lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 25 Sep 2020 20:33:59 +0530
From:   Pintu Agarwal <pintu.ping@...il.com>
To:     open list <linux-kernel@...r.kernel.org>,
        Kernelnewbies <kernelnewbies@...nelnewbies.org>,
        "moderated list:ARM/FREESCALE IMX / MXC ARM ARCHITECTURE" 
        <linux-arm-kernel@...ts.infradead.org>,
        Russell King - ARM Linux <linux@...linux.org.uk>,
        ard.biesheuvel@...aro.org, arnd@...db.de, nico@...aro.org,
        keescook@...omium.org, thgarnie@...gle.com, marc.zyngier@....com,
        Mark Rutland <mark.rutland@....com>, tony@...mide.com,
        matt@...eblueprint.co.uk, dave.martin@....com
Subject: KASLR support on ARM with Kernel 4.9 and 4.14

Hi All,

This is regarding the KASLR feature support on ARM for the kernel
version 4.9 and 4.14.

Is KASLR supported on ARM-32 Linux 4.9 and above ?
Is it dependent on CONFIG_RANDOMIZE_BASE or
/proc/sys/kernel/randomize_va_space ?
Is there any relation between these two?
Is the changing kernel symbols (in every boot), only possible if KASLR
is enabled, or there is another way it can happen?

I have these queries because,
In one of the arm-32 devices with Kernel 4.14, I observed that
CONFIG_RANDOMIZE_BASE is not available.
But /proc/sys/kernel/randomize_va_space is set to 2.
However, I also observed that symbol addresses are changing in every boot.

1st boot cycle:
[root ~]# cat /proc/kallsyms | grep "sys_open"
a5b4de92 T sys_open
[root@...15m ~]#

2nd boot cycle:
[root ~]# cat /proc/kallsyms | grep "sys_open"
f546ed66 T sys_open

So, I am wondering how this is possible without KASLR
(CONFIG_RANDOMIZE_BASE) support in Kernel ?

Similarly, with Kernel 4.9 and CONFIG_RANDOMIZE_BASE is not available
but /proc/sys/kernel/randomize_va_space is set to 2.
But here, the addresses are remaining same.

1st Run:
[root~]# cat /proc/kallsyms | grep "sys_open"
c01ed68c T sys_open
[root ~]#

*** reboot ***
[root ~]# cat /proc/kallsyms | grep "sys_open"
c01ed68c T sys_open


Is there any other difference between these two kernel versions with
respect to changing symbol addresses ?

Thanks,
Pintu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ