Re: [PATCH] hibernation: on 32-bit x86, disabled in favor of KASLR

From: Evgenii Shatokhin
Date: Sat Mar 25 2017 - 12:36:59 EST

Next message: Jonathan Cameron: "Re: [PATCH] iio: bmg160: reset chip when probing"
Previous message: Stephan Müller: "Re: [PATCH v3 0/3] crypto: hw_random - Add new Exynos RNG driver"
Next in thread: Kees Cook: "Re: [PATCH] hibernation: on 32-bit x86, disabled in favor of KASLR"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 23.03.2017 18:30, Rafael J. Wysocki wrote:

On Thu, Mar 23, 2017 at 2:23 PM, Evgenii Shatokhin
<eugene.shatokhin@xxxxxxxxx> wrote:

On 23.03.2017 03:27, Kees Cook wrote:

This is a modified revert of commit 65fe935dd238 ("x86/KASLR, x86/power:
Remove x86 hibernation restrictions"), since it appears that 32-bit
hibernation still can't support KASLR. 64-bit is fine. Since people have
been running with KASLR by default on 32-bit since v4.8, this disables
hibernation (with a warning). Booting with "nokaslr" will disable KASLR
and enable hibernation.

Reported-by: Evgenii Shatokhin <eugene.shatokhin@xxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx # v4.8+

The patch does not work as intended on my system, unfortunately.

I tried the mainline kernel v4.11-rc3 and added this patch. With "nokaslr"
in the kernel command line, the system fails to hibernate. It complains this
way in the log:

<...>
kernel: PM: writing image.
kernel: PM: Cannot find swap device, try swapon -a.
kernel: PM: Cannot get swap writer
kernel: PM: Basic memory bitmaps freed
kernel: Restarting tasks ... done.
systemd[1]: Time has been changed
systemd[3948]: Time has been changed
systemd[14825]: Time has been changed
systemd[1]: systemd-hibernate.service: main process exited, code=exited,
status=1/FAILURE
systemd[1]: Failed to start Hibernate.
<...>

The swap device (swap file, actually) is available, however:
-------------
# swapon -s
Filename Type Size Used Priority
/swap file 6297596 0 -1
-------------

I built the same kernel without this patch then, added "nokaslr" in the
kernel command line again, and the system hibernates and resumes fine.

With the patch applied and "nokaslr" in the kernel command line, what
shows up when you do

$ cat /sys/power/state

?

freeze standby mem disk

However, I think now that the patch itself is OK.

I experimented with the patched kernel a bit more and found that hibernate does work when I place "nokaslr" before "resume=xxx resume_offset=xxx" in the kernel command line and does not work when I place "nokaslr" after these options. So I guess there is an issue with parsing of the kernel command line somewhere (dracut scripts? systemd? I do not know). If resume= or resume_offset= were corrupted, that might have been the reason why the system could not find the swap file when hibernating.

Anyway, that issue is clearly unrelated to this patch and the patch itself works OK for me.

Thanks a lot!

Tested-by: Evgenii Shatokhin <eugene.shatokhin@xxxxxxxxx>

Regards,
Evgenii

Next message: Jonathan Cameron: "Re: [PATCH] iio: bmg160: reset chip when probing"
Previous message: Stephan Müller: "Re: [PATCH v3 0/3] crypto: hw_random - Add new Exynos RNG driver"
Next in thread: Kees Cook: "Re: [PATCH] hibernation: on 32-bit x86, disabled in favor of KASLR"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]