Re: [PATCH v2] x86/mm/KASLR: EFI region is mistakenly included into KASLR VA space for randomization

From: Borislav Petkov
Date: Fri Mar 24 2017 - 05:47:26 EST

Next message: Dan Carpenter: "[PATCH v2] kprobes: cleanup _kprobe_addr()"
Previous message: gengdongjiu: "Re: [PATCH] arm/arm64: KVM: send SIGBUS error to qemu"
In reply to: Ard Biesheuvel: "Re: [PATCH v2] x86/mm/KASLR: EFI region is mistakenly included into KASLR VA space for randomization"
Next in thread: Ard Biesheuvel: "Re: [PATCH v2] x86/mm/KASLR: EFI region is mistakenly included into KASLR VA space for randomization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 24, 2017 at 09:42:40AM +0000, Ard Biesheuvel wrote:
> That is a different matter. If the regions are only mapped while
> runtime services invocations are in progress (as we do on ARM), I am
> not sure if it matters that much, given how rarely that occurs in
> normal use.

Question is, is there anything worth protecting with ASLR or we don't
care? I wanna say, we should randomize just in case, especially as it
shouldn't be that expensive to do.

Also, how does the whole EFI-in-the-kexec-ed-kernel work on ARM? Runtime
services get mapped on-demand in the kexec-ed kernel too?

--
Regards/Gruss,
Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Next message: Dan Carpenter: "[PATCH v2] kprobes: cleanup _kprobe_addr()"
Previous message: gengdongjiu: "Re: [PATCH] arm/arm64: KVM: send SIGBUS error to qemu"
In reply to: Ard Biesheuvel: "Re: [PATCH v2] x86/mm/KASLR: EFI region is mistakenly included into KASLR VA space for randomization"
Next in thread: Ard Biesheuvel: "Re: [PATCH v2] x86/mm/KASLR: EFI region is mistakenly included into KASLR VA space for randomization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]