Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp786663ybf; Sat, 29 Feb 2020 16:12:07 -0800 (PST) X-Google-Smtp-Source: APXvYqziHDX+F3iEleREBraHq924TtNtMEJarayk42TT6JAX0i3sJvZP21gCTlJoLeMV3R0kbCu6 X-Received: by 2002:a9d:6255:: with SMTP id i21mr8038014otk.183.1583021526856; Sat, 29 Feb 2020 16:12:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583021526; cv=none; d=google.com; s=arc-20160816; b=ymr/xfwBIY0/aLKvD946OZvbMQ7wogGUaSHEi0yDN9Q3R3RFCgMT2AG+jEJur5BRRb LkSvWxg29YhbcKOskzZzegJH7MMn2uYK3gptxvxWKRbTW8deSMlEvaF4CCRVSiM9zizN KP2qRSrv8Gaf3sNERDmp40yaYmxEpXATIqYdEQ6MnuaV2/zC2jQfo2O1hu+A76I0prQ3 dPywp66WMLhf5dHRvXQQ/2Wh2xiaNBOrsKlgQkD/9HXLnRFi6BGMx7Tvnd7AvIPPmFo/ mqwmiwCOk3r2tPPK54dpYyI/bFyKsyuS/bRi8GO6NJjYZSS5MgfMWLY63F8i56gGFBjo Wrug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:date:from:dkim-signature; bh=3tYKB2ToaIQnbC0ndiITx7BdT8yRg6GYHGZIM+yZOF4=; b=XP30vFDzAtKvg4iveRchwYMjJ2FPPWC3lwo3wOfeq/B+YDj95d1RhPhxumqnUdpzib vOCMOZ+PbeE5qw3sFTS3cy/YoyVjgfhOX5lgP4AALUphM/th5SG6gpLmruspB/NQohTD rM7viUtDLCM4F1B7PdX4gEkMEyPofQxBIJYr67o9d7278hLI+Hu6WgcEEkZU51/j577O Ej8b8pk5klWhyCzJvzzCiAFwOCnWVcsr/kDo4iLESrUkgX2VebCKrKRfaCeppNE37/ot ElxAUkaHVSPisuDMdaRrj0kHzFUpIJ/HTBgP9UPmDIdHaKK0AvJjvxu84iPJNYBgJARz uVzA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=u+6DgU7O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n1si1014592oig.237.2020.02.29.16.11.54; Sat, 29 Feb 2020 16:12:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=u+6DgU7O; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727207AbgCAAL1 (ORCPT + 99 others); Sat, 29 Feb 2020 19:11:27 -0500 Received: from mail-qv1-f68.google.com ([209.85.219.68]:33963 "EHLO mail-qv1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726786AbgCAAL0 (ORCPT ); Sat, 29 Feb 2020 19:11:26 -0500 Received: by mail-qv1-f68.google.com with SMTP id o18so3197034qvf.1 for ; Sat, 29 Feb 2020 16:11:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:date:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=3tYKB2ToaIQnbC0ndiITx7BdT8yRg6GYHGZIM+yZOF4=; b=u+6DgU7OlIQLBQ3P8XYjTUI6xh9cKsGzL8N4Zljr++uSy4c/i6KZ+HoT5qHXZOJpiS uWvmH2TmNZys7qVxxye6WO0c666s/+5LwCinkCvn/gwWU+tOgHvb4bDFougbqNmSVElQ ckqsExJwfHcmWIpGFJZh8n4SeF/UrJ+r6q6lWXcMeA51jUNdzsRmFKOa+Atirmy5KHI6 eLfnIV6Eegsj5UWiT2p/97M4LhDVje59uKLAnacnZTS473o1YrgZpulzRyc3WkfC4ZfC mR0hiWhj3eKtZQpXBIvv982zKW/rWkli4iZO8s68EHZE08d5oqLY6/DZYYns4e6ECp0U Kidg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:date:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to:user-agent; bh=3tYKB2ToaIQnbC0ndiITx7BdT8yRg6GYHGZIM+yZOF4=; b=ucLFZiwDEvKe8/CPM+o9D+Cs2mpRuIHNJrRTJQvzTFZ5hMiMIkaIQAkHcWDq7RIz+H SDgidSJ3o3mRKbKvp/ZraUWp6aVbc29yJGiNUjXaLxEScO8IfQWql7ApXFvGkiBjA2ns d/p3SEBBmaRxhOoFHdFV2Rl/I3qn5x6pfWXTJIpwz1NN31wVflqAgVikP+OOYU0zrNVI tOpOjE86UTh1qHtIJUyxRYl7MizsWvJdtKTjz5rOUd81ihGrpdHmDWp6FqBDlNcoZUAy AWR8++B4yrdk+nEvxcqg0kFXQjACfL3RXNYfgn9gi3qlgBt/LHu3FANiUJVEikLiZkWk IaEw== X-Gm-Message-State: APjAAAWTgHehQGM8ZWsIKXmbw1pMsK/x/7S9LiRFGzM+hCVJo0rLh2Mr LajVFnahzLTpbEVJcvcviv8= X-Received: by 2002:a0c:b203:: with SMTP id x3mr9403820qvd.197.1583021485669; Sat, 29 Feb 2020 16:11:25 -0800 (PST) Received: from rani.riverdale.lan ([2001:470:1f07:5f3::b55f]) by smtp.gmail.com with ESMTPSA id d74sm7636037qke.91.2020.02.29.16.11.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 29 Feb 2020 16:11:25 -0800 (PST) From: Arvind Sankar X-Google-Original-From: Arvind Sankar Date: Sat, 29 Feb 2020 19:11:23 -0500 To: Kees Cook Cc: Arvind Sankar , dave.hansen@linux.intel.com, kernel-hardening@lists.openwall.com, linux-kernel@vger.kernel.org, luto@kernel.org, me@tobin.cc, peterz@infradead.org, tycho@tycho.ws, x86@kernel.org Subject: Re: [PATCH] x86/mm/init_32: Don't print out kernel memory layout if KASLR Message-ID: <20200301001123.GA1278373@rani.riverdale.lan> References: <20200226215039.2842351-1-nivedita@alum.mit.edu> <202002291534.ED372CC@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <202002291534.ED372CC@keescook> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Feb 29, 2020 at 03:51:45PM -0800, Kees Cook wrote: > Arvind Sankar said: > > For security, only show the virtual kernel memory layout if KASLR is > > disabled. > > These have been entirely removed on other architectures, so let's > just do the same for ia32 and remove it unconditionally. > > 071929dbdd86 ("arm64: Stop printing the virtual memory layout") > 1c31d4e96b8c ("ARM: 8820/1: mm: Stop printing the virtual memory layout") > 31833332f798 ("m68k/mm: Stop printing the virtual memory layout") > fd8d0ca25631 ("parisc: Hide virtual kernel memory layout") > adb1fe9ae2ee ("mm/page_alloc: Remove kernel address exposure in free_reserved_area()") > > -Kees > > -- > Kees Cook microblaze (arch/microblaze/mm/init.c) and PPC32 (arch/powerpc/mm/mem.c) appear to still print it out. I can't test those, but will resubmit x86-32 with it removed.