Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932925AbcDDXhp (ORCPT ); Mon, 4 Apr 2016 19:37:45 -0400 Received: from eddie.linux-mips.org ([148.251.95.138]:54664 "EHLO cvs.linux-mips.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932706AbcDDXhm (ORCPT ); Mon, 4 Apr 2016 19:37:42 -0400 Date: Tue, 5 Apr 2016 01:37:21 +0200 From: Ralf Baechle To: Kees Cook Cc: "kernel-hardening@lists.openwall.com" , Linux MIPS Mailing List , Matt Redfearn , Aaro Koskinen , Masahiro Yamada , Alexander Sverdlin , LKML , Thomas Gleixner , David Daney , Jaedon Shin , James Hogan , Jonas Gorski , Paul Burton Subject: Re: [kernel-hardening] [PATCH v2 00/11] MIPS relocatable kernel & KASLR Message-ID: <20160404233721.GB26295@linux-mips.org> References: <1459415142-3412-1-git-send-email-matt.redfearn@imgtec.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2322 Lines: 51 On Mon, Apr 04, 2016 at 12:46:29PM -0700, Kees Cook wrote: > This is great! Thanks for working on this! :) > > Without actually reading the code yet, I wonder if the x86 and MIPS > relocs tool could be merged at all? Sounds like it might be more > difficult though -- the relocation output is different and its storage > location is different... > > > Restrictions: > > * The new kernel is not allowed to overlap the old kernel, such that > > the original kernel can still be booted if relocation fails. > > This sounds like physical-only relocation then? Is the virtual offset > randomized as well (like arm64) or just physical (like x86 currently > -- though there is a series to fix this). On MIPS we normally place the kernel in KSEG0 or XKPHYS which address segments which are not mapped through the TLB so the difference is kinda moot. > > * Relocation is supported only by multiples of 64k bytes. This > > eliminates the need to handle R_MIPS_LO16 relocations as the bottom > > 16bits will remain the same at the relocated address. > > IIUC, that's actually better than x86, which needs to be 2MB aligned. On MIPS a key concern was maintaining a reasonable size for the final kernel image. The R_MIPS_LO16 relocatio records make a significant portion of the relocations in a relocatable .o file, so we wanted to get rid of them. This results in a relocation granularity of 64kB. If we were truely, truely stingy we could come up with a relocation format to save a few more bits but I doubt that'd make any sense. > > * In 64 bit kernels, relocation is supported only within the same 4Gb > > memory segment as the kernel link address (CONFIG_PHYSICAL_START). > > This eliminates the need to handle R_MIPS_HIGHEST and R_MIPS_HIGHER > > relocations as the top 32bits will remain the same at the relocated > > address. > > Interesting. Could the relocation code be updated in the future to > bump the high addresses too? It could but yet again, the idea was to keep the size of the final generated file under control. The R_MIPS_HIGHER and R_MIPS_HIGHEST relocations can be discarded if we constrain the addresses to be in a single 4GB segment. Removing this constraint would make a kernel image much bigger so I suggested to add this restriction at least for this initial version. Ralf