From: Vivek Goyal <vgoyal@redhat.com>
To: Kees Cook <keescook@chromium.org>
Cc: "Thomas D." <whissi@whissi.de>,
Kexec Mailing List <kexec@lists.infradead.org>,
WANG Chao <chaowang@redhat.com>
Subject: Re: kexec fails to boot kernels where CONFIG_RANDOMIZE_BASE=y is set
Date: Thu, 21 Aug 2014 15:16:46 -0400 [thread overview]
Message-ID: <20140821191646.GF21891@redhat.com> (raw)
In-Reply-To: <20140821181000.GB21891@redhat.com>
On Thu, Aug 21, 2014 at 02:10:00PM -0400, Vivek Goyal wrote:
[..]
> If kernel always moves itself to higher addresses then one solution could
> be that load everything else below kernel and load kernel at higher
> addresses. But old kexec system call will not be able to cope with it as
> user space determines the load location of kernel and other segments while
> running kernel decides location of pages for page table and kernel has
> no idea where user space has loaded new kernel. New system call still
> might be able to handle it.
So I am reading kaslr code a bit. First of all we are moving kernel in
physical address space. That would substantiate the theory that kernel
movement stepped onto something.
Basically we seem to be just going through all the e820 entries, putting
them one slots[] array and choosing one entry randomly.
That means kernel could move up or down. So the notion of loading
everything else below kernel will not work.
Now this makes me wonder that how does this whole thing work with grub.
IOW, how would one make sure that kernel does not stomp initramfs.
I guess only protection is BASE_MAX_OFFSET and making sure initramfs is
loaded higher than that.
If that's the case, then I think minimum and maximum range of physical
memory where kernel can move should be exported through bzImage header
and kexec-tools should make sure that anything else is outside of that
range so that new kernel will not stomp over it.
Thanks
Vivek
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2014-08-21 19:17 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-17 21:02 kexec fails to boot kernels where CONFIG_RANDOMIZE_BASE=y is set Thomas D.
2014-08-18 14:57 ` Vivek Goyal
2014-08-19 9:07 ` WANG Chao
2014-08-20 14:33 ` Vivek Goyal
2014-08-21 15:57 ` Kees Cook
2014-08-21 18:10 ` Vivek Goyal
2014-08-21 19:02 ` Vivek Goyal
2014-08-21 19:27 ` Thomas D.
2014-08-22 18:18 ` Kexec failing in handle_relocations() (Was: Re: kexec fails to boot kernels where CONFIG_RANDOMIZE_BASE=y is set) Vivek Goyal
2014-08-21 19:16 ` Vivek Goyal [this message]
2014-08-22 3:19 ` kexec fails to boot kernels where CONFIG_RANDOMIZE_BASE=y is set WANG Chao
2014-08-22 11:59 ` Baoquan He
2014-08-22 12:30 ` Thomas D.
2014-08-22 12:40 ` Vivek Goyal
2014-08-22 13:23 ` Thomas D.
2014-08-22 13:16 ` Vivek Goyal
2014-08-22 14:44 ` Baoquan He
2014-08-22 12:38 ` Vivek Goyal
2014-08-22 12:47 ` Thomas D.
2014-08-22 12:53 ` Vivek Goyal
2014-08-22 14:59 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140821191646.GF21891@redhat.com \
--to=vgoyal@redhat.com \
--cc=chaowang@redhat.com \
--cc=keescook@chromium.org \
--cc=kexec@lists.infradead.org \
--cc=whissi@whissi.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox