Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757973Ab3DZTFD (ORCPT ); Fri, 26 Apr 2013 15:05:03 -0400 Received: from smtp.outflux.net ([198.145.64.163]:46117 "EHLO smtp.outflux.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757791Ab3DZTEU (ORCPT ); Fri, 26 Apr 2013 15:04:20 -0400 From: Kees Cook To: linux-kernel@vger.kernel.org Cc: kernel-hardening@lists.openwall.com, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , x86@kernel.org, Jarkko Sakkinen , Matthew Garrett , Matt Fleming , Eric Northup , Dan Rosenberg , Julien Tinnes , Will Drewry , Kees Cook Subject: [PATCH 5/6] x86: kaslr: select memory region from e820 maps Date: Fri, 26 Apr 2013 12:03:24 -0700 Message-Id: <1367003005-5560-6-git-send-email-keescook@chromium.org> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: <1367003005-5560-1-git-send-email-keescook@chromium.org> References: <1367003005-5560-1-git-send-email-keescook@chromium.org> X-HELO: www.outflux.net Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2691 Lines: 100 This chooses the largest contiguous RAM region for the KASLR offset to live in. Signed-off-by: Kees Cook --- v2: - make sure to exclude e820 regions outside the 32-bit memory range. --- arch/x86/boot/compressed/aslr.c | 47 ++++++++++++++++++++++++++++++++++----- 1 file changed, 41 insertions(+), 6 deletions(-) diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c index 4647e3f..3d3789e 100644 --- a/arch/x86/boot/compressed/aslr.c +++ b/arch/x86/boot/compressed/aslr.c @@ -2,6 +2,7 @@ #ifdef CONFIG_RANDOMIZE_BASE #include +#include #include static inline int rdrand(unsigned long *v) @@ -48,28 +49,62 @@ static unsigned long get_random_long(void) return 0; } +int largest_ram_region(unsigned long *start, unsigned long *size) +{ + int i, rc = 0; + + *size = 0; + for (i = 0; i < real_mode->e820_entries; i++) { + struct e820entry *entry = &real_mode->e820_map[i]; + + if (entry->type != E820_RAM) + continue; + + /* XXX: Handle arbitrary physical location. */ + if (entry->addr > UINT_MAX) + continue; + + if (entry->size > *size) { + *size = entry->size; + *start = entry->addr; + rc = 1; + } + } + return rc; +} + unsigned char *choose_kernel_location(unsigned char *hint, unsigned long size) { unsigned char *choice = hint; unsigned long random, mask; + unsigned long addr, length; if (cmdline_find_option_bool("noaslr")) { debug_putstr("KASLR disabled...\n"); goto out; } + /* Find an appropriate E820 entry. */ + if (!largest_ram_region(&addr, &length)) { + debug_putstr("KASLR could not find suitable E820 region...\n"); + goto out; + } + random = get_random_long(); - /* Clip off top of the range. */ + /* XXX: Rework page tables to handle arbitrary physical location. */ mask = CONFIG_RANDOMIZE_BASE_MAX_OFFSET - 1; random &= mask; - /* XXX: Find an appropriate E820 hole, instead of adding hint. */ - random += (unsigned long)hint; + /* Clip to E820 entry size. */ + while (random > length) + random >>= 1; + + /* Offset the target. */ + random += addr; - /* XXX: Clip to E820 hole, instead of just using hint. */ - mask = (unsigned long)hint + CONFIG_RANDOMIZE_BASE_MAX_OFFSET; - while (random + size > mask) + /* Clip end to E820 entry size. */ + while (random + size > addr + length) random >>= 1; /* Clip off bottom of range (via alignment). */ -- 1.7.9.5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/