
things like the per-cpu offset here (and I believe that printk relies on
that internally).
To avoid surprises, I think it'd be best to log that state later, in
setup.c. We can also do that consistently, so that the user has a
positive message when KASLR is in use.
We can either have something like:
void announce_kaslr(void)
{
if (!IS_ENABLED(CONFIG_RANDOMIZE_BASE))
return;
if (kaslr_offset() != 0)
pr_info("KASLR in use\n");
else if (in_commandline("nokaslr"))
pr_info("KASLR disabled (command line)\n");
else
pr_info("KASLR disabled (no seed)\n");
}
Or have kaslr.c update something like:
enum kaslr_status {
KASLR_ENABLED,
KASLR_DISABLED,
KASLR_NO_SEED,
};
enum kaslr_status __ro_after_init kaslr_status;
... and switch on that in setup.c.
Thanks,
Mark.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-11-08 14:14 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-07 12:12 [PATCH] arm64: kaslr: Print warning if KASLR is disabled due to lack of seed Mark Brown
2019-11-08 13:38 ` Catalin Marinas
2019-11-08 14:14 ` Mark Rutland [this message]
2019-11-08 14:35 ` Mark Brown
2019-11-08 14:17 ` Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191108141426.GC11465@lakrids.cambridge.arm.com \
--to=mark.rutland@arm.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).