Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20170905164547.GA5024@atomide.com>
Date: Tue, 5 Sep 2017 09:45:48 -0700
From: Tony Lindgren <tony@...mide.com>
To: Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc: linux-arm-kernel@...ts.infradead.org,
	kernel-hardening@...ts.openwall.com, Arnd Bergmann <arnd@...db.de>,
	Nicolas Pitre <nico@...aro.org>,
	Russell King <linux@...linux.org.uk>,
	Kees Cook <keescook@...omium.org>,
	Thomas Garnier <thgarnie@...gle.com>,
	Marc Zyngier <marc.zyngier@....com>,
	Mark Rutland <mark.rutland@....com>,
	Matt Fleming <matt@...eblueprint.co.uk>,
	Dave Martin <dave.martin@....com>
Subject: Re: [PATCH v2 00/29] implement KASLR for ARM

Hi,

* Ard Biesheuvel <ard.biesheuvel@...aro.org> [170903 05:08]:
> This series implements randomization of the placement of the core ARM kernel
> inside the lowmem region. It consists of the following parts:
> 
> - changes that allow us to build vmlinux as a PIE executable which retains
>   the metadata required to fix up all absolute symbol references at runtime
> - changes that eliminate absolute references from low-level code that may
>   execute with the MMU off: this removes the need to perform explicit cache
>   maintenance after the absolute references have been fixed up at runtime with
>   the caches enabled
> - changes to the core kernel startup code to take the physical offset into
>   account when creating the virtual mapping (the pa-to-va mapping remains
>   unchanged)
> - changes to the decompressor to collect some pseudo-entropy, and randomize
>   the physical offset of the decompressed kernel, taking placement of DTB,
>   initrd and reserved regions into account
> - changes to the UEFI stub code to choose the KASLR offset and communicate
>   it to the decompressor
> 
> To test these changes, boot a multi_v7_defconfig+CONFIG_RANDOMIZE_BASE=y

I gave a quick try using your arm-kaslr-v3 branch, hopefully that's
the right one.

The good news is that now omap3 boots with omap2plus_defconfig with
and without CONFIG_RANDOMIZE_BASE=y and I did not see any compiler
errors with my gcc 6.2.0 like earlier :)

I did see boot attempts fail with randomize enable where no output
was produced. It seems this is happening for me maybe 1 out of 5 boots.
Enabling DEBUG_LL did not show anything either.

Then loading modules with CONFIG_RANDOMIZE_BASE=y seems to fail with:

$ sudo modprobe rtc-twl
rtc_twl: disagrees about version of symbol module_layout
modprobe: ERROR: could not insert 'rtc_twl': Exec format error

Regards,

Tony

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.