Re: [PATCH v2] kaslr: allow kASLR to be default over Hibernation

From: Pavel Machek
Date: Thu Apr 14 2016 - 16:01:11 EST

Next message: Dan Carpenter: "Re: [patch] firmware: qemu_fw_cfg.c: potential unintialized variable"
Previous message: Josh Poimboeuf: "Re: [PATCH] x86/kvm: Add stack frame dependency to fastop() inline asm"
In reply to: Kees Cook: "[PATCH v2] kaslr: allow kASLR to be default over Hibernation"
Next in thread: Kees Cook: "Re: [PATCH v2] kaslr: allow kASLR to be default over Hibernation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> Since kASLR and Hibernation can not currently coexist at runtime
> on x86, the default behavior was to disable kASLR by default when
> CONFIG_HIBERNATION was present (to retain original behavior).
>
> The behavior of kASLR on arm64 (and soon MIPS) is to be enabled by
> default when selected at build time. Since arm64 Hibernation does not
> conflict with kASLR, this fixes the hibernation argument parsing to be
> x86-specific. Additionally, since end users want to be able to select
> kASLR on x86 by default at build time, create CONFIG_RANDOMIZE_BASE_ON
> that is present only on x86.
>
> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>

I believe this is bad idea. arm64 shows that kaslr and hibernation can
coexist, and hibernation is still useful when your battery runs out.

Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Next message: Dan Carpenter: "Re: [patch] firmware: qemu_fw_cfg.c: potential unintialized variable"
Previous message: Josh Poimboeuf: "Re: [PATCH] x86/kvm: Add stack frame dependency to fastop() inline asm"
In reply to: Kees Cook: "[PATCH v2] kaslr: allow kASLR to be default over Hibernation"
Next in thread: Kees Cook: "Re: [PATCH v2] kaslr: allow kASLR to be default over Hibernation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]