Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/arch KASLR: add workarounds to compute the bootinfo VAs ...
details: https://anonhg.NetBSD.org/src/rev/c11ec0d96bb9
branches: trunk
changeset: 356691:c11ec0d96bb9
user: maxv <maxv%NetBSD.org@localhost>
date: Sun Oct 08 09:06:50 2017 +0000
description:
KASLR: add workarounds to compute the bootinfo VAs (use the direct map),
and don't use large pages yet. Both will be fixed later.
diffstat:
sys/arch/amd64/amd64/machdep.c | 10 ++++++++--
sys/arch/amd64/conf/GENERIC_KASLR | 3 ++-
sys/arch/amd64/conf/files.amd64 | 3 ++-
sys/arch/i386/conf/files.i386 | 3 ++-
sys/arch/x86/x86/pmap.c | 11 ++++++++---
sys/arch/x86/x86/x86_machdep.c | 27 +++++++++++++++++++++++----
sys/arch/xen/conf/files.compat | 7 ++++---
7 files changed, 49 insertions(+), 15 deletions(-)
diffs (232 lines):
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/amd64/amd64/machdep.c
--- a/sys/arch/amd64/amd64/machdep.c Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/amd64/amd64/machdep.c Sun Oct 08 09:06:50 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: machdep.c,v 1.262 2017/09/30 11:43:57 maxv Exp $ */
+/* $NetBSD: machdep.c,v 1.263 2017/10/08 09:06:50 maxv Exp $ */
/*
* Copyright (c) 1996, 1997, 1998, 2000, 2006, 2007, 2008, 2011
@@ -110,7 +110,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.262 2017/09/30 11:43:57 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.263 2017/10/08 09:06:50 maxv Exp $");
/* #define XENDEBUG_LOW */
@@ -122,6 +122,7 @@
#include "opt_mtrr.h"
#include "opt_realmem.h"
#include "opt_xen.h"
+#include "opt_kaslr.h"
#ifndef XEN
#include "opt_physmem.h"
#endif
@@ -1472,8 +1473,13 @@
#ifndef XEN
symtab = lookup_bootinfo(BTINFO_SYMTAB);
if (symtab) {
+#ifdef KASLR
+ tssym = PMAP_DIRECT_MAP((paddr_t)symtab->ssym);
+ tesym = PMAP_DIRECT_MAP((paddr_t)symtab->esym);
+#else
tssym = (vaddr_t)symtab->ssym + KERNBASE;
tesym = (vaddr_t)symtab->esym + KERNBASE;
+#endif
ksyms_addsyms_elf(symtab->nsym, (void *)tssym, (void *)tesym);
} else
ksyms_addsyms_elf(*(long *)(void *)&end,
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/amd64/conf/GENERIC_KASLR
--- a/sys/arch/amd64/conf/GENERIC_KASLR Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/amd64/conf/GENERIC_KASLR Sun Oct 08 09:06:50 2017 +0000
@@ -1,5 +1,6 @@
-# $NetBSD: GENERIC_KASLR,v 1.1 2017/10/07 10:16:47 maxv Exp $
+# $NetBSD: GENERIC_KASLR,v 1.2 2017/10/08 09:06:50 maxv Exp $
include "arch/amd64/conf/GENERIC"
makeoptions KASLR=1 # Kernel ASLR
+options KASLR
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/amd64/conf/files.amd64
--- a/sys/arch/amd64/conf/files.amd64 Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/amd64/conf/files.amd64 Sun Oct 08 09:06:50 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: files.amd64,v 1.93 2017/10/08 08:26:01 maxv Exp $
+# $NetBSD: files.amd64,v 1.94 2017/10/08 09:06:50 maxv Exp $
#
# new style config file for amd64 architecture
#
@@ -26,6 +26,7 @@
defflag PMC
defflag USER_LDT
+defflag KASLR
defflag eisa.h EISA
# Start code
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/i386/conf/files.i386
--- a/sys/arch/i386/conf/files.i386 Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/i386/conf/files.i386 Sun Oct 08 09:06:50 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: files.i386,v 1.387 2017/08/15 08:51:38 maxv Exp $
+# $NetBSD: files.i386,v 1.388 2017/10/08 09:06:50 maxv Exp $
#
# new style config file for i386 architecture
#
@@ -19,6 +19,7 @@
obsolete defflag XBOX
defflag PMC
+defflag KASLR
# User-settable LDT (used by WINE)
defflag USER_LDT
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/x86/x86/pmap.c
--- a/sys/arch/x86/x86/pmap.c Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/x86/x86/pmap.c Sun Oct 08 09:06:50 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: pmap.c,v 1.260 2017/09/30 12:35:48 maxv Exp $ */
+/* $NetBSD: pmap.c,v 1.261 2017/10/08 09:06:50 maxv Exp $ */
/*
* Copyright (c) 2008, 2010, 2016, 2017 The NetBSD Foundation, Inc.
@@ -51,7 +51,6 @@
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
*/
/*
@@ -171,12 +170,13 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.260 2017/09/30 12:35:48 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: pmap.c,v 1.261 2017/10/08 09:06:50 maxv Exp $");
#include "opt_user_ldt.h"
#include "opt_lockdebug.h"
#include "opt_multiprocessor.h"
#include "opt_xen.h"
+#include "opt_kaslr.h"
#include <sys/param.h>
#include <sys/systm.h>
@@ -1605,6 +1605,11 @@
vaddr_t kva, kva_end;
paddr_t pa;
+#ifdef KASLR
+ /* XXX no large pages yet, soon */
+ return;
+#endif
+
/* Remap the kernel text using large pages. */
kva = rounddown(bootspace.text.va, NBPD_L2);
kva_end = rounddown(bootspace.text.va +
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/x86/x86/x86_machdep.c
--- a/sys/arch/x86/x86/x86_machdep.c Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/x86/x86/x86_machdep.c Sun Oct 08 09:06:50 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: x86_machdep.c,v 1.96 2017/10/02 19:23:16 maxv Exp $ */
+/* $NetBSD: x86_machdep.c,v 1.97 2017/10/08 09:06:50 maxv Exp $ */
/*-
* Copyright (c) 2002, 2006, 2007 YAMAMOTO Takashi,
@@ -31,11 +31,12 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.96 2017/10/02 19:23:16 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.97 2017/10/08 09:06:50 maxv Exp $");
#include "opt_modular.h"
#include "opt_physmem.h"
#include "opt_splash.h"
+#include "opt_kaslr.h"
#include <sys/types.h>
#include <sys/param.h>
@@ -229,7 +230,11 @@
bi->path, bi->len, bi->base);
KASSERT(trunc_page(bi->base) == bi->base);
module_prime(bi->path,
+#ifdef KASLR
+ (void *)PMAP_DIRECT_MAP((uintptr_t)bi->base),
+#else
(void *)((uintptr_t)bi->base + KERNBASE),
+#endif
bi->len);
break;
case BI_MODULE_IMAGE:
@@ -238,7 +243,12 @@
bi->path, bi->len, bi->base);
KASSERT(trunc_page(bi->base) == bi->base);
splash_setimage(
- (void *)((uintptr_t)bi->base + KERNBASE), bi->len);
+#ifdef KASLR
+ (void *)PMAP_DIRECT_MAP((uintptr_t)bi->base),
+#else
+ (void *)((uintptr_t)bi->base + KERNBASE),
+#endif
+ bi->len);
#endif
break;
case BI_MODULE_RND:
@@ -246,7 +256,11 @@
bi->path, bi->len, bi->base);
KASSERT(trunc_page(bi->base) == bi->base);
rnd_seed(
+#ifdef KASLR
+ (void *)PMAP_DIRECT_MAP((uintptr_t)bi->base),
+#else
(void *)((uintptr_t)bi->base + KERNBASE),
+#endif
bi->len);
break;
case BI_MODULE_FS:
@@ -254,7 +268,12 @@
bi->path, bi->len, bi->base);
KASSERT(trunc_page(bi->base) == bi->base);
#if defined(MEMORY_DISK_HOOKS) && defined(MEMORY_DISK_DYNAMIC)
- md_root_setconf((void *)((uintptr_t)bi->base + KERNBASE),
+ md_root_setconf(
+#ifdef KASLR
+ (void *)PMAP_DIRECT_MAP((uintptr_t)bi->base),
+#else
+ (void *)((uintptr_t)bi->base + KERNBASE),
+#endif
bi->len);
#endif
break;
diff -r 8ffcf17ef91d -r c11ec0d96bb9 sys/arch/xen/conf/files.compat
--- a/sys/arch/xen/conf/files.compat Sun Oct 08 08:31:05 2017 +0000
+++ b/sys/arch/xen/conf/files.compat Sun Oct 08 09:06:50 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: files.compat,v 1.28 2017/08/12 07:21:57 maxv Exp $
+# $NetBSD: files.compat,v 1.29 2017/10/08 09:06:50 maxv Exp $
# NetBSD: files.x86,v 1.10 2003/10/08 17:30:00 bouyer Exp
# options for MP configuration through the MP spec
@@ -6,7 +6,7 @@
#defflag opt_mpacpi.h MPACPI MPACPI_SCANPCI
# MTRR support
-defflag MTRR
+defflag MTRR
defflag opt_xen.h XEN PAE
@@ -25,7 +25,8 @@
defflag opt_pcibios.h XXXOPT_PCIBIOS
defflag opt_pcifixup.h XXXOPT_PCIFIXUP
-defflag opt_pmc.h XXXPMC
+defflag opt_pmc.h XXXPMC
+defflag opt_kaslr.h XXXKASLR
# User-settable LDT (used by WINE)
defflag opt_user_ldt.h XXXUSER_LDT
Home |
Main Index |
Thread Index |
Old Index