lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BLU436-SMTP19561B9C8F2DEFC42D6F55E94E90@phx.gbl>
Date:	Mon, 27 Apr 2015 22:41:18 +0800
From:	Minfei Huang <minfei.huang@...mail.com>
To:	Jiri Kosina <jkosina@...e.cz>
CC:	x86@...nel.org, Borislav Petkov <bp@...en8.de>,
	Kees Cook <keescook@...omium.org>,
	Josh Poimboeuf <jpoimboe@...hat.com>,
	Seth Jennings <sjenning@...hat.com>,
	Vojtech Pavlik <vojtech@...e.cz>, linux-kernel@...r.kernel.org,
	live-patching@...r.kernel.org
Subject: Re: [PATCH 2/2] livepatch: x86: make kASLR logic more accurate

On 04/27/15 at 04:28P, Jiri Kosina wrote:
> We give up old_addr hint from the coming patch module in cases when kernel 
> load base has been randomized (as in such case, the coming module has no 
> idea about the exact randomization offset).
> 
> We are currently too pessimistic, and give up immediately as soon as 
> CONFIG_RANDOMIZE_BASE is set; this doesn't however directly imply that the 
> load base has actually been randomized. There are config options that 
> disable kASLR (such as hibernation), user could have disabled kaslr on 
> kernel command-line, etc.
> 
> The loader propagates the information whether kernel has been randomized 
> through bootparams. This allows us to have the condition more accurate.
> 
> On top of that, it seems unnecessary to give up old_addr hints even if 
> randomization is active. The relocation offset can be computed using 
> kaslr_ofsset(), and therefore old_addr can be adjusted accordingly.
> 
> Signed-off-by: Jiri Kosina <jkosina@...e.cz>
> ---
>  arch/x86/include/asm/livepatch.h | 1 +
>  kernel/livepatch/core.c          | 5 +++--
>  2 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/include/asm/livepatch.h b/arch/x86/include/asm/livepatch.h
> index 2d29197..19c099a 100644
> --- a/arch/x86/include/asm/livepatch.h
> +++ b/arch/x86/include/asm/livepatch.h
> @@ -21,6 +21,7 @@
>  #ifndef _ASM_X86_LIVEPATCH_H
>  #define _ASM_X86_LIVEPATCH_H
>  
> +#include <asm/setup.h>
>  #include <linux/module.h>
>  #include <linux/ftrace.h>
>  
> diff --git a/kernel/livepatch/core.c b/kernel/livepatch/core.c
> index 284e269..0e7c23c 100644
> --- a/kernel/livepatch/core.c
> +++ b/kernel/livepatch/core.c
> @@ -234,8 +234,9 @@ static int klp_find_verify_func_addr(struct klp_object *obj,
>  	int ret;
>  
>  #if defined(CONFIG_RANDOMIZE_BASE)
> -	/* KASLR is enabled, disregard old_addr from user */
> -	func->old_addr = 0;
> +	/* If KASLR has been enabled, adjust old_addr accordingly */
> +	if (kaslr_enabled() && func->old_addr)
> +		func->old_addr += kaslr_offset();

Hi.

Remove the judgement "CONFIG_RANDOMIZE_BASE" is fine. if kaslr is
disabled, the offset will be 0.

Found that kaslr_enabled is only exist for x86. Maybe you can define a
weak function klp_adjustment_function_addr in general. Then each arch
can overwrite the function to implemente it specially.

Thanks
Minfei

>  #endif
>  
>  	if (!func->old_addr || klp_is_module(obj))
> -- 
> Jiri Kosina
> SUSE Labs
> --
> To unsubscribe from this list: send the line "unsubscribe live-patching" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ