Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32

[PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 03/12] powerpc: introduce kernstart_virt_addr to store the kernel base · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 02/12] powerpc: move memstart_addr and kernstart_addr to init-common.c · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 07/12] powerpc/fsl_booke/32: randomize the kernel image offset · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 10/12] powerpc/fsl_booke/kaslr: dump out kernel offset information on panic · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 12/12] powerpc/fsl_booke/32: Document KASLR implementation · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 04/12] powerpc/fsl_booke/32: introduce create_tlb_entry() helper · Jason Yan <yanaijie@huawei.com> · 2019-08-09
Re: [PATCH v6 04/12] powerpc/fsl_booke/32: introduce create_tlb_entry() helper · Scott Wood <oss@buserror.net> · 2019-08-27
Re: [PATCH v6 04/12] powerpc/fsl_booke/32: introduce create_tlb_entry() helper · Jason Yan <yanaijie@huawei.com> · 2019-08-28
[PATCH v6 08/12] powerpc/fsl_booke/kaslr: clear the original kernel if randomized · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 09/12] powerpc/fsl_booke/kaslr: support nokaslr cmdline parameter · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 05/12] powerpc/fsl_booke/32: introduce reloc_kernel_entry() helper · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 06/12] powerpc/fsl_booke/32: implement KASLR infrastructure · Jason Yan <yanaijie@huawei.com> · 2019-08-09
Re: [PATCH v6 06/12] powerpc/fsl_booke/32: implement KASLR infrastructure · Scott Wood <oss@buserror.net> · 2019-08-28
Re: [PATCH v6 06/12] powerpc/fsl_booke/32: implement KASLR infrastructure · Christophe Leroy <hidden> · 2019-08-28
Re: [PATCH v6 06/12] powerpc/fsl_booke/32: implement KASLR infrastructure · Jason Yan <yanaijie@huawei.com> · 2019-08-29
Re: [PATCH v6 06/12] powerpc/fsl_booke/32: implement KASLR infrastructure · Jason Yan <yanaijie@huawei.com> · 2019-08-28
Re: [PATCH v6 06/12] powerpc/fsl_booke/32: implement KASLR infrastructure · Scott Wood <oss@buserror.net> · 2019-08-28
[PATCH v6 01/12] powerpc: unify definition of M_IF_NEEDED · Jason Yan <yanaijie@huawei.com> · 2019-08-09
[PATCH v6 11/12] powerpc/fsl_booke/kaslr: export offset in VMCOREINFO ELF notes · Jason Yan <yanaijie@huawei.com> · 2019-08-09
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Jason Yan <yanaijie@huawei.com> · 2019-08-19
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Jason Yan <yanaijie@huawei.com> · 2019-08-27
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Michael Ellerman <mpe@ellerman.id.au> · 2019-08-27
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Scott Wood <oss@buserror.net> · 2019-08-28
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Michael Ellerman <mpe@ellerman.id.au> · 2019-08-28
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Scott Wood <oss@buserror.net> · 2019-08-28
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Scott Wood <oss@buserror.net> · 2019-08-28
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Jason Yan <yanaijie@huawei.com> · 2019-08-29
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Jason Yan <yanaijie@huawei.com> · 2019-08-29
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Jason Yan <yanaijie@huawei.com> · 2019-09-10
Re: [PATCH v6 00/12] implement KASLR for powerpc/fsl_booke/32 · Scott Wood <oss@buserror.net> · 2019-09-14

From: Scott Wood <oss@buserror.net>
Date: 2019-09-14 14:35:48
Also in: lkml

On Tue, 2019-09-10 at 13:34 +0800, Jason Yan wrote:

Hi Scott,

On 2019/8/28 12:05, Scott Wood wrote:

quoted

On Fri, 2019-08-09 at 18:07 +0800, Jason Yan wrote:

quoted

This series implements KASLR for powerpc/fsl_booke/32, as a security
feature that deters exploit attempts relying on knowledge of the
location
of kernel internals.

Since CONFIG_RELOCATABLE has already supported, what we need to do is
map or copy kernel to a proper place and relocate.

Have you tested this with a kernel that was loaded at a non-zero
address?  I
tried loading a kernel at 0x04000000 (by changing the address in the
uImage,
and setting bootm_low to 04000000 in U-Boot), and it works without
CONFIG_RANDOMIZE and fails with.

How did you change the load address of the uImage, by changing the
kernel config CONFIG_PHYSICAL_START or the "-a/-e" parameter of mkimage?
I tried both, but it did not work with or without CONFIG_RANDOMIZE.

With mkimage.  Did you set bootm_low in U-Boot as described above?  Was
CONFIG_RELOCATABLE set in the non-CONFIG_RANDOMIZE kernel?

-Scott

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help