[PATCH v2 00/29] implement KASLR for ARM

[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 01/29] net/core: work around section mismatch warning for ptp_classifier · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 02/29] asm-generic: add .data.rel.ro sections to __ro_after_init · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 02/29] asm-generic: add .data.rel.ro sections to __ro_after_init · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 02/29] asm-generic: add .data.rel.ro sections to __ro_after_init · Kees Cook <hidden> · 2017-09-04
[PATCH v2 03/29] ARM: assembler: introduce adr_l, ldr_l and str_l macros · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 03/29] ARM: assembler: introduce adr_l, ldr_l and str_l macros · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 04/29] ARM: head-common.S: use PC-relative insn sequence for __proc_info · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 04/29] ARM: head-common.S: use PC-relative insn sequence for __proc_info · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 05/29] ARM: head-common.S: use PC-relative insn sequence for idmap creation · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 05/29] ARM: head-common.S: use PC-relative insn sequence for idmap creation · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 06/29] ARM: head.S: use PC-relative insn sequence for secondary_data · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 06/29] ARM: head.S: use PC-relative insn sequence for secondary_data · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 07/29] ARM: kernel: use relative references for UP/SMP alternatives · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 07/29] ARM: kernel: use relative references for UP/SMP alternatives · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 08/29] ARM: head: use PC-relative insn sequence for __smp_alt · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 08/29] ARM: head: use PC-relative insn sequence for __smp_alt · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 08/29] ARM: head: use PC-relative insn sequence for __smp_alt · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 09/29] ARM: sleep.S: use PC-relative insn sequence for sleep_save_sp/mpidr_hash · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 09/29] ARM: sleep.S: use PC-relative insn sequence for sleep_save_sp/mpidr_hash · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 10/29] ARM: head.S: use PC-relative insn sequences for __fixup_pv_table · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 10/29] ARM: head.S: use PC-relative insn sequences for __fixup_pv_table · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 11/29] ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 11/29] ARM: head.S: use PC relative insn sequence to calculate PHYS_OFFSET · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 12/29] ARM: kvm: replace open coded VA->PA calculations with adr_l call · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 12/29] ARM: kvm: replace open coded VA->PA calculations with adr_l call · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 13/29] arm-soc: exynos: replace open coded VA->PA conversions · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 13/29] arm-soc: exynos: replace open coded VA->PA conversions · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 14/29] arm-soc: mvebu: replace open coded VA->PA conversion · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 14/29] arm-soc: mvebu: replace open coded VA->PA conversion · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 15/29] arm-soc: various: replace open coded VA->PA calculation of pen_release · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 15/29] arm-soc: various: replace open coded VA->PA calculation of pen_release · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 16/29] ARM: kernel: switch to relative exception tables · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 16/29] ARM: kernel: switch to relative exception tables · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 16/29] ARM: kernel: switch to relative exception tables · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 17/29] ARM: kernel: use relative phys-to-virt patch tables · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 17/29] ARM: kernel: use relative phys-to-virt patch tables · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 17/29] ARM: kernel: use relative phys-to-virt patch tables · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 18/29] arm-soc: tegra: make sleep asm code runtime relocatable · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 19/29] ARM: kernel: make vmlinux buildable as a PIE executable · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 19/29] ARM: kernel: make vmlinux buildable as a PIE executable · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 19/29] ARM: kernel: make vmlinux buildable as a PIE executable · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 20/29] ARM: kernel: use PC-relative symbol references in MMU switch code · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 20/29] ARM: kernel: use PC-relative symbol references in MMU switch code · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 20/29] ARM: kernel: use PC-relative symbol references in MMU switch code · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 21/29] ARM: kernel: use PC relative symbol references in suspend/resume code · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 21/29] ARM: kernel: use PC relative symbol references in suspend/resume code · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 21/29] ARM: kernel: use PC relative symbol references in suspend/resume code · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 22/29] ARM: mm: export default vmalloc base address · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 22/29] ARM: mm: export default vmalloc base address · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 23/29] ARM: kernel: refer to swapper_pg_dir via its symbol · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 23/29] ARM: kernel: refer to swapper_pg_dir via its symbol · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 23/29] ARM: kernel: refer to swapper_pg_dir via its symbol · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 24/29] ARM: kernel: implement randomization of the kernel load address · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 24/29] ARM: kernel: implement randomization of the kernel load address · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 24/29] ARM: kernel: implement randomization of the kernel load address · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 25/29] ARM: decompressor: explicitly map decompressor binary cacheable · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 25/29] ARM: decompressor: explicitly map decompressor binary cacheable · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 26/29] ARM: decompressor: add KASLR support · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 26/29] ARM: decompressor: add KASLR support · Nicolas Pitre <hidden> · 2017-09-04
[PATCH v2 26/29] ARM: decompressor: add KASLR support · Ard Biesheuvel <hidden> · 2017-09-04
[PATCH v2 27/29] efi/libstub: add 'max' parameter to efi_random_alloc() · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 28/29] efi/libstub: check for vmalloc= command line argument · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 29/29] efi/libstub: arm: implement KASLR · Ard Biesheuvel <hidden> · 2017-09-03
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-05
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-05
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-05
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-05
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-05
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-05
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · tony@atomide.com (Tony Lindgren) · 2017-09-06
[PATCH v2 00/29] implement KASLR for ARM · Ard Biesheuvel <hidden> · 2017-09-12

STALE3190d

Revisions (9)

2017-09-05 v2 [diff vs current]
2017-09-05 v2 [diff vs current]
2017-09-05 v2 current
2017-09-06 v2 [diff vs current]
2017-09-06 v2 [diff vs current]
2017-09-06 v2 [diff vs current]
2017-09-06 v2 [diff vs current]
2017-09-06 v2 [diff vs current]
2017-09-06 v2 [diff vs current]

From: tony@atomide.com (Tony Lindgren)
Date: 2017-09-05 21:27:42

* Ard Biesheuvel [off-list ref] [170905 12:43]:

Right. Well, I will try to reproduce with the BB white I have.

Yeah that should be reproducable, I got it to happen on BBB here
after about 5 boots.

Are you booting with an initrd?

Not on this one, on beagleboard xm I do.

quoted

Then loading modules with CONFIG_RANDOMIZE_BASE=y seems to fail with:

$ sudo modprobe rtc-twl
rtc_twl: disagrees about version of symbol module_layout
modprobe: ERROR: could not insert 'rtc_twl': Exec format error

Is this with CONFIG_MODVERSIONS enabled?

Yes, but disabling that did not seem to make any difference
based on just one test.

Yeah, well, it appears I missed a couple of details :-)

This should fix the module loading issues:

Yeah now modprobe works :) That's after manually applying
it as the tabs got munched in your patch somewhere, see below.

Regards,

Tony

quoted hunk ↗ jump to hunk

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 1a0304dd388d..bbefd5f32ec2 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig

@@ -1830,6 +1830,8 @@ config RANDOMIZE_BASE
  depends on MMU && AUTO_ZRELADDR
  depends on !XIP_KERNEL && !ZBOOT_ROM
  select RELOCATABLE
+ select ARM_MODULE_PLTS if MODULES
+ select MODULE_REL_CRCS if MODVERSIONS
  help
   Randomizes the virtual and physical address at which the kernel
   image is loaded, as a security feature that deters exploit attempts

diff --git a/arch/arm/include/asm/elf.h b/arch/arm/include/asm/elf.h
index f13ae153fb24..b56fc4dd27b6 100644
--- a/arch/arm/include/asm/elf.h
+++ b/arch/arm/include/asm/elf.h

@@ -50,6 +50,7 @@ typedef struct user_fp elf_fpregset_t;
 #define R_ARM_NONE 0
 #define R_ARM_PC24 1
 #define R_ARM_ABS32 2
+#define R_ARM_REL32 3
 #define R_ARM_CALL 28
 #define R_ARM_JUMP24 29
 #define R_ARM_TARGET1 38

diff --git a/arch/arm/kernel/module.c b/arch/arm/kernel/module.c
index 3ff571c2c71c..aa4d72837cd5 100644
--- a/arch/arm/kernel/module.c
+++ b/arch/arm/kernel/module.c

@@ -175,6 +175,10 @@
  *(u32 *)loc |= offset & 0x7fffffff;
  break;

+ case R_ARM_REL32:
+ *(u32 *)loc += sym->st_value - loc;
+ break;
+
  case R_ARM_MOVW_ABS_NC:
  case R_ARM_MOVT_ABS:
  offset = tmp = __mem_to_opcode_arm(*(u32 *)loc);

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help