Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64

[PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-06
[PATCH v3 2/6] powerpc/fsl_booke/64: introduce reloc_kernel_entry() helper · Jason Yan <yanaijie@huawei.com> · 2020-02-06
Re: [PATCH v3 2/6] powerpc/fsl_booke/64: introduce reloc_kernel_entry() helper · Christophe Leroy <hidden> · 2020-02-20
[PATCH v3 4/6] powerpc/fsl_booke/64: do not clear the BSS for the second pass · Jason Yan <yanaijie@huawei.com> · 2020-02-06
Re: [PATCH v3 4/6] powerpc/fsl_booke/64: do not clear the BSS for the second pass · Scott Wood <oss@buserror.net> · 2020-03-04
Re: [PATCH v3 4/6] powerpc/fsl_booke/64: do not clear the BSS for the second pass · Jason Yan <yanaijie@huawei.com> · 2020-03-05
[PATCH v3 1/6] powerpc/fsl_booke/kaslr: refactor kaslr_legal_offset() and kaslr_early_init() · Jason Yan <yanaijie@huawei.com> · 2020-02-06
Re: [PATCH v3 1/6] powerpc/fsl_booke/kaslr: refactor kaslr_legal_offset() and kaslr_early_init() · Christophe Leroy <hidden> · 2020-02-20
Re: [PATCH v3 1/6] powerpc/fsl_booke/kaslr: refactor kaslr_legal_offset() and kaslr_early_init() · Jason Yan <yanaijie@huawei.com> · 2020-02-26
[PATCH v3 5/6] powerpc/fsl_booke/64: clear the original kernel if randomized · Jason Yan <yanaijie@huawei.com> · 2020-02-06
Re: [PATCH v3 5/6] powerpc/fsl_booke/64: clear the original kernel if randomized · Christophe Leroy <hidden> · 2020-02-20
Re: [PATCH v3 5/6] powerpc/fsl_booke/64: clear the original kernel if randomized · Jason Yan <yanaijie@huawei.com> · 2020-02-26
Re: [PATCH v3 5/6] powerpc/fsl_booke/64: clear the original kernel if randomized · Scott Wood <oss@buserror.net> · 2020-03-04
Re: [PATCH v3 5/6] powerpc/fsl_booke/64: clear the original kernel if randomized · Jason Yan <yanaijie@huawei.com> · 2020-03-05
[PATCH v3 6/6] powerpc/fsl_booke/kaslr: rename kaslr-booke32.rst to kaslr-booke.rst and add 64bit part · Jason Yan <yanaijie@huawei.com> · 2020-02-06
Re: [PATCH v3 6/6] powerpc/fsl_booke/kaslr: rename kaslr-booke32.rst to kaslr-booke.rst and add 64bit part · Christophe Leroy <hidden> · 2020-02-20
Re: [PATCH v3 6/6] powerpc/fsl_booke/kaslr: rename kaslr-booke32.rst to kaslr-booke.rst and add 64bit part · Jason Yan <yanaijie@huawei.com> · 2020-02-26
[PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Jason Yan <yanaijie@huawei.com> · 2020-02-06
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Christophe Leroy <hidden> · 2020-02-20
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Jason Yan <yanaijie@huawei.com> · 2020-02-26
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Jason Yan <yanaijie@huawei.com> · 2020-02-26
[RFC PATCH] Use IS_ENABLED() instead of #ifdefs · Christophe Leroy <hidden> · 2020-02-26
Re: [RFC PATCH] Use IS_ENABLED() instead of #ifdefs · Jason Yan <yanaijie@huawei.com> · 2020-02-26
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Christophe Leroy <hidden> · 2020-02-26
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Christophe Leroy <hidden> · 2020-02-26
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Scott Wood <oss@buserror.net> · 2020-03-04
Re: [PATCH v3 3/6] powerpc/fsl_booke/64: implement KASLR for fsl_booke64 · Jason Yan <yanaijie@huawei.com> · 2020-03-05
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-13
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-20
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Daniel Axtens <hidden> · 2020-02-26
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-26
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Daniel Axtens <hidden> · 2020-02-26
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-27
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Scott Wood <oss@buserror.net> · 2020-02-28
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-28
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Scott Wood <oss@buserror.net> · 2020-02-29
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-02-29
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Scott Wood <oss@buserror.net> · 2020-02-29
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-03-02
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Scott Wood <oss@buserror.net> · 2020-03-02
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-03-02
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Scott Wood <oss@buserror.net> · 2020-03-02
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-03-02
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Scott Wood <oss@buserror.net> · 2020-03-04
Re: [PATCH v3 0/6] implement KASLR for powerpc/fsl_booke/64 · Jason Yan <yanaijie@huawei.com> · 2020-03-05

From: Scott Wood <oss@buserror.net>
Date: 2020-03-04 21:26:09
Also in: lkml

On Wed, 2020-02-26 at 18:16 +1100, Daniel Axtens wrote:

Hi Jason,

quoted

This is a try to implement KASLR for Freescale BookE64 which is based on
my earlier implementation for Freescale BookE32:
https://patchwork.ozlabs.org/project/linuxppc-dev/list/?series=131718

The implementation for Freescale BookE64 is similar as BookE32. One
difference is that Freescale BookE64 set up a TLB mapping of 1G during
booting. Another difference is that ppc64 needs the kernel to be
64K-aligned. So we can randomize the kernel in this 1G mapping and make
it 64K-aligned. This can save some code to creat another TLB map at
early boot. The disadvantage is that we only have about 1G/64K = 16384
slots to put the kernel in.

    KERNELBASE

          64K                     |--> kernel <--|
           |                      |              |
        +--+--+--+    +--+--+--+--+--+--+--+--+--+    +--+--+
        |  |  |  |....|  |  |  |  |  |  |  |  |  |....|  |  |
        +--+--+--+    +--+--+--+--+--+--+--+--+--+    +--+--+
        |                         |                        1G
        |----->   offset    <-----|

                              kernstart_virt_addr

I'm not sure if the slot numbers is enough or the design has any
defects. If you have some better ideas, I would be happy to hear that.

Thank you all.

Are you making any attempt to hide kernel address leaks in this series?
I've just been looking at the stackdump code just now, and it directly
prints link registers and stack pointers, which is probably enough to
determine the kernel base address:

                  SPs:               LRs:             %pS pointer
[    0.424506] [c0000000de403970] [c000000001fc0458] dump_stack+0xfc/0x154
(unreliable)
[    0.424593] [c0000000de4039c0] [c000000000267eec] panic+0x258/0x5ac
[    0.424659] [c0000000de403a60] [c0000000024d7a00]
mount_block_root+0x634/0x7c0
[    0.424734] [c0000000de403be0] [c0000000024d8100]
prepare_namespace+0x1ec/0x23c
[    0.424811] [c0000000de403c60] [c0000000024d7010]
kernel_init_freeable+0x804/0x880

git grep \\\"REG\\\" arch/powerpc shows a few other uses like this, all
in process.c or in xmon.

Maybe replacing the REG format string in KASLR mode would be sufficient?

Whatever we decide to do here, it's not book3e-specific so it should be
considered separately from these patches.

-Scott

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help