| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 03 Jun 2012 02:41:32 -0600 From: ebiederm@...ssion.com (Eric W. Biederman) To: "H. Peter Anvin" <hpa@...or.com> Cc: hacklu <embedway.linux@...il.com>, linux-kernel@...r.kernel.org Subject: Re: why the decompressed procedure move kernel from address 0x100000(1M) to 0x1000000(16M) +x "H. Peter Anvin" <hpa@...or.com> writes: > On 06/02/2012 04:48 PM, Eric W. Biederman wrote: > On 06/02/2012 04:48 PM, Eric W. Biederman wrote: >> hacklu <embedway.linux@...il.com> writes: >> >>> hi all, >>> recently, I got some puzzle when I read source code of the system boot. I need >>> some help. >>> >>> at the end of src/arch/x86/boot/header.S, kernel jump to 0x100000(where is the >>> src/arch/x86/boot/compressed/head_32.S). >>> in __this__ head_32.S, I found the kernel is move to 0x1000000(mostly is to >>> here) +x. the x distance is used for decompressed buf. must leave some distance >>> for decompressing without overlap. >>> >>> after the move, kernel is decompressed at 0x1000000(16m). and jump to it. >>> >>> so why not decompressed kernel at 0x100000(1M) to 0x1000000(16m) directly >>> without moving? >>> >>> is the move necessary? >> >> The move is nececcessary if we are doing the decompression in place. >> Without a move it is hard to tell if there are going to be overlapping >> address problems. The move is cheap so there is no apparent reason >> to optimize it away. >> > > Well, right now we do two copies (one before decompression, and one > after while parsing the ELF payload.) It would be nice to get rid of at > least one but preferably both (when possible.) > > Boot time does matter, although this isn't a huge amount of time, it is > something that can be shaved off relatively cheaply. Interesting. I have been out of the loop for a bit and had not noticed the ELF payload change. It is really sad to say that I have missed a feature like that for 4 years. Time wise copying the kernel probably takes a millisecond or less on modern hardware, so I don't think it is a particularly large concern. Looking at parse_elf I see two misfeatures. - parse_elf is short some memsets for the ELF sections that are larger in memory than they are in the file data. - We don't return the entry point of the elf header and instead hard code the beginning of the file data. The oddest thing about parse_elf is what makes the copies parse_elf performs safe. It just happens to be the case that because of the way ld lays out the file those copies turn into a single memmove that just strips off the elf header and program header. So it should be trivial to and perhaps even safer to decompress the program segments to their final destination. Looking at the way the code is evolving, I suspect we should just give up overlapping compressed data and uncompressed data. The elf header logic in theory allows the code in a more arbitrary order, and it doesn't look like anyone has done a worst case space analysis for anything except gzip. The code works most of the time today but I do wonder if it is safe. Additionally at the rate we are adding compression algorithms I don't believe that all of the compression alorigthms use the gzip footer that reports the uncompressed length of the file. So I suspect it would be wise to get z_output_len from simply examining the uncompressed file that we feed to compression programs, aka vmlinux.bin.all-y Perhaps I am wrong but I have the strongest feeling we are playing with fire and getting very lucky right now. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists