[kernel-hardening] Re: [PATCH v2] kaslr: allow kASLR to be default over Hibernation

[Pavel Machek <pavel@denx.de>]

Hi!

> > Now I notice that it is quite unclear if it actually changes
> > anything...
> 
> Okay, right. So, there are a few problems that this patch is solving,
> and maybe it needs to be broken up into separate patches, but it
> didn't seem like it to me at the time. Specifically:
> 
> 1) The x86 hibernation and KASLR code don't play well together currently.
> 
> "1" was worked around so that both could be built in, but only one
> would be active at a time. This lead to:

> 2) The general hibernation code contains kernel arguments that should
> only affect x86.
> 
> And we have the desire by folks to have KASLR enabled by default on
> x86, giving us:
> 
> 3) There is no build-time way on x86 to switch the preference of KASLR
> vs hibernation.
> 
> I think "2" should be solved for this release, since arm64 KASLR is
> landing, and mistakenly booting an arm64 system with "kaslr" on the
> command line will needlessly disable hibernation.

Yes, I have no problem with "2".

> 3 and 2 are a result of 1, and IIUC, you're saying you want to solve 1
> to make everything else go away? My only concern with that idea is
> that I don't (yet) have the knowledge of x86 hibernation internals to
> fix this, and it'll take a while to get to having KASLR on by default
> if we have to wait on me to fix hibernation. (I'm not saying I
> won't/can't, it's just that it'll take me time to come up to speed on
> it.)
> 
> That do you think?

I believe it is more important to get it right than to have a solution
right now. x86-64 should be best architecture to start...

I don't understand kaslr, but it looks to me like you need to store
the kaslr seed in the hibernation image, then use thet in
set_up_temporary_mappings(). It should not be that bad.

Best regards,
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html