From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S964850AbbKDKGI (ORCPT <rfc822;w@1wt.eu>);
	Wed, 4 Nov 2015 05:06:08 -0500
Received: from szxga02-in.huawei.com ([119.145.14.65]:18363 "EHLO
	szxga02-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S932205AbbKDKGF (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 4 Nov 2015 05:06:05 -0500
Message-ID: <5639D85C.5080703@huawei.com>
Date: Wed, 4 Nov 2015 18:05:16 +0800
From: zhouchengming <zhouchengming1@huawei.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20120428 Thunderbird/12.0.1
MIME-Version: 1.0
To: Jiri Kosina <jikos@kernel.org>
CC: <jpoimboe@redhat.com>, <sjenning@redhat.com>, <vojtech@suse.cz>,
        <live-patching@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
        <guohanjun@huawei.com>, <huawei.libin@huawei.com>,
        <xiexiuqi@huawei.com>, <cbay@alwaysdata.com>
Subject: Re: [PATCH] livepatch: x86: bugfix about kASLR
References: <1446629532-32111-1-git-send-email-zhouchengming1@huawei.com> <alpine.LNX.2.00.1511041042190.22567@pobox.suse.cz>
In-Reply-To: <alpine.LNX.2.00.1511041042190.22567@pobox.suse.cz>
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.177.236.183]
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0),
	refid=str=0001.0A090205.5639D87F.00A6,ss=1,re=0.000,fgs=0,
	ip=0.0.0.0,
	so=2013-06-18 04:22:30,
	dmn=2011-05-27 18:58:46
X-Mirapoint-Loop-Id: 11361df5acf79e78f75648ec6d949f85
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 2015/11/4 17:44, Jiri Kosina wrote:
> On Wed, 4 Nov 2015, Zhou Chengming wrote:
>
>> When enable KASLR, func->old_addr will be set to zero
>> and livepatch will find the right old address.
>> But for reloc, livepatch just verify it using reloc->val
>> (old addr from user), so verify failed and report
>> "kernel mismatch" error.
>>
>> Reported-by: Cyril B.<cbay@alwaysdata.com>
>> Signed-off-by: Zhou Chengming<zhouchengming1@huawei.com>
>> ---
>>   kernel/livepatch/core.c |    7 ++++++-
>>   1 files changed, 6 insertions(+), 1 deletions(-)
>>
>> diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
>> index 53196e2..c8885c6 100644
>> --- a/kernel/livepatch/core.c
>> +++ b/kernel/livepatch/core.c
>> @@ -311,7 +311,12 @@ static int klp_write_object_relocations(struct module *pmod,
>>   		return -EINVAL;
>>
>>   	for (reloc = obj->relocs; reloc->name; reloc++) {
>> -		if (!klp_is_module(obj)) {
>> +
>> +#if defined(CONFIG_RANDOMIZE_BASE)
> CONFIG_RANDOMIZE_BASE being enabled by itself doesn't directly imply that
> kASLR has been actually really enabled during runtime. You need
> to check kaslr_enabled() as well.

Right.

>> +		/* KASLR is enabled, disregard old_addr from user */
>> +		reloc->val = 0;
> Is there a reason why to discard it completely? Adding kaslr_offset()
> should give us the correct address, right?
>
> Thanks,
>

Yes, it's definitely better.

Thanks