From: Kees Cook <keescook@chromium.org>
To: Kristen Carlson Accardi <kristen@linux.intel.com>
Cc: Joe Lawrence <joe.lawrence@redhat.com>,
tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
arjan@linux.intel.com, x86@kernel.org,
linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com, rick.p.edgecombe@intel.com,
live-patching@vger.kernel.org
Subject: Re: [PATCH v4 00/10] Function Granular KASLR
Date: Fri, 7 Aug 2020 10:20:53 -0700 [thread overview]
Message-ID: <202008071019.BF206AE8BD@keescook> (raw)
In-Reply-To: <f8963aab93243bc046791dba6af5d006e15c91ff.camel@linux.intel.com>
On Fri, Aug 07, 2020 at 09:38:11AM -0700, Kristen Carlson Accardi wrote:
> Thanks for testing. Yes, Josh and I have been discussing the orc_unwind
> issues. I've root caused one issue already, in that objtool places an
> orc_unwind_ip address just outside the section, so my algorithm fails
> to relocate this address. There are other issues as well that I still
> haven't root caused. I'll be addressing this in v5 and plan to have
> something that passes livepatch testing with that version.
FWIW, I'm okay with seeing fgkaslr be developed progressively. Getting
it working with !livepatching would be fine as a first step. There's
value in getting the general behavior landed, and then continuing to
improve it.
--
Kees Cook
next prev parent reply other threads:[~2020-08-07 17:21 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-17 16:59 [PATCH v4 00/10] Function Granular KASLR Kristen Carlson Accardi
2020-07-17 16:59 ` [PATCH v4 01/10] objtool: Do not assume order of parent/child functions Kristen Carlson Accardi
2020-07-17 16:59 ` [PATCH v4 02/10] x86: tools/relocs: Support >64K section headers Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 03/10] x86/boot: Allow a "silent" kaslr random byte fetch Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 04/10] x86: Makefile: Add build and config option for CONFIG_FG_KASLR Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 05/10] x86: Make sure _etext includes function sections Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 06/10] x86/tools: Add relative relocs for randomized functions Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 07/10] x86/boot/compressed: Avoid duplicate malloc() implementations Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 08/10] x86: Add support for function granular KASLR Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 09/10] kallsyms: Hide layout Kristen Carlson Accardi
2020-07-20 1:25 ` Kees Cook
2020-07-20 16:59 ` Kristen Carlson Accardi
2020-07-17 17:00 ` [PATCH v4 10/10] module: Reorder functions Kristen Carlson Accardi
2020-07-28 17:29 ` Jessica Yu
2020-07-22 9:27 ` [PATCH v4 00/10] Function Granular KASLR Miroslav Benes
2020-07-22 14:39 ` Kees Cook
2020-07-22 14:51 ` Joe Lawrence
2020-07-22 14:56 ` Joe Lawrence
2020-07-22 18:24 ` Kristen Carlson Accardi
2020-07-22 16:07 ` Josh Poimboeuf
2020-07-22 19:42 ` Kees Cook
2020-07-22 19:56 ` Kristen Carlson Accardi
2020-07-22 21:33 ` Josh Poimboeuf
2020-08-21 23:02 ` Kristen Carlson Accardi
2020-08-25 16:16 ` Joe Lawrence
2020-08-28 10:21 ` Miroslav Benes
2020-08-28 19:24 ` Josh Poimboeuf
2021-01-23 22:59 ` Fangrui Song
2021-01-25 17:21 ` Josh Poimboeuf
2020-08-03 11:39 ` Evgenii Shatokhin
2020-08-03 17:45 ` Kees Cook
2020-08-03 18:17 ` Joe Lawrence
2020-08-03 19:38 ` Frank Ch. Eigler
2020-08-03 20:11 ` Kees Cook
2020-08-03 21:12 ` Frank Ch. Eigler
2020-08-03 21:41 ` Kees Cook
2020-08-04 0:48 ` Frank Ch. Eigler
2020-08-04 17:04 ` Jessica Yu
2020-08-04 18:23 ` Joe Lawrence
2020-08-07 16:38 ` Kristen Carlson Accardi
2020-08-07 17:20 ` Kees Cook [this message]
2020-08-10 16:10 ` Kristen Carlson Accardi
2020-08-12 17:18 ` Kristen Carlson Accardi
2020-08-06 15:32 ` Ingo Molnar
2020-08-06 19:24 ` Kristen Carlson Accardi
2020-08-06 19:27 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202008071019.BF206AE8BD@keescook \
--to=keescook@chromium.org \
--cc=arjan@linux.intel.com \
--cc=bp@alien8.de \
--cc=joe.lawrence@redhat.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=kristen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=live-patching@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.