|
Message-ID: <87tv08svl8.fsf@nanos.tec.linutronix.de> Date: Fri, 22 May 2020 01:43:15 +0200 From: Thomas Gleixner <tglx@...utronix.de> To: Kees Cook <keescook@...omium.org> Cc: Kristen Carlson Accardi <kristen@...ux.intel.com>, mingo@...hat.com, bp@...en8.de, arjan@...ux.intel.com, x86@...nel.org, linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com, rick.p.edgecombe@...el.com Subject: Re: [PATCH v2 0/9] Function Granular KASLR Kees, Kees Cook <keescook@...omium.org> writes: > On Fri, May 22, 2020 at 12:26:30AM +0200, Thomas Gleixner wrote: >> I understand how this is supposed to work, but I fail to find an >> explanation how all of this is preserving the text subsections we have, >> i.e. .kprobes.text, .entry.text ...? > > I had the same question when I first started looking at earlier versions > of this series! :) > >> I assume that the functions in these subsections are reshuffled within >> their own randomized address space so that __xxx_text_start and >> __xxx_text_end markers still make sense, right? > > No, but perhaps in the future. Right now, they are entirely ignored and > left untouched. I'm fine with that restriction, but for a moment I got worried that this might screw up explicit subsections. This really want's to be clearly expressed in the cover letter and the changelogs so that such questions don't arise again. <SNIP> > So, before any of that, just .text.* is a good first step, and after > that I think next would be getting .text randomized relative to the other > .text.* sections (IIUC, it is entirely untouched currently, so only the > standard KASLR base offset moves it around). Only after that do we start > poking around trying to munge the special section contents (which > requires use solving a few problems simultaneously). :) Thanks for the detailed explanation! tglx
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.