Re: [PATCH v2] x86/mm/KASLR: EFI region is mistakenly included into KASLR VA space for randomization

[Ingo Molnar]

* Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:

> No. It is the firmware's EFI code, and the virtual translation applied by the OS 
> is made known to the firmware by means of a call into the runtime service 
> SetVirtualAddressMap(). This service can only be called once after each boot, 
> and so kexec kernels are forced to use the same VA mapping for runtime services 
> as the first kernel. This is the whole point of having a VA region reserved for 
> this, so that kexec kernels are guaranteed to be able to use the same VA 
> mapping.

Yes, but it's the kernel's EFI code that determines the area! So my suggestion:

> > Preserving virtual addresses for kexec is a red herring: the randomized offset 
> > could be passed to the kexec-ed kernel just fine.

Would solve the kexec problem, right?

I.e. the first kernel that boots randomizes the address range - and passes that 
offset off to any subsequent kernels.

Turning KASLR off actively degrades that randomization of the kernel virtual 
addresses.

Am I missing anything?

Thanks,

	Ingo