lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sat, 6 Dec 2014 13:01:40 +0800
From:	Baoquan He <bhe@...hat.com>
To:	MegaBrutal <megabrutal@...il.com>
Cc:	Kees Cook <keescook@...omium.org>,
	Linux kernel <linux-kernel@...r.kernel.org>,
	"x86@...nel.org" <x86@...nel.org>,
	"H. Peter Anvin" <hpa@...ux.intel.com>
Subject: Re: PROBLEM: [Launchpad #1396889] [Lenovo ThinkPad T400] kexec
 reboot fails

On 12/06/14 at 04:10am, MegaBrutal wrote:
> 2014-12-01 23:59 GMT+01:00 Kees Cook <keescook@...omium.org>:
> >
> > I suspect you're encountering a subset of the same problems as
> > described in this thread:
> > https://lkml.org/lkml/2014/9/30/90
> >
> > If you can test those patches, that may help demonstrate their utility.
> >
> > Thanks!
> 
> Bang ji le! It works with the patch you linked, xiexie!
> I suggest it to be merged into mainline.
> 
> Anyway, is there a way to get sure that KASLR actually works now?
> (I.e. how do I know if the kernel is really loaded to a random
> address?)

I usually check the elf header of /proc/kcore which represents the
physical memory of the system and is stored in the ELF core file format.
Without kaslr, the kernel text mapping should be in virtual addr
0xffffffff81000000. With kaslr enabled, the addr would be anywhere
between 0xffffffff80000000 and 0xffffffffc0000000.

> Do you have any idea what might be different with my ThinkPad T400
> that it is the only one of my machines affected?

That's weird. I suggest you check the config file for that running
kernel in your ThinkPad T400. If you have below config, that means your
kernel support kaslr and enable it by default, unless you specify
nokaslr in cmdline to disalbe it.
CONFIG_RANDOMIZE_BASE=y
CONFIG_RANDOMIZE_BASE_MAX_OFFSET=0x40000000 

Different kind of machines should not affect this.

Thanks
Baoquan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ