• Borislav Petkov's avatar
    x86/mm/KASLR: Propagate KASLR status to kernel proper · 78cac48c
    Borislav Petkov authored
      e2b32e67 ("x86, kaslr: randomize module base load address")
    made module base address randomization unconditional and didn't regard
    disabled KKASLR due to CONFIG_HIBERNATION and command line option
    "nokaslr". For more info see (now reverted) commit:
      f47233c2 ("x86/mm/ASLR: Propagate base load address calculation")
    In order to propagate KASLR status to kernel proper, we need a single bit
    in boot_params.hdr.loadflags and we've chosen bit 1 thus leaving the
    top-down allocated bits for bits supposed to be used by the bootloader.
    Originally-From: Jiri Kosina <jkosina@suse.cz>
    Suggested-by: default avatarH. Peter Anvin <hpa@zytor.com>
    Signed-off-by: default avatarBorislav Petkov <bp@suse.de>
    Cc: Kees Cook <keescook@chromium.org>
    Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
boot.txt 38.7 KB