| Jason Yan | c2d1a13 | 2019-09-20 17:45:46 +0800 | [diff] [blame] | 1 | .. SPDX-License-Identifier: GPL-2.0 |
| 2 | |
| 3 | =========================== |
| 4 | KASLR for Freescale BookE32 |
| 5 | =========================== |
| 6 | |
| 7 | The word KASLR stands for Kernel Address Space Layout Randomization. |
| 8 | |
| 9 | This document tries to explain the implementation of the KASLR for |
| 10 | Freescale BookE32. KASLR is a security feature that deters exploit |
| 11 | attempts relying on knowledge of the location of kernel internals. |
| 12 | |
| 13 | Since CONFIG_RELOCATABLE has already supported, what we need to do is |
| 14 | map or copy kernel to a proper place and relocate. Freescale Book-E |
| 15 | parts expect lowmem to be mapped by fixed TLB entries(TLB1). The TLB1 |
| 16 | entries are not suitable to map the kernel directly in a randomized |
| 17 | region, so we chose to copy the kernel to a proper place and restart to |
| 18 | relocate. |
| 19 | |
| 20 | Entropy is derived from the banner and timer base, which will change every |
| 21 | build and boot. This not so much safe so additionally the bootloader may |
| 22 | pass entropy via the /chosen/kaslr-seed node in device tree. |
| 23 | |
| 24 | We will use the first 512M of the low memory to randomize the kernel |
| 25 | image. The memory will be split in 64M zones. We will use the lower 8 |
| 26 | bit of the entropy to decide the index of the 64M zone. Then we chose a |
| 27 | 16K aligned offset inside the 64M zone to put the kernel in:: |
| 28 | |
| 29 | KERNELBASE |
| 30 | |
| 31 | |--> 64M <--| |
| 32 | | | |
| 33 | +---------------+ +----------------+---------------+ |
| 34 | | |....| |kernel| | | |
| 35 | +---------------+ +----------------+---------------+ |
| 36 | | | |
| 37 | |-----> offset <-----| |
| 38 | |
| 39 | kernstart_virt_addr |
| 40 | |
| 41 | To enable KASLR, set CONFIG_RANDOMIZE_BASE = y. If KASLR is enable and you |
| 42 | want to disable it at runtime, add "nokaslr" to the kernel cmdline. |