lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CABCJKucj78p4TBtXYmMdJ=vYK69XC=XU06uB+_fyfZLRnC4h0A@mail.gmail.com>
Date:   Wed, 30 Aug 2023 14:30:31 -0700
From:   Sami Tolvanen <samitolvanen@...gle.com>
To:     Alexandre Ghiti <alexghiti@...osinc.com>,
        Conor Dooley <conor.dooley@...rochip.com>
Cc:     Paul Walmsley <paul.walmsley@...ive.com>,
        Palmer Dabbelt <palmer@...belt.com>,
        Albert Ou <aou@...s.berkeley.edu>,
        Ard Biesheuvel <ardb@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-efi@...r.kernel.org, linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH v6 0/5] riscv: Introduce KASLR

Hi Alexandre,

On Sat, Jul 22, 2023 at 5:39 AM Alexandre Ghiti <alexghiti@...osinc.com> wrote:
>
> The following KASLR implementation allows to randomize the kernel mapping:
>
> - virtually: we expect the bootloader to provide a seed in the device-tree
> - physically: only implemented in the EFI stub, it relies on the firmware to
>   provide a seed using EFI_RNG_PROTOCOL. arm64 has a similar implementation
>   hence the patch 3 factorizes KASLR related functions for riscv to take
>   advantage.
>
> The new virtual kernel location is limited by the early page table that only
> has one PUD and with the PMD alignment constraint, the kernel can only take
> < 512 positions.
>
> base-commit-tag: v6.5-rc1

Thanks for continuing to work on this!

I reviewed the patches and the code looks correct to me. I also
applied the series on top of v6.5 and after patching qemu to provide a
kaslr-seed, I confirmed that the virtual offset appears to be random
and is printed out when I panic the machine:

# echo PANIC > /sys/kernel/debug/provoke-crash/DIRECT
[   17.510012] lkdtm: Performing direct entry PANIC
[   17.510411] Kernel panic - not syncing: dumptest
[...]
[   17.518693] Kernel Offset: 0x32c00000 from 0xffffffff80000000

For the series:
Reviewed-by: Sami Tolvanen <samitolvanen@...gle.com>

I didn't test the EFI bits, but the rest of the series:
Tested-by: Sami Tolvanen <samitolvanen@...gle.com>

Conor, in another reply you mentioned you're planning on reviewing the
patches as well. Did you have any feedback or concerns?

Sami

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ