lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 4 Nov 2015 10:44:55 +0100 (CET)
From:	Jiri Kosina <jikos@...nel.org>
To:	Zhou Chengming <zhouchengming1@...wei.com>
cc:	jpoimboe@...hat.com, sjenning@...hat.com, vojtech@...e.cz,
	live-patching@...r.kernel.org, linux-kernel@...r.kernel.org,
	guohanjun@...wei.com, huawei.libin@...wei.com, xiexiuqi@...wei.com,
	cbay@...aysdata.com
Subject: Re: [PATCH] livepatch: x86: bugfix about kASLR

On Wed, 4 Nov 2015, Zhou Chengming wrote:

> When enable KASLR, func->old_addr will be set to zero
> and livepatch will find the right old address.
> But for reloc, livepatch just verify it using reloc->val
> (old addr from user), so verify failed and report
> "kernel mismatch" error.
> 
> Reported-by: Cyril B. <cbay@...aysdata.com>
> Signed-off-by: Zhou Chengming <zhouchengming1@...wei.com>
> ---
>  kernel/livepatch/core.c |    7 ++++++-
>  1 files changed, 6 insertions(+), 1 deletions(-)
> 
> diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
> index 53196e2..c8885c6 100644
> --- a/kernel/livepatch/core.c
> +++ b/kernel/livepatch/core.c
> @@ -311,7 +311,12 @@ static int klp_write_object_relocations(struct module *pmod,
>  		return -EINVAL;
>  
>  	for (reloc = obj->relocs; reloc->name; reloc++) {
> -		if (!klp_is_module(obj)) {
> +
> +#if defined(CONFIG_RANDOMIZE_BASE)

CONFIG_RANDOMIZE_BASE being enabled by itself doesn't directly imply that 
kASLR has been actually really enabled during runtime. You need 
to check kaslr_enabled() as well.

> +		/* KASLR is enabled, disregard old_addr from user */
> +		reloc->val = 0;

Is there a reason why to discard it completely? Adding kaslr_offset() 
should give us the correct address, right?

Thanks,

-- 
Jiri Kosina
SUSE Labs

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ