{"id":809260,"url":"http://patchwork.ozlabs.org/api/1.0/covers/809260/?format=json","project":{"id":19,"url":"http://patchwork.ozlabs.org/api/1.0/projects/19/?format=json","name":"Linux IMX development","link_name":"linux-imx","list_id":"linux-imx-kernel.lists.patchwork.ozlabs.org","list_email":"linux-imx-kernel@lists.patchwork.ozlabs.org","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<20170903120757.14968-1-ard.biesheuvel@linaro.org>","date":"2017-09-03T12:07:28","name":"[v2,00/29] implement KASLR for ARM","submitter":{"id":26857,"url":"http://patchwork.ozlabs.org/api/1.0/people/26857/?format=json","name":"Ard Biesheuvel","email":"ard.biesheuvel@linaro.org"},"series":[{"id":1217,"url":"http://patchwork.ozlabs.org/api/1.0/series/1217/?format=json","date":"2017-09-03T12:07:28","name":"implement KASLR for ARM","version":2,"mbox":"http://patchwork.ozlabs.org/series/1217/mbox/"}],"headers":{"Return-Path":"<linux-arm-kernel-bounces+incoming-imx=patchwork.ozlabs.org@lists.infradead.org>","X-Original-To":"incoming-imx@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming-imx@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=lists.infradead.org\n\t(client-ip=65.50.211.133; helo=bombadil.infradead.org;\n\tenvelope-from=linux-arm-kernel-bounces+incoming-imx=patchwork.ozlabs.org@lists.infradead.org;\n\treceiver=<UNKNOWN>)","ozlabs.org; dkim=pass (2048-bit key;\n\tunprotected) header.d=lists.infradead.org\n\theader.i=@lists.infradead.org header.b=\"iuN/hSV6\"; \n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=linaro.org header.i=@linaro.org\n\theader.b=\"ZrC4w3UW\"; dkim-atps=neutral"],"Received":["from bombadil.infradead.org (bombadil.infradead.org\n\t[65.50.211.133])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xlWx15GWvz9s7v\n\tfor <incoming-imx@patchwork.ozlabs.org>;\n\tSun,  3 Sep 2017 22:09:09 +1000 (AEST)","from localhost ([127.0.0.1] helo=bombadil.infradead.org)\n\tby bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux))\n\tid 1doTi6-0001Tz-FA; Sun, 03 Sep 2017 12:09:06 +0000","from mail-wm0-x22b.google.com ([2a00:1450:400c:c09::22b])\n\tby bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux))\n\tid 1doThg-0001Qa-0j for linux-arm-kernel@lists.infradead.org;\n\tSun, 03 Sep 2017 12:08:42 +0000","by mail-wm0-x22b.google.com with SMTP id v2so21056718wmf.0\n\tfor <linux-arm-kernel@lists.infradead.org>;\n\tSun, 03 Sep 2017 05:08:18 -0700 (PDT)","from localhost.localdomain ([154.151.223.220])\n\tby smtp.gmail.com with ESMTPSA id\n\tb196sm4392664wmd.29.2017.09.03.05.08.13\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tSun, 03 Sep 2017 05:08:16 -0700 (PDT)"],"DKIM-Signature":["v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;\n\td=lists.infradead.org; s=bombadil.20170209; h=Sender:\n\tContent-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe:\n\tList-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Message-Id:Date:\n\tSubject:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:\n\tResent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:\n\tReferences:List-Owner; bh=bQHHlnhaH1wdwiZEjS9+D+XMigMU5tmbEBj5jcWof2o=;\n\tb=iuN\n\t/hSV6QznUp8tTIQbwQGUHvLON/WDNAd9Zr4mZdrwkvwctEL5Dni5vxSSlSD8TCjROft4LyHwUgW18\n\tCZWB/L0eCFOqrH5TAeiXjnW8x+9cxm2nUyMxWEdoA3RRemcmhA8CPexJKpyb/rGtYa8h4wXMnxtPU\n\tEWFj7WDbIsuZ5qWaYy4P1UWKfePSFCWDkdRael0g9Mj0+DzZbVxqqKgk2LKQkr1jI2s0I0NvtEIAi\n\tjLOax6I2mGxoVuHpxFmo7DgMG44kfz6uTwS9jycugI2V5Mv9FfQPyDaoeQPboHbLfY22u9v0VNybN\n\tjeo4hTl7nPqX4p34M/DjJAKlX13zAfw==;","v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;\n\th=from:to:cc:subject:date:message-id;\n\tbh=4S7BTuVmGD28K568q1rrDY1mInfllNkKN2a/FZpNC9E=;\n\tb=ZrC4w3UWL3OQPTT2HCTB51itX8G+AQCO7hVFHf6Xppo9uRUZcTpySa/Z1SVWg6gSyZ\n\t1G8EoVQoPJeGbsqOCcXqEBKtv5sDMA5tJhzxQ73FMYBQQXtJ4aAWyxQB1k3uuAZG8CFd\n\t8IkyFSou15oiqS/9HcSz1o6fhZWb4ph5PxjH0="],"X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:cc:subject:date:message-id;\n\tbh=4S7BTuVmGD28K568q1rrDY1mInfllNkKN2a/FZpNC9E=;\n\tb=FKRnpSYP3uvyvGC2vrbXsx1xzduZ65QMAA20HtioKGPUp5R/GUE0EZBhOmi0CXUOGq\n\tC/uCIyfUrsvB9b3DK75PuOdiSB58LQJefBgZgBE4tAfkTIsKjzSGgMem62oT4st2OPqb\n\ttWrGHjRp75jG1GOiw8AGIALQvmUFeRJlXvcw6VWB3nmhEujQfBWXMeSLUviGpKOtp8q2\n\tQDw2pOQ4crgNGtfjWCm/iyHPnF4YGFKS2vMArvkvw+QxqMjRVe/pb/KMO1GuMoKLyyzN\n\tBdap0Hzlv2Dqh8qmvT8I9hH8mf98uj0meW/dCwyYpom/ybe1WWtIKqtIyEX1QhKppNvQ\n\tjRdw==","X-Gm-Message-State":"AHPjjUgIikecivxHUPTepDq9dcqyoghQAKPySDG2Q/NfqSa9TCahHgmp\n\tBhE8Tn0clXmZPOOeL1/BOA==","X-Google-Smtp-Source":"ADKCNb61vJFmLK3LzOBU46Mtn9WIG0ycFNaDqFWQQ2xSof90sUbXdQz8PW3TBL5o1jcyxlWy+QbP0g==","X-Received":"by 10.28.149.142 with SMTP id x136mr1889874wmd.70.1504440497003; \n\tSun, 03 Sep 2017 05:08:17 -0700 (PDT)","From":"Ard Biesheuvel <ard.biesheuvel@linaro.org>","To":"linux-arm-kernel@lists.infradead.org, kernel-hardening@lists.openwall.com","Subject":"[PATCH v2 00/29] implement KASLR for ARM","Date":"Sun,  3 Sep 2017 13:07:28 +0100","Message-Id":"<20170903120757.14968-1-ard.biesheuvel@linaro.org>","X-Mailer":"git-send-email 2.11.0","X-CRM114-Version":"20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 ","X-CRM114-CacheID":"sfid-20170903_050840_392244_87B5991C ","X-CRM114-Status":"GOOD (  20.38  )","X-Spam-Score":"-2.7 (--)","X-Spam-Report":"SpamAssassin version 3.4.1 on bombadil.infradead.org summary:\n\tContent analysis details:   (-2.7 points)\n\tpts rule name              description\n\t---- ----------------------\n\t--------------------------------------------------\n\t-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,\n\tlow\n\ttrust [2a00:1450:400c:c09:0:0:0:22b listed in] [list.dnswl.org]\n\t-0.0 SPF_PASS               SPF: sender matches SPF record\n\t-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%\n\t[score: 0.0000]\n\t-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature\n\t0.1 DKIM_SIGNED            Message has a DKIM or DK signature,\n\tnot necessarily valid\n\t-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from\n\tauthor's domain","X-BeenThere":"linux-arm-kernel@lists.infradead.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Unsubscribe":"<http://lists.infradead.org/mailman/options/linux-arm-kernel>,\n\t<mailto:linux-arm-kernel-request@lists.infradead.org?subject=unsubscribe>","List-Archive":"<http://lists.infradead.org/pipermail/linux-arm-kernel/>","List-Post":"<mailto:linux-arm-kernel@lists.infradead.org>","List-Help":"<mailto:linux-arm-kernel-request@lists.infradead.org?subject=help>","List-Subscribe":"<http://lists.infradead.org/mailman/listinfo/linux-arm-kernel>,\n\t<mailto:linux-arm-kernel-request@lists.infradead.org?subject=subscribe>","Cc":"Mark Rutland <mark.rutland@arm.com>, Kees Cook <keescook@chromium.org>, \n\tArnd Bergmann <arnd@arndb.de>, Nicolas Pitre <nico@linaro.org>,\n\tMarc Zyngier <marc.zyngier@arm.com>,\n\tArd Biesheuvel <ard.biesheuvel@linaro.org>,\n\tRussell King <linux@armlinux.org.uk>, Dave Martin <dave.martin@arm.com>, \n\tTony Lindgren <tony@atomide.com>, Thomas Garnier <thgarnie@google.com>,\n\tMatt Fleming <matt@codeblueprint.co.uk>","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Sender":"\"linux-arm-kernel\" <linux-arm-kernel-bounces@lists.infradead.org>","Errors-To":"linux-arm-kernel-bounces+incoming-imx=patchwork.ozlabs.org@lists.infradead.org","List-Id":"linux-imx-kernel.lists.patchwork.ozlabs.org"},"content":"This series implements randomization of the placement of the core ARM kernel\ninside the lowmem region. It consists of the following parts:\n\n- changes that allow us to build vmlinux as a PIE executable which retains\n  the metadata required to fix up all absolute symbol references at runtime\n- changes that eliminate absolute references from low-level code that may\n  execute with the MMU off: this removes the need to perform explicit cache\n  maintenance after the absolute references have been fixed up at runtime with\n  the caches enabled\n- changes to the core kernel startup code to take the physical offset into\n  account when creating the virtual mapping (the pa-to-va mapping remains\n  unchanged)\n- changes to the decompressor to collect some pseudo-entropy, and randomize\n  the physical offset of the decompressed kernel, taking placement of DTB,\n  initrd and reserved regions into account\n- changes to the UEFI stub code to choose the KASLR offset and communicate\n  it to the decompressor\n\nTo test these changes, boot a multi_v7_defconfig+CONFIG_RANDOMIZE_BASE=y\nbuild and expect to see something like\n\n[    0.000000] Virtual kernel memory layout:\n[    0.000000]     vector  : 0xffff0000 - 0xffff1000   (   4 kB)\n[    0.000000]     fixmap  : 0xffc00000 - 0xfff00000   (3072 kB)\n[    0.000000]     vmalloc : 0xf0800000 - 0xff800000   ( 240 MB)\n[    0.000000]     lowmem  : 0xc0000000 - 0xf0000000   ( 768 MB)\n[    0.000000]     pkmap   : 0xbfe00000 - 0xc0000000   (   2 MB)\n[    0.000000]     modules : 0xbf800000 - 0xbfe00000   (   6 MB)\n[    0.000000]       .text : 0xd4208000 - 0xd4c00000   (10208 kB) <---- \n[    0.000000]       .init : 0xd5200000 - 0xd5600000   (4096 kB)  <----\n[    0.000000]       .data : 0xd5600000 - 0xd5776f28   (1500 kB)  <----\n[    0.000000]        .bss : 0xd57805e0 - 0xd57e60ac   ( 407 kB)  <----\n\nv2: - make adr_l/ldr_l/str_l macros work in .arm sections under Thumb2 builds,\n      and remove support for conditional execution, which is finicky when\n      building for Thumb2 with -mimplicit-it=always\n    - work around a section mismatch warning resulting from using the -fpic\n      switch\n    - drop bogus patch to reserve initrd memory in the UEFI stub\n    - add support to the decompressor to perform the randomization\n      autonomously; this also removes the need for the extended zImage\n      header, since the UEFI stub doesn't need it, and other bootloaders\n      no longer have to do anything to enable KASLR.\n    - avoid macros in ALT_SMP() calls (#9)\n\nCc: Arnd Bergmann <arnd@arndb.de>\nCc: Nicolas Pitre <nico@linaro.org>\nCc: Russell King <linux@armlinux.org.uk>\nCc: Kees Cook <keescook@chromium.org>\nCc: Thomas Garnier <thgarnie@google.com>\nCc: Marc Zyngier <marc.zyngier@arm.com>\nCc: Mark Rutland <mark.rutland@arm.com>\nCc: Tony Lindgren <tony@atomide.com>\nCc: Matt Fleming <matt@codeblueprint.co.uk>\nCc: Dave Martin <dave.martin@arm.com>\n\nArd Biesheuvel (29):\n  net/core: work around section mismatch warning for ptp_classifier\n  asm-generic: add .data.rel.ro sections to __ro_after_init\n  ARM: assembler: introduce adr_l, ldr_l and str_l macros\n  ARM: head-common.S: use PC-relative insn sequence for __proc_info\n  ARM: head-common.S: use PC-relative insn sequence for idmap creation\n  ARM: head.S: use PC-relative insn sequence for secondary_data\n  ARM: kernel: use relative references for UP/SMP alternatives\n  ARM: head: use PC-relative insn sequence for __smp_alt\n  ARM: sleep.S: use PC-relative insn sequence for\n    sleep_save_sp/mpidr_hash\n  ARM: head.S: use PC-relative insn sequences for __fixup_pv_table\n  ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET\n  ARM: kvm: replace open coded VA->PA calculations with adr_l call\n  arm-soc: exynos: replace open coded VA->PA conversions\n  arm-soc: mvebu: replace open coded VA->PA conversion\n  arm-soc: various: replace open coded VA->PA calculation of pen_release\n  ARM: kernel: switch to relative exception tables\n  ARM: kernel: use relative phys-to-virt patch tables\n  arm-soc: tegra: make sleep asm code runtime relocatable\n  ARM: kernel: make vmlinux buildable as a PIE executable\n  ARM: kernel: use PC-relative symbol references in MMU switch code\n  ARM: kernel: use PC relative symbol references in suspend/resume code\n  ARM: mm: export default vmalloc base address\n  ARM: kernel: refer to swapper_pg_dir via its symbol\n  ARM: kernel: implement randomization of the kernel load address\n  ARM: decompressor: explicitly map decompressor binary cacheable\n  ARM: decompressor: add KASLR support\n  efi/libstub: add 'max' parameter to efi_random_alloc()\n  efi/libstub: check for vmalloc= command line argument\n  efi/libstub: arm: implement KASLR\n\n arch/arm/Kconfig                               |  19 +\n arch/arm/Makefile                              |   5 +\n arch/arm/boot/compressed/Makefile              |   8 +-\n arch/arm/boot/compressed/head.S                | 125 ++++--\n arch/arm/boot/compressed/kaslr.c               | 398 ++++++++++++++++++++\n arch/arm/include/asm/Kbuild                    |   1 -\n arch/arm/include/asm/assembler.h               |  86 ++++-\n arch/arm/include/asm/extable.h                 |  19 +\n arch/arm/include/asm/futex.h                   |   2 +-\n arch/arm/include/asm/memory.h                  |   6 +-\n arch/arm/include/asm/pgtable.h                 |   1 +\n arch/arm/include/asm/processor.h               |   2 +-\n arch/arm/include/asm/uaccess.h                 |   8 +-\n arch/arm/include/asm/word-at-a-time.h          |   2 +-\n arch/arm/kernel/entry-armv.S                   |   6 +-\n arch/arm/kernel/head-common.S                  |  61 ++-\n arch/arm/kernel/head.S                         | 217 ++++++-----\n arch/arm/kernel/hyp-stub.S                     |  33 +-\n arch/arm/kernel/sleep.S                        |  28 +-\n arch/arm/kernel/swp_emulate.c                  |   4 +-\n arch/arm/kernel/vmlinux.lds.S                  |   9 +\n arch/arm/kvm/init.S                            |   8 +-\n arch/arm/lib/backtrace.S                       |   8 +-\n arch/arm/lib/getuser.S                         |  22 +-\n arch/arm/lib/putuser.S                         |  12 +-\n arch/arm/mach-exynos/headsmp.S                 |   9 +-\n arch/arm/mach-exynos/sleep.S                   |  26 +-\n arch/arm/mach-mvebu/coherency_ll.S             |   8 +-\n arch/arm/mach-prima2/headsmp.S                 |  11 +-\n arch/arm/mach-spear/headsmp.S                  |  11 +-\n arch/arm/mach-sti/headsmp.S                    |  10 +-\n arch/arm/mach-tegra/sleep-tegra20.S            |  22 +-\n arch/arm/mach-tegra/sleep-tegra30.S            |   6 +-\n arch/arm/mach-tegra/sleep.S                    |   4 +-\n arch/arm/mm/alignment.c                        |  14 +-\n arch/arm/mm/extable.c                          |   2 +-\n arch/arm/mm/mmu.c                              |   3 +-\n arch/arm/nwfpe/entry.S                         |   2 +-\n arch/arm/plat-versatile/headsmp.S              |   9 +-\n drivers/firmware/efi/libstub/arm32-stub.c      |  47 ++-\n drivers/firmware/efi/libstub/arm64-stub.c      |   2 +-\n drivers/firmware/efi/libstub/efi-stub-helper.c |   9 +\n drivers/firmware/efi/libstub/efistub.h         |   4 +-\n drivers/firmware/efi/libstub/random.c          |  11 +-\n include/asm-generic/vmlinux.lds.h              |   2 +-\n include/linux/hidden.h                         |  20 +\n net/core/ptp_classifier.c                      |   7 +-\n scripts/module-common.lds                      |   1 +\n scripts/sortextable.c                          |   2 +-\n 49 files changed, 982 insertions(+), 350 deletions(-)\n create mode 100644 arch/arm/boot/compressed/kaslr.c\n create mode 100644 arch/arm/include/asm/extable.h\n create mode 100644 include/linux/hidden.h"}