linux/arch
Jiri Kosina f47233c2d3 x86/mm/ASLR: Propagate base load address calculation
Commit:

  e2b32e6785 ("x86, kaslr: randomize module base load address")

makes the base address for module to be unconditionally randomized in
case when CONFIG_RANDOMIZE_BASE is defined and "nokaslr" option isn't
present on the commandline.

This is not consistent with how choose_kernel_location() decides whether
it will randomize kernel load base.

Namely, CONFIG_HIBERNATION disables kASLR (unless "kaslr" option is
explicitly specified on kernel commandline), which makes the state space
larger than what module loader is looking at. IOW CONFIG_HIBERNATION &&
CONFIG_RANDOMIZE_BASE is a valid config option, kASLR wouldn't be applied
by default in that case, but module loader is not aware of that.

Instead of fixing the logic in module.c, this patch takes more generic
aproach. It introduces a new bootparam setup data_type SETUP_KASLR and
uses that to pass the information whether kaslr has been applied during
kernel decompression, and sets a global 'kaslr_enabled' variable
accordingly, so that any kernel code (module loading, livepatching, ...)
can make decisions based on its value.

x86 module loader is converted to make use of this flag.

Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: "H. Peter Anvin" <hpa@linux.intel.com>
Link: https://lkml.kernel.org/r/alpine.LNX.2.00.1502101411280.10719@pobox.suse.cz
[ Always dump correct kaslr status when panicking ]
Signed-off-by: Borislav Petkov <bp@suse.de>
2015-02-19 11:38:54 +01:00
..
alpha vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
arc arc: mm: Fix build failure 2015-01-30 10:31:14 -08:00
arm sound fixes for 3.19 2015-02-06 12:50:37 -08:00
arm64 Second round of fixes for KVM/ARM for 3.19. 2015-01-30 09:41:38 +01:00
avr32 vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
blackfin arch/blackfin/mach-bf533/boards/stamp.c: add linux/delay.h 2015-01-08 15:10:52 -08:00
c6x net, lib: kill arch_fast_hash library bits 2014-12-10 15:17:46 -05:00
cris vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
frv vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
hexagon Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rkuo/linux-hexagon-kernel 2014-12-19 17:57:51 -08:00
ia64 vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
m32r vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
m68k vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
metag vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
microblaze vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
mips Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2015-02-06 08:28:54 -08:00
mn10300 mm/debug_pagealloc: fix build failure on ppc and some other archs 2015-02-05 13:35:30 -08:00
nios2 nios2: fix unhandled signals 2015-02-09 09:47:05 +08:00
openrisc vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
parisc vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
powerpc mm/debug_pagealloc: fix build failure on ppc and some other archs 2015-02-05 13:35:30 -08:00
s390 mm/debug_pagealloc: fix build failure on ppc and some other archs 2015-02-05 13:35:30 -08:00
score vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
sh vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
sparc mm/debug_pagealloc: fix build failure on ppc and some other archs 2015-02-05 13:35:30 -08:00
tile vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
um vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
unicore32 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2014-12-11 14:27:06 -08:00
x86 x86/mm/ASLR: Propagate base load address calculation 2015-02-19 11:38:54 +01:00
xtensa vm: add VM_FAULT_SIGSEGV handling support 2015-01-29 10:51:32 -08:00
.gitignore
Kconfig