Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 24f2e027 authored by Kees Cook's avatar Kees Cook Committed by Rafael J. Wysocki
Browse files

x86, kaslr: boot-time selectable with hibernation 



Changes kASLR from being compile-time selectable (blocked by
CONFIG_HIBERNATION), to being boot-time selectable (with hibernation
available by default) via the "kaslr" kernel command line.

Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Acked-by: default avatarPavel Machek <pavel@ucw.cz>
Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
parent a6e15a39

Documentation/kernel-parameters.txt

+7 −4
Original line number Diff line number Diff line
@@ -1474,6 +1474,13 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
	js=		[HW,JOY] Analog joystick

			See Documentation/input/joystick.txt.



	kaslr/nokaslr	[X86]

			Enable/disable kernel and module base offset ASLR

			(Address Space Layout Randomization) if built into

			the kernel. When CONFIG_HIBERNATION is selected,

			kASLR is disabled by default. When kASLR is enabled,

			hibernation will be disabled.



	keepinitrd	[HW,ARM]



	kernelcore=nn[KMG]	[KNL,X86,IA-64,PPC] This parameter
@@ -2110,10 +2117,6 @@ bytes respectively. Such letter suffixes can also be entirely omitted. 
	noapic		[SMP,APIC] Tells the kernel to not make use of any

			IOAPICs that may be present in the system.



	nokaslr		[X86]

			Disable kernel and module base offset ASLR (Address

			Space Layout Randomization) if built into the kernel.



	noautogroup	Disable scheduler automatic task group creation.



	nobats		[PPC] Do not use BATs for mapping kernel lowmem

arch/x86/Kconfig

+0 −1
Original line number Diff line number Diff line
@@ -1672,7 +1672,6 @@ config RELOCATABLE 
config RANDOMIZE_BASE

	bool "Randomize the address of the kernel image"

	depends on RELOCATABLE

	depends on !HIBERNATION

	default n

	---help---

	   Randomizes the physical and virtual address at which the

arch/x86/boot/compressed/aslr.c

+8 −1
Original line number Diff line number Diff line
@@ -289,10 +289,17 @@ unsigned char *choose_kernel_location(unsigned char *input, 
	unsigned long choice = (unsigned long)output;

	unsigned long random;



#ifdef CONFIG_HIBERNATION

	if (!cmdline_find_option_bool("kaslr")) {

		debug_putstr("KASLR disabled by default...\n");

		goto out;

	}

#else

	if (cmdline_find_option_bool("nokaslr")) {

		debug_putstr("KASLR disabled...\n");

		debug_putstr("KASLR disabled by cmdline...\n");

		goto out;

	}

#endif



	/* Record the various known unsafe memory ranges. */

	mem_avoid_init((unsigned long)input, input_size,

kernel/power/hibernate.c

+6 −0
Original line number Diff line number Diff line
@@ -1153,6 +1153,11 @@ static int __init nohibernate_setup(char *str) 
	return 1;

}



static int __init kaslr_nohibernate_setup(char *str)

{

	return nohibernate_setup(str);

}



__setup("noresume", noresume_setup);

__setup("resume_offset=", resume_offset_setup);

__setup("resume=", resume_setup);
@@ -1160,3 +1165,4 @@ __setup("hibernate=", hibernate_setup); 
__setup("resumewait", resumewait_setup);

__setup("resumedelay=", resumedelay_setup);

__setup("nohibernate", nohibernate_setup);

__setup("kaslr", kaslr_nohibernate_setup);