Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753990AbaAUFSs (ORCPT ); Tue, 21 Jan 2014 00:18:48 -0500 Received: from mail-oa0-f49.google.com ([209.85.219.49]:64730 "EHLO mail-oa0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753517AbaAUFSh (ORCPT ); Tue, 21 Jan 2014 00:18:37 -0500 MIME-Version: 1.0 In-Reply-To: References: <201401201647.s0KGlZdh004167@tazenda.hos.anvin.org> Date: Mon, 20 Jan 2014 21:18:37 -0800 X-Google-Sender-Auth: Bk0AEApbmTMag6MvQOQLVcRvkcA Message-ID: Subject: Re: [GIT PULL] x86/kaslr for v3.14 From: Kees Cook To: Linus Torvalds Cc: "H. Peter Anvin" , Cong Ding , "H. Peter Anvin" , Ingo Molnar , Ingo Molnar , Linux Kernel Mailing List , Mathias Krause , Michael Davidson , Thomas Gleixner , Wei Yongjun Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 20, 2014 at 2:54 PM, Linus Torvalds wrote: > So I pulled this, but one question: > > On Mon, Jan 20, 2014 at 8:47 AM, H. Peter Anvin wrote: >> +config RANDOMIZE_BASE >> + bool "Randomize the address of the kernel image" >> + depends on RELOCATABLE >> + depends on !HIBERNATION > > How fundamental is that "!HIBERNATION" issue? Right now that > anti-dependency on hibernation support will mean that no distro kernel > will actually use the kernel address space randomization. Which > long-term is a problem. > > I'm not sure HIBERNATION is really getting all that much use, but I > suspect distros would still want to support it. > > Is it just a temporary "I wasn't able to make it work, need to get > some PM people involved", or is it something really fundamental? Right, this is a "need to get PM people involved" situation. When kASLR was being designed, hibernation learning about the kernel base looked like a separable problem, and given the very long list of requirements for making it work at all, I carved this out as "future work". As for perf, it's similar -- it's another entirely solvable problem, but perf needs to be untaught some of its assumptions. We've had a static kernel base forever, so I'm expecting some bumps in the road here. I'm hopeful none of it will be too painful, though. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/