| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Oct 2007 11:19:56 +0530 From: Vivek Goyal <vgoyal@...ibm.com> To: Bernhard Walle <bwalle@...e.de> Cc: linux-kernel@...r.kernel.org, kexec@...ts.infradead.org, akpm@...ux-foundation.org, ak@...e.de Subject: Re: [patch 0/2] Protect crashkernel against BSS overlap On Mon, Oct 15, 2007 at 01:50:42PM +0200, Bernhard Walle wrote: > I observed the problem that even when you choose the default 16M as > crashkernel base address and the kernel is very big, the reserved area may > overlap with the kernel BSS. Currently, this is not checked at runtime, so the > kernel just crashes when you load the panic kernel in the sys_kexec call. > > This two patches check this at runtime. The patches are against current git, > but with the patches > > extended-crashkernel-command-line.patch > extended-crashkernel-command-line-update.patch > extended-crashkernel-command-line-comment-fix.patch > extended-crashkernel-command-line-improve-error-handling-in-parse_crashkernel_mem.patch > use-extended-crashkernel-command-line-on-i386.patch > use-extended-crashkernel-command-line-on-i386-update.patch > use-extended-crashkernel-command-line-on-x86_64.patch > use-extended-crashkernel-command-line-on-x86_64-update.patch > use-extended-crashkernel-command-line-on-ia64.patch > use-extended-crashkernel-command-line-on-ia64-fix.patch > use-extended-crashkernel-command-line-on-ia64-update.patch > use-extended-crashkernel-command-line-on-ppc64.patch > use-extended-crashkernel-command-line-on-ppc64-update.patch > use-extended-crashkernel-command-line-on-sh.patch > use-extended-crashkernel-command-line-on-sh-update.patch > > from -mm tree applied since they are marked to be merged in 2.6.24. > > I know that the implementation of both patches is only x86 (i386 and x86-64), > but if you agree that it's the way to go, I can add the BSS resource > and the check for all other architectures that apply. > Hi Bernhard, Shouldn't bootmem allocator have the functionality to flag an error if we try to reserve a memory which is already reserved? I see that bootmem allocator is currently printing a warning under CONFIG_DEBUG_BOOTMEM. Wouldn't it be better if we reserve the code, data and bss memory also using bootmem allocator and when somebody tries to reserve craskernel memory and if there is an overlap, boot memory allocator should scream? In second patch, you are checking for crash kernel reserved memory being beyond _end. That will make sure that there is no overlap with kernel text, data or bss. I am wondering then why do we need first patch and why should we register bss memory in the resources list. Second patch would make sure that there is no overlap with crash kernel memory and kexec will not place any segment outside crashkernel memory. Thanks Vivek - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists