|
Message-ID: <20180315084836.GA15953@amd>
Date: Thu, 15 Mar 2018 09:48:36 +0100
From: Pavel Machek <pavel@....cz>
To: Thomas Garnier <thgarnie@...gle.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
"David S . Miller" <davem@...emloft.net>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, "H . Peter Anvin" <hpa@...or.com>,
Peter Zijlstra <peterz@...radead.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Kate Stewart <kstewart@...uxfoundation.org>,
Arnd Bergmann <arnd@...db.de>,
Philippe Ombredanne <pombredanne@...b.com>,
Arnaldo Carvalho de Melo <acme@...hat.com>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Matthias Kaehlcke <mka@...omium.org>,
Kees Cook <keescook@...omium.org>,
Tom Lendacky <thomas.lendacky@....com>,
"Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Dominik Brodowski <linux@...inikbrodowski.net>,
Borislav Petkov <bp@...en8.de>, Borislav Petkov <bp@...e.de>,
"Rafael J . Wysocki" <rjw@...ysocki.net>,
Len Brown <len.brown@...el.com>, Juergen Gross <jgross@...e.com>,
Alok Kataria <akataria@...are.com>,
Steven Rostedt <rostedt@...dmis.org>, Tejun Heo <tj@...nel.org>,
Christoph Lameter <cl@...ux.com>,
Dennis Zhou <dennisszhou@...il.com>,
Boris Ostrovsky <boris.ostrovsky@...cle.com>,
David Woodhouse <dwmw@...zon.co.uk>,
Alexey Dobriyan <adobriyan@...il.com>,
"Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Nicolas Pitre <nicolas.pitre@...aro.org>,
Randy Dunlap <rdunlap@...radead.org>,
"Luis R . Rodriguez" <mcgrof@...nel.org>,
Christopher Li <sparse@...isli.org>,
Jason Baron <jbaron@...mai.com>,
Ashish Kalra <ashish@...estacks.com>,
Kyle McMartin <kyle@...hat.com>,
Dou Liyang <douly.fnst@...fujitsu.com>,
Lukas Wunner <lukas@...ner.de>, Petr Mladek <pmladek@...e.com>,
Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
Masahiro Yamada <yamada.masahiro@...ionext.com>,
Ingo Molnar <mingo@...nel.org>, Nicholas Piggin <npiggin@...il.com>,
Cao jin <caoj.fnst@...fujitsu.com>,
"H . J . Lu" <hjl.tools@...il.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Radim Krčmář <rkrcmar@...hat.com>,
Joerg Roedel <joro@...tes.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Rik van Riel <riel@...hat.com>,
Jia Zhang <qianyue.zj@...baba-inc.com>, Jiri Slaby <jslaby@...e.cz>,
Kyle Huey <me@...ehuey.com>, Jonathan Corbet <corbet@....net>,
Matthew Wilcox <mawilcox@...rosoft.com>,
Michal Hocko <mhocko@...e.com>, Rob Landley <rob@...dley.net>,
Baoquan He <bhe@...hat.com>, Daniel Micay <danielmicay@...il.com>,
Jan H . Schönherr <jschoenh@...zon.de>,
x86@...nel.org, linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-pm@...r.kernel.org,
virtualization@...ts.linux-foundation.org,
xen-devel@...ts.xenproject.org, linux-arch@...r.kernel.org,
linux-sparse@...r.kernel.org, kvm@...r.kernel.org,
linux-doc@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH v2 00/27] x86: PIE support and option to extend KASLR
randomization
Hi!
> These patches make the changes necessary to build the kernel as Position
> Independent Executable (PIE) on x86_64. A PIE kernel can be relocated below
> the top 2G of the virtual address space. It allows to optionally extend the
> KASLR randomization range from 1G to 3G.
Would you explain why PIE code is good idea?
You are adding less than 2 bits of randomness. Cost is new config
option, some size and performance impact, and more than 1000 lines of
code...
Is there some grand plan of adding 30 more bits of randomness with
future patch or something?
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.