Re: [PATCH v8 1/4] x86/KASLR: Clarify identity map interface

From: Ingo Molnar
Date: Thu May 12 2016 - 04:31:40 EST



* Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> On Tue, May 10, 2016 at 11:24 PM, Ingo Molnar <mingo@xxxxxxxxxx> wrote:
> >
> > * Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> >> +/*
> >> + * Mapping information structure passed to kernel_ident_mapping_init().
> >> + * Due to relocation, pointers must be assigned at run time not build time.
> >> + */
> >> +static struct x86_mapping_info mapping_info = {
> >> + .pmd_flag = __PAGE_KERNEL_LARGE_EXEC,
> >> +};
> >
> >> +void initialize_identity_maps(void)
> >> {
> >> + /* Init mapping_info with run-time function/buffer pointers. */
> >> + mapping_info.alloc_pgt_page = alloc_pgt_page;
> >> + mapping_info.context = &pgt_data;
> >
> > Could you please outline the precise failure mode? What gets executed when, which
> > pointer gets relocated and which not, and exactly when does it pose a problem,
> > etc.
>
> It's the issue described at the top of misc.c:
>
> /*
> * WARNING!!
> * This code is compiled with -fPIC and it is relocated dynamically at
> * run time, but no relocation processing is performed. This means that
> * it is not safe to place pointers in static structures.

So I think this is still a bit confusing: what's the difference between 'relocated
dynamically at run time' and 'relocation processing'?

So 'to relocate code' usually means the whole deal: 'copy code and fix up'.

The problem here is that we copy the code to an address not known at build time,
but don't fix it up (because this is the fixup code), right?

Thanks,

Ingo