From 2b0e86cc5de6dabadc2d64cefa429fc227c8a756 Mon Sep 17 00:00:00 2001 From: Jason Yan Date: Fri, 20 Sep 2019 17:45:40 +0800 Subject: powerpc/fsl_booke/32: implement KASLR infrastructure This patch add support to boot kernel from places other than KERNELBASE. Since CONFIG_RELOCATABLE has already supported, what we need to do is map or copy kernel to a proper place and relocate. Freescale Book-E parts expect lowmem to be mapped by fixed TLB entries(TLB1). The TLB1 entries are not suitable to map the kernel directly in a randomized region, so we chose to copy the kernel to a proper place and restart to relocate. The offset of the kernel was not randomized yet(a fixed 64M is set). We will randomize it in the next patch. Signed-off-by: Jason Yan Tested-by: Diana Craciun Reviewed-by: Christophe Leroy Signed-off-by: Scott Wood [mpe: Use PTRRELOC() in early_init()] Signed-off-by: Michael Ellerman --- arch/powerpc/Kconfig | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'arch/powerpc/Kconfig') diff --git a/arch/powerpc/Kconfig b/arch/powerpc/Kconfig index 3e56c9c2f16e..4c4a0fcd1674 100644 --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -551,6 +551,17 @@ config RELOCATABLE setting can still be useful to bootwrappers that need to know the load address of the kernel (eg. u-boot/mkimage). +config RANDOMIZE_BASE + bool "Randomize the address of the kernel image" + depends on (FSL_BOOKE && FLATMEM && PPC32) + depends on RELOCATABLE + help + Randomizes the virtual address at which the kernel image is + loaded, as a security feature that deters exploit attempts + relying on knowledge of the location of kernel internals. + + If unsure, say Y. + config RELOCATABLE_TEST bool "Test relocatable kernel" depends on (PPC64 && RELOCATABLE) -- cgit v1.2.3