Cover Letter Detail
Show a cover letter.
GET /api/covers/809260/?format=api
{ "id": 809260, "url": "http://patchwork.ozlabs.org/api/covers/809260/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-imx/cover/20170903120757.14968-1-ard.biesheuvel@linaro.org/", "project": { "id": 19, "url": "http://patchwork.ozlabs.org/api/projects/19/?format=api", "name": "Linux IMX development", "link_name": "linux-imx", "list_id": "linux-imx-kernel.lists.patchwork.ozlabs.org", "list_email": "linux-imx-kernel@lists.patchwork.ozlabs.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170903120757.14968-1-ard.biesheuvel@linaro.org>", "list_archive_url": null, "date": "2017-09-03T12:07:28", "name": "[v2,00/29] implement KASLR for ARM", "submitter": { "id": 26857, "url": "http://patchwork.ozlabs.org/api/people/26857/?format=api", "name": "Ard Biesheuvel", "email": "ard.biesheuvel@linaro.org" }, "mbox": "http://patchwork.ozlabs.org/project/linux-imx/cover/20170903120757.14968-1-ard.biesheuvel@linaro.org/mbox/", "series": [ { "id": 1217, "url": "http://patchwork.ozlabs.org/api/series/1217/?format=api", "web_url": "http://patchwork.ozlabs.org/project/linux-imx/list/?series=1217", "date": "2017-09-03T12:07:28", "name": "implement KASLR for ARM", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/1217/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/covers/809260/comments/", "headers": { "Return-Path": "<linux-arm-kernel-bounces+incoming-imx=patchwork.ozlabs.org@lists.infradead.org>", "X-Original-To": "incoming-imx@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming-imx@bilbo.ozlabs.org", "Authentication-Results": [ "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.infradead.org\n\t(client-ip=65.50.211.133; helo=bombadil.infradead.org;\n\tenvelope-from=linux-arm-kernel-bounces+incoming-imx=patchwork.ozlabs.org@lists.infradead.org;\n\treceiver=<UNKNOWN>)", "ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=lists.infradead.org\n\theader.i=@lists.infradead.org header.b=\"iuN/hSV6\"; \n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=linaro.org header.i=@linaro.org\n\theader.b=\"ZrC4w3UW\"; dkim-atps=neutral" ], "Received": [ "from bombadil.infradead.org (bombadil.infradead.org\n\t[65.50.211.133])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xlWx15GWvz9s7v\n\tfor <incoming-imx@patchwork.ozlabs.org>;\n\tSun, 3 Sep 2017 22:09:09 +1000 (AEST)", "from localhost ([127.0.0.1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux))\n\tid 1doTi6-0001Tz-FA; Sun, 03 Sep 2017 12:09:06 +0000", "from mail-wm0-x22b.google.com ([2a00:1450:400c:c09::22b])\n\tby bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux))\n\tid 1doThg-0001Qa-0j for linux-arm-kernel@lists.infradead.org;\n\tSun, 03 Sep 2017 12:08:42 +0000", "by mail-wm0-x22b.google.com with SMTP id v2so21056718wmf.0\n\tfor <linux-arm-kernel@lists.infradead.org>;\n\tSun, 03 Sep 2017 05:08:18 -0700 (PDT)", "from localhost.localdomain ([154.151.223.220])\n\tby smtp.gmail.com with ESMTPSA id\n\tb196sm4392664wmd.29.2017.09.03.05.08.13\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tSun, 03 Sep 2017 05:08:16 -0700 (PDT)" ], "DKIM-Signature": [ "v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20170209; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:\n\tList-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date:\n\tSubject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:\n\tResent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:\n\tReferences:List-Owner; bh=bQHHlnhaH1wdwiZEjS9+D+XMigMU5tmbEBj5jcWof2o=;\n\tb=iuN\n\t/hSV6QznUp8tTIQbwQGUHvLON/WDNAd9Zr4mZdrwkvwctEL5Dni5vxSSlSD8TCjROft4LyHwUgW18\n\tCZWB/L0eCFOqrH5TAeiXjnW8x+9cxm2nUyMxWEdoA3RRemcmhA8CPexJKpyb/rGtYa8h4wXMnxtPU\n\tEWFj7WDbIsuZ5qWaYy4P1UWKfePSFCWDkdRael0g9Mj0+DzZbVxqqKgk2LKQkr1jI2s0I0NvtEIAi\n\tjLOax6I2mGxoVuHpxFmo7DgMG44kfz6uTwS9jycugI2V5Mv9FfQPyDaoeQPboHbLfY22u9v0VNybN\n\tjeo4hTl7nPqX4p34M/DjJAKlX13zAfw==;", "v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;\n\th=from:to:cc:subject:date:message-id;\n\tbh=4S7BTuVmGD28K568q1rrDY1mInfllNkKN2a/FZpNC9E=;\n\tb=ZrC4w3UWL3OQPTT2HCTB51itX8G+AQCO7hVFHf6Xppo9uRUZcTpySa/Z1SVWg6gSyZ\n\t1G8EoVQoPJeGbsqOCcXqEBKtv5sDMA5tJhzxQ73FMYBQQXtJ4aAWyxQB1k3uuAZG8CFd\n\t8IkyFSou15oiqS/9HcSz1o6fhZWb4ph5PxjH0=" ], "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:cc:subject:date:message-id;\n\tbh=4S7BTuVmGD28K568q1rrDY1mInfllNkKN2a/FZpNC9E=;\n\tb=FKRnpSYP3uvyvGC2vrbXsx1xzduZ65QMAA20HtioKGPUp5R/GUE0EZBhOmi0CXUOGq\n\tC/uCIyfUrsvB9b3DK75PuOdiSB58LQJefBgZgBE4tAfkTIsKjzSGgMem62oT4st2OPqb\n\ttWrGHjRp75jG1GOiw8AGIALQvmUFeRJlXvcw6VWB3nmhEujQfBWXMeSLUviGpKOtp8q2\n\tQDw2pOQ4crgNGtfjWCm/iyHPnF4YGFKS2vMArvkvw+QxqMjRVe/pb/KMO1GuMoKLyyzN\n\tBdap0Hzlv2Dqh8qmvT8I9hH8mf98uj0meW/dCwyYpom/ybe1WWtIKqtIyEX1QhKppNvQ\n\tjRdw==", "X-Gm-Message-State": "AHPjjUgIikecivxHUPTepDq9dcqyoghQAKPySDG2Q/NfqSa9TCahHgmp\n\tBhE8Tn0clXmZPOOeL1/BOA==", "X-Google-Smtp-Source": "ADKCNb61vJFmLK3LzOBU46Mtn9WIG0ycFNaDqFWQQ2xSof90sUbXdQz8PW3TBL5o1jcyxlWy+QbP0g==", "X-Received": "by 10.28.149.142 with SMTP id x136mr1889874wmd.70.1504440497003; \n\tSun, 03 Sep 2017 05:08:17 -0700 (PDT)", "From": "Ard Biesheuvel <ard.biesheuvel@linaro.org>", "To": "linux-arm-kernel@lists.infradead.org, kernel-hardening@lists.openwall.com", "Subject": "[PATCH v2 00/29] implement KASLR for ARM", "Date": "Sun, 3 Sep 2017 13:07:28 +0100", "Message-Id": "<20170903120757.14968-1-ard.biesheuvel@linaro.org>", "X-Mailer": "git-send-email 2.11.0", "X-CRM114-Version": "20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ", "X-CRM114-CacheID": "sfid-20170903_050840_392244_87B5991C ", "X-CRM114-Status": "GOOD ( 20.38 )", "X-Spam-Score": "-2.7 (--)", "X-Spam-Report": "SpamAssassin version 3.4.1 on bombadil.infradead.org summary:\n\tContent analysis details: (-2.7 points)\n\tpts rule name description\n\t---- ----------------------\n\t--------------------------------------------------\n\t-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,\n\tlow\n\ttrust [2a00:1450:400c:c09:0:0:0:22b listed in] [list.dnswl.org]\n\t-0.0 SPF_PASS SPF: sender matches SPF record\n\t-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%\n\t[score: 0.0000]\n\t-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature\n\t0.1 DKIM_SIGNED Message has a DKIM or DK signature,\n\tnot necessarily valid\n\t-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from\n\tauthor's domain", "X-BeenThere": "linux-arm-kernel@lists.infradead.org", "X-Mailman-Version": "2.1.21", "Precedence": "list", "List-Unsubscribe": "<http://lists.infradead.org/mailman/options/linux-arm-kernel>,\n\t<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>", "List-Archive": "<http://lists.infradead.org/pipermail/linux-arm-kernel/>", "List-Post": "<mailto:linux-arm-kernel@lists.infradead.org>", "List-Help": "<mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>", "List-Subscribe": "<http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,\n\t<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>", "Cc": "Mark Rutland <mark.rutland@arm.com>, Kees Cook <keescook@chromium.org>, \n\tArnd Bergmann <arnd@arndb.de>, Nicolas Pitre <nico@linaro.org>,\n\tMarc Zyngier <marc.zyngier@arm.com>,\n\tArd Biesheuvel <ard.biesheuvel@linaro.org>,\n\tRussell King <linux@armlinux.org.uk>, Dave Martin <dave.martin@arm.com>, \n\tTony Lindgren <tony@atomide.com>, Thomas Garnier <thgarnie@google.com>,\n\tMatt Fleming <matt@codeblueprint.co.uk>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Sender": "\"linux-arm-kernel\" <linux-arm-kernel-bounces@lists.infradead.org>", "Errors-To": "linux-arm-kernel-bounces+incoming-imx=patchwork.ozlabs.org@lists.infradead.org", "List-Id": "linux-imx-kernel.lists.patchwork.ozlabs.org" }, "content": "This series implements randomization of the placement of the core ARM kernel\ninside the lowmem region. It consists of the following parts:\n\n- changes that allow us to build vmlinux as a PIE executable which retains\n the metadata required to fix up all absolute symbol references at runtime\n- changes that eliminate absolute references from low-level code that may\n execute with the MMU off: this removes the need to perform explicit cache\n maintenance after the absolute references have been fixed up at runtime with\n the caches enabled\n- changes to the core kernel startup code to take the physical offset into\n account when creating the virtual mapping (the pa-to-va mapping remains\n unchanged)\n- changes to the decompressor to collect some pseudo-entropy, and randomize\n the physical offset of the decompressed kernel, taking placement of DTB,\n initrd and reserved regions into account\n- changes to the UEFI stub code to choose the KASLR offset and communicate\n it to the decompressor\n\nTo test these changes, boot a multi_v7_defconfig+CONFIG_RANDOMIZE_BASE=y\nbuild and expect to see something like\n\n[ 0.000000] Virtual kernel memory layout:\n[ 0.000000] vector : 0xffff0000 - 0xffff1000 ( 4 kB)\n[ 0.000000] fixmap : 0xffc00000 - 0xfff00000 (3072 kB)\n[ 0.000000] vmalloc : 0xf0800000 - 0xff800000 ( 240 MB)\n[ 0.000000] lowmem : 0xc0000000 - 0xf0000000 ( 768 MB)\n[ 0.000000] pkmap : 0xbfe00000 - 0xc0000000 ( 2 MB)\n[ 0.000000] modules : 0xbf800000 - 0xbfe00000 ( 6 MB)\n[ 0.000000] .text : 0xd4208000 - 0xd4c00000 (10208 kB) <---- \n[ 0.000000] .init : 0xd5200000 - 0xd5600000 (4096 kB) <----\n[ 0.000000] .data : 0xd5600000 - 0xd5776f28 (1500 kB) <----\n[ 0.000000] .bss : 0xd57805e0 - 0xd57e60ac ( 407 kB) <----\n\nv2: - make adr_l/ldr_l/str_l macros work in .arm sections under Thumb2 builds,\n and remove support for conditional execution, which is finicky when\n building for Thumb2 with -mimplicit-it=always\n - work around a section mismatch warning resulting from using the -fpic\n switch\n - drop bogus patch to reserve initrd memory in the UEFI stub\n - add support to the decompressor to perform the randomization\n autonomously; this also removes the need for the extended zImage\n header, since the UEFI stub doesn't need it, and other bootloaders\n no longer have to do anything to enable KASLR.\n - avoid macros in ALT_SMP() calls (#9)\n\nCc: Arnd Bergmann <arnd@arndb.de>\nCc: Nicolas Pitre <nico@linaro.org>\nCc: Russell King <linux@armlinux.org.uk>\nCc: Kees Cook <keescook@chromium.org>\nCc: Thomas Garnier <thgarnie@google.com>\nCc: Marc Zyngier <marc.zyngier@arm.com>\nCc: Mark Rutland <mark.rutland@arm.com>\nCc: Tony Lindgren <tony@atomide.com>\nCc: Matt Fleming <matt@codeblueprint.co.uk>\nCc: Dave Martin <dave.martin@arm.com>\n\nArd Biesheuvel (29):\n net/core: work around section mismatch warning for ptp_classifier\n asm-generic: add .data.rel.ro sections to __ro_after_init\n ARM: assembler: introduce adr_l, ldr_l and str_l macros\n ARM: head-common.S: use PC-relative insn sequence for __proc_info\n ARM: head-common.S: use PC-relative insn sequence for idmap creation\n ARM: head.S: use PC-relative insn sequence for secondary_data\n ARM: kernel: use relative references for UP/SMP alternatives\n ARM: head: use PC-relative insn sequence for __smp_alt\n ARM: sleep.S: use PC-relative insn sequence for\n sleep_save_sp/mpidr_hash\n ARM: head.S: use PC-relative insn sequences for __fixup_pv_table\n ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET\n ARM: kvm: replace open coded VA->PA calculations with adr_l call\n arm-soc: exynos: replace open coded VA->PA conversions\n arm-soc: mvebu: replace open coded VA->PA conversion\n arm-soc: various: replace open coded VA->PA calculation of pen_release\n ARM: kernel: switch to relative exception tables\n ARM: kernel: use relative phys-to-virt patch tables\n arm-soc: tegra: make sleep asm code runtime relocatable\n ARM: kernel: make vmlinux buildable as a PIE executable\n ARM: kernel: use PC-relative symbol references in MMU switch code\n ARM: kernel: use PC relative symbol references in suspend/resume code\n ARM: mm: export default vmalloc base address\n ARM: kernel: refer to swapper_pg_dir via its symbol\n ARM: kernel: implement randomization of the kernel load address\n ARM: decompressor: explicitly map decompressor binary cacheable\n ARM: decompressor: add KASLR support\n efi/libstub: add 'max' parameter to efi_random_alloc()\n efi/libstub: check for vmalloc= command line argument\n efi/libstub: arm: implement KASLR\n\n arch/arm/Kconfig | 19 +\n arch/arm/Makefile | 5 +\n arch/arm/boot/compressed/Makefile | 8 +-\n arch/arm/boot/compressed/head.S | 125 ++++--\n arch/arm/boot/compressed/kaslr.c | 398 ++++++++++++++++++++\n arch/arm/include/asm/Kbuild | 1 -\n arch/arm/include/asm/assembler.h | 86 ++++-\n arch/arm/include/asm/extable.h | 19 +\n arch/arm/include/asm/futex.h | 2 +-\n arch/arm/include/asm/memory.h | 6 +-\n arch/arm/include/asm/pgtable.h | 1 +\n arch/arm/include/asm/processor.h | 2 +-\n arch/arm/include/asm/uaccess.h | 8 +-\n arch/arm/include/asm/word-at-a-time.h | 2 +-\n arch/arm/kernel/entry-armv.S | 6 +-\n arch/arm/kernel/head-common.S | 61 ++-\n arch/arm/kernel/head.S | 217 ++++++-----\n arch/arm/kernel/hyp-stub.S | 33 +-\n arch/arm/kernel/sleep.S | 28 +-\n arch/arm/kernel/swp_emulate.c | 4 +-\n arch/arm/kernel/vmlinux.lds.S | 9 +\n arch/arm/kvm/init.S | 8 +-\n arch/arm/lib/backtrace.S | 8 +-\n arch/arm/lib/getuser.S | 22 +-\n arch/arm/lib/putuser.S | 12 +-\n arch/arm/mach-exynos/headsmp.S | 9 +-\n arch/arm/mach-exynos/sleep.S | 26 +-\n arch/arm/mach-mvebu/coherency_ll.S | 8 +-\n arch/arm/mach-prima2/headsmp.S | 11 +-\n arch/arm/mach-spear/headsmp.S | 11 +-\n arch/arm/mach-sti/headsmp.S | 10 +-\n arch/arm/mach-tegra/sleep-tegra20.S | 22 +-\n arch/arm/mach-tegra/sleep-tegra30.S | 6 +-\n arch/arm/mach-tegra/sleep.S | 4 +-\n arch/arm/mm/alignment.c | 14 +-\n arch/arm/mm/extable.c | 2 +-\n arch/arm/mm/mmu.c | 3 +-\n arch/arm/nwfpe/entry.S | 2 +-\n arch/arm/plat-versatile/headsmp.S | 9 +-\n drivers/firmware/efi/libstub/arm32-stub.c | 47 ++-\n drivers/firmware/efi/libstub/arm64-stub.c | 2 +-\n drivers/firmware/efi/libstub/efi-stub-helper.c | 9 +\n drivers/firmware/efi/libstub/efistub.h | 4 +-\n drivers/firmware/efi/libstub/random.c | 11 +-\n include/asm-generic/vmlinux.lds.h | 2 +-\n include/linux/hidden.h | 20 +\n net/core/ptp_classifier.c | 7 +-\n scripts/module-common.lds | 1 +\n scripts/sortextable.c | 2 +-\n 49 files changed, 982 insertions(+), 350 deletions(-)\n create mode 100644 arch/arm/boot/compressed/kaslr.c\n create mode 100644 arch/arm/include/asm/extable.h\n create mode 100644 include/linux/hidden.h" }