From patchwork Tue Sep 5 19:42:14 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 9939575 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 22D1F604D3 for ; Tue, 5 Sep 2017 19:42:49 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 12EC11FE8B for ; Tue, 5 Sep 2017 19:42:49 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 07C6028A00; Tue, 5 Sep 2017 19:42:49 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from bombadil.infradead.org (bombadil.infradead.org [65.50.211.133]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 5F8F71FE8B for ; Tue, 5 Sep 2017 19:42:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:To:Subject:Message-ID:Date:From: References:In-Reply-To:MIME-Version:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=dQeZGrjwy8dy4lkqS8SXQEjrWBHXOBhvmxooW7D/vVo=; b=MhzdW1+puy852L LvUUi+GYq+CUP2KUPeyPRryVPDk3rj2wsc+2zxeu5AJI372WBBpXqyRDX3aBNirLcLSn7RfNt3w6f qSU1+irpM1Jlr7nOyrrxcZ/Huj9WbejmBVlHRjZMn1r5hmvxNt64t00K+KubhMW01OwvPGGm4nhaO OeavpWAWDA4dgyO4rwdrRV8CGvPDXstDgtqerRiu2nIZa2rgZ8CTZ9s6Ldn2wgFDySa6sRfFI+gHY KbVxRxjnxV1H0/KjVNZGZkGSS0bumlFfo8UBaKlIrNpuJztKnibSxOIyPWa4FDDY7lDhe+d86Afmd 84/tZPm8go+gFUo10vzg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.87 #1 (Red Hat Linux)) id 1dpJk8-0007i7-HJ; Tue, 05 Sep 2017 19:42:40 +0000 Received: from mail-io0-x232.google.com ([2607:f8b0:4001:c06::232]) by bombadil.infradead.org with esmtps (Exim 4.87 #1 (Red Hat Linux)) id 1dpJk5-0007fQ-4G for linux-arm-kernel@lists.infradead.org; Tue, 05 Sep 2017 19:42:38 +0000 Received: by mail-io0-x232.google.com with SMTP id y123so19676972iod.0 for ; Tue, 05 Sep 2017 12:42:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TH1TIN4GE5wLzT1BPpZ5VAcABScAeqr77komWu6U8DM=; b=j2jl1H04q+13zF3r8AJKC4a598SoEi2sVgDBWjwmHNke5ocx6OFjVTBbEl7/qKsDq4 53sYlYwdqRmo5PXhr9wKhnmKQh1Gbn9N1osoHCDQ5UQRZsRiEdDw6qbYuY0h91+C1bLR hmMXzkRxm4eIzgUOZN5673epwAdlIrqlT1w34= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TH1TIN4GE5wLzT1BPpZ5VAcABScAeqr77komWu6U8DM=; b=nBaaoQQ5XRZbkLU8tobVhAjDLt6Gj+VT90MtOj/cdFtSS2DsImkURmSq4I+a43QjD0 1+lxX0XTKmz3fBO78F5bAbYa+u9gfSMyKA4huZrquRwk6ODVjH06uhTPdNYrGNthAReT TQRC82A/sBzaefBod8aTkzcePifSZA+tZIaIO6md88KMxAxqaKup+VEgWUrXGSFASuVx AgJdXSQBsNSpNJT5IU1+fPFDYzS1E0JWh/byCdmeFxuoA4lzoiurq6+UXp+uPSbklhv7 U/GybQXkuOvi1iSUvZgNjXojHWWTjdA+VizUzHT/v4ORtrX1ZeFC/7kJ9IoeN+nkAkHV W7qA== X-Gm-Message-State: AHPjjUi5I8YSnegzS6zOqq/J7PIXTphH0hV5gwfDJwoeiwI3eYTLiAJo OaxgaXagmcI3KfNHUganr8bH6VnGnXTo X-Google-Smtp-Source: AOwi7QBvIxCvnp05nBvZwamUq+bhj9ehPF/OFCUOKNsw/SRVC35eEHxXH471Py3lNOLMQrUvhsBeM+zOwkdnKA7S3Ro= X-Received: by 10.107.145.134 with SMTP id t128mr200708iod.190.1504640535445; Tue, 05 Sep 2017 12:42:15 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.162.1 with HTTP; Tue, 5 Sep 2017 12:42:14 -0700 (PDT) In-Reply-To: <20170905193754.GD5024@atomide.com> References: <20170903120757.14968-1-ard.biesheuvel@linaro.org> <20170905164547.GA5024@atomide.com> <20170905193754.GD5024@atomide.com> From: Ard Biesheuvel Date: Tue, 5 Sep 2017 20:42:14 +0100 Message-ID: Subject: Re: [PATCH v2 00/29] implement KASLR for ARM To: Tony Lindgren X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20170905_124237_264994_027963E7 X-CRM114-Status: GOOD ( 17.98 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Mark Rutland , Kees Cook , Arnd Bergmann , Nicolas Pitre , Marc Zyngier , Kernel Hardening , Russell King , Dave Martin , Matt Fleming , Thomas Garnier , "linux-arm-kernel@lists.infradead.org" Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patchwork-linux-arm=patchwork.kernel.org@lists.infradead.org X-Virus-Scanned: ClamAV using ClamSMTP On 5 September 2017 at 20:37, Tony Lindgren wrote: > * Ard Biesheuvel [170905 09:49]: >> On 5 September 2017 at 17:45, Tony Lindgren wrote: >> > I did see boot attempts fail with randomize enable where no output >> > was produced. It seems this is happening for me maybe 1 out of 5 boots. >> > Enabling DEBUG_LL did not show anything either. >> > >> >> Yes. I am looking into a couple of kernelci boot reports that look >> suspicious, but it is rather difficult to reproduce, for obvious >> reasons :-) >> >> Which hardware are you testing this on? > > For testing on omap3, I'm mostly using logicpd torpedo devkit as > it works out of box with PM with mainline Linux and has NFSroot > usable too. > Right. Well, I will try to reproduce with the BB white I have. Are you booting with an initrd? >> > Then loading modules with CONFIG_RANDOMIZE_BASE=y seems to fail with: >> > >> > $ sudo modprobe rtc-twl >> > rtc_twl: disagrees about version of symbol module_layout >> > modprobe: ERROR: could not insert 'rtc_twl': Exec format error >> > >> >> Is this with CONFIG_MODVERSIONS enabled? > > Yes, but disabling that did not seem to make any difference > based on just one test. > Yeah, well, it appears I missed a couple of details :-) This should fix the module loading issues: diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 1a0304dd388d..bbefd5f32ec2 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -1830,6 +1830,8 @@ config RANDOMIZE_BASE depends on MMU && AUTO_ZRELADDR depends on !XIP_KERNEL && !ZBOOT_ROM select RELOCATABLE + select ARM_MODULE_PLTS if MODULES + select MODULE_REL_CRCS if MODVERSIONS help Randomizes the virtual and physical address at which the kernel image is loaded, as a security feature that deters exploit attempts diff --git a/arch/arm/include/asm/elf.h b/arch/arm/include/asm/elf.h index f13ae153fb24..b56fc4dd27b6 100644 --- a/arch/arm/include/asm/elf.h +++ b/arch/arm/include/asm/elf.h @@ -50,6 +50,7 @@ typedef struct user_fp elf_fpregset_t; #define R_ARM_NONE 0 #define R_ARM_PC24 1 #define R_ARM_ABS32 2 +#define R_ARM_REL32 3 #define R_ARM_CALL 28 #define R_ARM_JUMP24 29 #define R_ARM_TARGET1 38 diff --git a/arch/arm/kernel/module.c b/arch/arm/kernel/module.c index 3ff571c2c71c..aa4d72837cd5 100644 --- a/arch/arm/kernel/module.c +++ b/arch/arm/kernel/module.c @@ -175,6 +175,10 @@ *(u32 *)loc |= offset & 0x7fffffff; break; + case R_ARM_REL32: + *(u32 *)loc += sym->st_value - loc; + break; + case R_ARM_MOVW_ABS_NC: case R_ARM_MOVT_ABS: offset = tmp = __mem_to_opcode_arm(*(u32 *)loc);