From: tip-bot for Kees Cook <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: dvlasenk@redhat.com, yinghai@kernel.org,
akpm@linux-foundation.org, tglx@linutronix.de,
peterz@infradead.org, bp@suse.de, keescook@chromium.org,
torvalds@linux-foundation.org, dyoung@redhat.com,
vgoyal@redhat.com, bp@alien8.de, hpa@zytor.com, luto@kernel.org,
mingo@kernel.org, bhe@redhat.com, luto@amacapital.net,
brgerst@gmail.com, linux-kernel@vger.kernel.org
Subject: [tip:x86/boot] x86/KASLR: Clarify purpose of each get_random_long()
Date: Tue, 10 May 2016 01:42:48 -0700 [thread overview]
Message-ID: <tip-d2d3462f9f08da364c8fbd41e8e32229d610d49d@git.kernel.org> (raw)
In-Reply-To: <1462825332-10505-7-git-send-email-keescook@chromium.org>
Commit-ID: d2d3462f9f08da364c8fbd41e8e32229d610d49d
Gitweb: http://git.kernel.org/tip/d2d3462f9f08da364c8fbd41e8e32229d610d49d
Author: Kees Cook <keescook@chromium.org>
AuthorDate: Mon, 9 May 2016 13:22:09 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Tue, 10 May 2016 10:12:08 +0200
x86/KASLR: Clarify purpose of each get_random_long()
KASLR will be calling get_random_long() twice, but the debug output
won't distinguishing between them. This patch adds a report on when it
is fetching the physical vs virtual address. With this, once the virtual
offset is separate, the report changes from:
KASLR using RDTSC...
KASLR using RDTSC...
into:
Physical KASLR using RDTSC...
Virtual KASLR using RDTSC...
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Baoquan He <bhe@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vivek Goyal <vgoyal@redhat.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: lasse.collin@tukaani.org
Link: http://lkml.kernel.org/r/1462825332-10505-7-git-send-email-keescook@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/boot/compressed/kaslr.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
index 016a4f4..cfeb025 100644
--- a/arch/x86/boot/compressed/kaslr.c
+++ b/arch/x86/boot/compressed/kaslr.c
@@ -72,7 +72,7 @@ static unsigned long get_random_boot(void)
return hash;
}
-static unsigned long get_random_long(void)
+static unsigned long get_random_long(const char *purpose)
{
#ifdef CONFIG_X86_64
const unsigned long mix_const = 0x5d6008cbf3848dd3UL;
@@ -82,7 +82,8 @@ static unsigned long get_random_long(void)
unsigned long raw, random = get_random_boot();
bool use_i8254 = true;
- debug_putstr("KASLR using");
+ debug_putstr(purpose);
+ debug_putstr(" KASLR using");
if (has_cpuflag(X86_FEATURE_RDRAND)) {
debug_putstr(" RDRAND");
@@ -365,7 +366,7 @@ static unsigned long slots_fetch_random(void)
if (slot_max == 0)
return 0;
- return slots[get_random_long() % slot_max];
+ return slots[get_random_long("Physical") % slot_max];
}
static void process_e820_entry(struct e820entry *entry,
@@ -453,7 +454,7 @@ static unsigned long find_random_virt_addr(unsigned long minimum,
slots = (KERNEL_IMAGE_SIZE - minimum - image_size) /
CONFIG_PHYSICAL_ALIGN + 1;
- random_addr = get_random_long() % slots;
+ random_addr = get_random_long("Virtual") % slots;
return random_addr * CONFIG_PHYSICAL_ALIGN + minimum;
}
next prev parent reply other threads:[~2016-05-10 8:43 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-09 20:22 [kernel-hardening] [PATCH v7 0/9] x86/KASLR: Randomize virtual address separately Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 1/9] x86/KASLR: Initialize mapping_info every time Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-09 22:01 ` [kernel-hardening] " Yinghai Lu
2016-05-09 22:01 ` Yinghai Lu
2016-05-09 22:23 ` [kernel-hardening] " Yinghai Lu
2016-05-09 22:23 ` Yinghai Lu
2016-05-09 22:27 ` [kernel-hardening] " Yinghai Lu
2016-05-09 22:27 ` Yinghai Lu
2016-05-09 22:23 ` [kernel-hardening] " Kees Cook
2016-05-09 22:23 ` Kees Cook
2016-05-09 22:28 ` [kernel-hardening] " Yinghai Lu
2016-05-09 22:28 ` Yinghai Lu
2016-05-10 5:58 ` [kernel-hardening] " Ingo Molnar
2016-05-10 5:58 ` Ingo Molnar
2016-05-10 11:21 ` [kernel-hardening] " Borislav Petkov
2016-05-10 11:21 ` Borislav Petkov
2016-05-10 8:40 ` [tip:x86/boot] " tip-bot for Kees Cook
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 2/9] x86/boot: Add missing file header comments Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-10 8:41 ` [tip:x86/boot] " tip-bot for Kees Cook
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 3/9] x86/KASLR: Add slot_area to manage random_addr slots Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-10 8:41 ` [tip:x86/boot] x86/KASLR: Add 'struct slot_area' " tip-bot for Baoquan He
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 4/9] x86/KASLR: Return earliest overlap when avoiding regions Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-10 8:42 ` [tip:x86/boot] " tip-bot for Kees Cook
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 5/9] x86/KASLR: Add virtual address choosing function Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-10 8:42 ` [tip:x86/boot] " tip-bot for Baoquan He
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 6/9] x86/KASLR: Clarify purpose of each get_random_long() Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-10 8:42 ` tip-bot for Kees Cook [this message]
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 7/9] x86/KASLR: Randomize virtual address separately Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 8/9] x86/KASLR: Add physical address randomization >4G Kees Cook
2016-05-09 20:22 ` Kees Cook
2016-05-09 20:22 ` [kernel-hardening] [PATCH v7 9/9] x86/KASLR: Allow randomization below load address Kees Cook
2016-05-09 20:22 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-d2d3462f9f08da364c8fbd41e8e32229d610d49d@git.kernel.org \
--to=tipbot@zytor.com \
--cc=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=bp@suse.de \
--cc=brgerst@gmail.com \
--cc=dvlasenk@redhat.com \
--cc=dyoung@redhat.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=vgoyal@redhat.com \
--cc=yinghai@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.