Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAGXu5jJ_KTp08gTms34GGa23fuYE5Mty=9e28inu8w3BWSjMjA@mail.gmail.com>
Date: Tue, 16 Feb 2016 15:50:40 -0800
From: Kees Cook <keescook@...omium.org>
To: Baoquan He <bhe@...hat.com>
Cc: Yinghai Lu <yinghai@...nel.org>, "H. Peter Anvin" <hpa@...or.com>, 
	LKML <linux-kernel@...r.kernel.org>, Borislav Petkov <bp@...en8.de>, 
	Ingo Molnar <mingo@...hat.com>, Andy Lutomirski <luto@...nel.org>, Vivek Goyal <vgoyal@...hat.com>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: [PATCH 00/42] x86: updated patches for kaslr and setup_data etc
 for v4.3

On Sun, Feb 14, 2016 at 11:29 PM, Baoquan He <bhe@...hat.com> wrote:
> On 02/08/16 at 08:31pm, Kees Cook wrote:
>> On Sat, Feb 6, 2016 at 3:50 AM, Baoquan He <bhe@...hat.com> wrote:
>> > Hi,
>> >
>> > Recently people using big box servers are also very interested in kaslr and want
>> > to have it to enhance security. So allowing kaslr be able to randomize above 4G
>> > makes much sense for different kinds of system. I would like to repost patches
>> > realted to kaslr in this patchset, and leave the rest to Yinghai. Or I can try
>> > to understand and adjust the rest with yh and reviewers' help, then post. But
>> > firstly I will focus on kaslr and try to make it merge into Linus's tree.
>> >
>> > Since this patchset includes too many issues and people usually like reviewing
>> > post which takes care of one main issue in one thread, I will start from below
>> > thread. It mainly includes kaslr above 4G support and bug fixes and several clean
>> > up patch.
>> >
>> > x86, boot: kaslr cleanup and 64bit kaslr support
>> > https://lwn.net/Articles/637115/
>> >
>> > The following patch lists is taken from yh's cover letter of above patch thread.
>> >
>> > **************************
>> > My plan is split them into
>> > 1) kaslr above 4G support
>> >   x86, boot: Split kernel_ident_mapping_init to another file
>> >   x86, 64bit: Set ident_mapping for kaslr
>> >   x86, boot: Add checking for memcpy
>> >   x86, boot: Move z_extract_offset calculation to header.S
>> >   x86, boot: Simplify run_size calculation
>> >   x86, kaslr: Kill not used run_size related code.
>> >   x86, kaslr: Use output_run_size
>> >   x86, kaslr: Fix a bug that relocation can not be handled when kernel is loaded above 2G
>> >   x86, kaslr: Introduce struct slot_area to manage randomization slot info
>> >   x86, kaslr: Add two functions which will be used later
>> >   x86, kaslr: Introduce fetch_random_virt_offset to randomize the kernel text mapping address
>> >   x86, kaslr: Randomize physical and virtual address of kernel separately
>> >   x86, kaslr: Add support of kernel physical address randomization above 4G
>> >   x86, kaslr: Remove useless codes
>> > 2) allow kaslr to choose slots below loaded address
>> >   x86, kaslr: Consolidate mem_avoid array filling
>> >   x86, kaslr: Allow random address could be below loaded address
>> > 3) Make data from decompress_kernel stage live longer (bug fix)
>> >   x86, boot: Make data from decompress_kernel stage live longer
>> > 4) Get correct max_addr for relocs pointer (improvement)
>> >   x86, kaslr: Get correct max_addr for relocs pointer
>> >
>> > The 2) could be added into 1) post. I take it out because the mem_avoid issue is very
>> > complicated, can be discussed in a separate thread. And 1) post only focus the kaslr
>> > above 4G support.
>> >
>> > That's all I plan to do. Suggestion or comments are welcome.
>>
>> That sounds great, thanks! Please check the rest of the thread where I
>> asked a number of questions that remain unanswered. If we can get some
>> clarification on those points, I think it would help move this along
>> more quickly.
>
> Hi Kees,
>
> Thanks for your suggestion. I am trying to understand all patches and
> make some adjustment, meanwhile adjust patch log with my understanding.
> And your questions help me understand it deeper. I will post after
> updating. Hope you, Yinghai and other experts can help review and give
> precious comments and suggestions.

Sounds great! I look forward to them. :)

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.