On 09/30/2014 12:08 AM, Baoquan He wrote: > Function handle_relocations() is used to do the relocations handling > for i686 and kaslr of x86_64. For 32 bit the relocation handling is > mandotary to perform. For x86_64 only when kaslr is enabled and a > random kernel location is chosen successfully the relocation handling > shound be done. However previous implementation only compared the > kernel loading address and LOAD_PHYSICAL_ADDR where kernel were > compiled to run at. This would casue system to be exceptional in > few conditions like when delta between load address and compiled > address is bigger than what 32bit signed relocations can handle. > Also there will be limitations that delta can't be too big otherwise > kernel text virtual addresses will overflow in module address space. > > So in this patch check if kernel location is changed after > choose_kernel_location() when x86_64. If and only if in x86_64 > and kernel location is changed, we say a kaslr random kernel > location is chosen, then the relocation handling is needed. > > Signed-off-by: Baoquan He <bhe at redhat.com> > Acked-by: Vivek Goyal <vgoyal at redhat.com> > Acked-by: Kees Cook <keescook at chromium.org> > Tested-by: Thomas D. <whissi at whissi.de> > Cc: stable at vger.kernel.org Could you clarify under what conditions we may end up with 32-bit signed overflow, and yet have a functional kernel? -hpa
