From patchwork Mon Oct 17 15:18:39 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 77752 Delivered-To: patch@linaro.org Received: by 10.140.97.247 with SMTP id m110csp444523qge; Mon, 17 Oct 2016 08:20:21 -0700 (PDT) X-Received: by 10.66.222.5 with SMTP id qi5mr31569972pac.138.1476717621879; Mon, 17 Oct 2016 08:20:21 -0700 (PDT) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id p125si19901446pfp.267.2016.10.17.08.20.21 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 17 Oct 2016 08:20:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dmarc=fail (p=NONE dis=NONE) header.from=linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.85_2 #1 (Red Hat Linux)) id 1bw9h5-0007VO-NV; Mon, 17 Oct 2016 15:19:15 +0000 Received: from mail-wm0-x22d.google.com ([2a00:1450:400c:c09::22d]) by bombadil.infradead.org with esmtps (Exim 4.85_2 #1 (Red Hat Linux)) id 1bw9gy-00075x-Nf for linux-arm-kernel@lists.infradead.org; Mon, 17 Oct 2016 15:19:12 +0000 Received: by mail-wm0-x22d.google.com with SMTP id c78so233128wme.1 for ; Mon, 17 Oct 2016 08:18:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=0q38dLmesj0vmqZP+1bsH0r+eo9YdS8TITbBPakS1KQ=; b=IamGTaxU4lm2f8jZ/bKpcN4YaDo2JWP2VUPT7Ia4uNRB0l8SEVbZJ0B0+NNGaxZ5T7 JQqdy2KpRV4DuloDvqoW5OkfWkxsLAyoEeSm7+8uXFfidwgSrEyD86/XuhqlTgP/ec19 j53Vaonbmy4TQ7jwgxOe+HUgmwfrVFTsCnA4Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=0q38dLmesj0vmqZP+1bsH0r+eo9YdS8TITbBPakS1KQ=; b=Ty7tXTKGkTNhx5/N9PCKsNZjb6ZTONdyXD/zoahjCW+7DwHrmf8LxRmwTexeesOivr AGQh+2USHoqKb6ZmNTb7a2Cg3T47kQQRYhHOolSjRBE648o5XgbSgdsfV3RIqbzTvMyS pfIsSdFYAkYtq7wvmygBB5TOt0md82EXOW7VVIY7x6rmCN0O+p8Ax8vcnsAD1NbwFl4e kiuPVHxTvlZ9p+68Y7a0gOih3if8/YeZUlgyVWLdhaPrNrW5VfEo2h3y3rAt4CH0o689 x/lLXrp7BcakQ+6Nl19bVyaqekKmR6GST9MMR1KAXcl8sbDU6xN02gX+0rBP+B6OHE0f +flQ== X-Gm-Message-State: AA6/9RkgYfI1kOrC15v0q7dkbr8QpAN821Fl+aDOZSX2+GhEEHCjFPiqaBzbgRCauOuXsIOp X-Received: by 10.28.40.212 with SMTP id o203mr8415429wmo.91.1476717524607; Mon, 17 Oct 2016 08:18:44 -0700 (PDT) Received: from localhost.localdomain ([105.137.38.75]) by smtp.gmail.com with ESMTPSA id f19sm19452wmh.16.2016.10.17.08.18.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 17 Oct 2016 08:18:43 -0700 (PDT) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, will.deacon@arm.com, catalin.marinas@arm.com Subject: [PATCH] arm64: kaslr: keep modules close to the kernel when DYNAMIC_FTRACE=y Date: Mon, 17 Oct 2016 16:18:39 +0100 Message-Id: <1476717519-28424-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20161017_081908_979330_B785E122 X-CRM114-Status: GOOD ( 14.02 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:22d listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: mark.rutland@arm.com, Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org The RANDOMIZE_MODULE_REGION_FULL Kconfig option allows KASLR to be configured in such a way that kernel modules and the core kernel are allocated completely independently, which implies that modules are likely to require branches via PLT entries to reach the core kernel. The dynamic ftrace code does not expect that, and assumes that it can patch module code to perform a relative branch to anywhere in the core kernel. This may result in errors such as branch_imm_common: offset out of range ------------[ cut here ]------------ WARNING: CPU: 3 PID: 196 at kernel/trace/ftrace.c:1995 ftrace_bug+0x220/0x2e8 Modules linked in: CPU: 3 PID: 196 Comm: systemd-udevd Not tainted 4.8.0-22-generic #24 Hardware name: AMD Seattle/Seattle, BIOS 10:34:40 Oct 6 2016 task: ffff8d1bef7dde80 task.stack: ffff8d1bef6b0000 PC is at ftrace_bug+0x220/0x2e8 LR is at ftrace_process_locs+0x330/0x430 So make RANDOMIZE_MODULE_REGION_FULL mutually exclusive with DYNAMIC_FTRACE at the Kconfig level. Signed-off-by: Ard Biesheuvel --- arch/arm64/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.7.4 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig index 30398dbc940a..969ef880d234 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -915,7 +915,7 @@ config RANDOMIZE_BASE config RANDOMIZE_MODULE_REGION_FULL bool "Randomize the module region independently from the core kernel" - depends on RANDOMIZE_BASE + depends on RANDOMIZE_BASE && !DYNAMIC_FTRACE default y help Randomizes the location of the module region without considering the