| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 9 Jul 2017 07:02:05 -0700
From: Kees Cook <keescook@...omium.org>
To: Baoquan He <bhe@...hat.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
"x86@...nel.org" <x86@...nel.org>,
Matt Fleming <matt@...eblueprint.co.uk>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>, izumi.taku@...fujitsu.com,
fanc.fnst@...fujitsu.com, Thomas Garnier <thgarnie@...gle.com>
Subject: Re: [PATCH v4 2/4] x86/boot/KASLR: Switch to pass struct mem_vector
to process_e820_entry()
On Sun, Jul 9, 2017 at 5:37 AM, Baoquan He <bhe@...hat.com> wrote:
> This makes process_e820_entry() be able to process any kind of memory
> region.
>
> Signed-off-by: Baoquan He <bhe@...hat.com>
Acked-by: Kees Cook <keescook@...omium.org>
-Kees
> ---
> arch/x86/boot/compressed/kaslr.c | 25 ++++++++++++++-----------
> 1 file changed, 14 insertions(+), 11 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
> index 1485f48aeda1..36ff9f729c43 100644
> --- a/arch/x86/boot/compressed/kaslr.c
> +++ b/arch/x86/boot/compressed/kaslr.c
> @@ -479,31 +479,31 @@ static unsigned long slots_fetch_random(void)
> return 0;
> }
>
> -static void process_e820_entry(struct boot_e820_entry *entry,
> +static void process_e820_entry(struct mem_vector *entry,
> unsigned long minimum,
> unsigned long image_size)
> {
> struct mem_vector region, overlap;
> struct slot_area slot_area;
> unsigned long start_orig, end;
> - struct boot_e820_entry cur_entry;
> + struct mem_vector cur_entry;
>
> /* On 32-bit, ignore entries entirely above our maximum. */
> - if (IS_ENABLED(CONFIG_X86_32) && entry->addr >= KERNEL_IMAGE_SIZE)
> + if (IS_ENABLED(CONFIG_X86_32) && entry->start >= KERNEL_IMAGE_SIZE)
> return;
>
> /* Ignore entries entirely below our minimum. */
> - if (entry->addr + entry->size < minimum)
> + if (entry->start + entry->size < minimum)
> return;
>
> /* Ignore entries above memory limit */
> - end = min(entry->size + entry->addr, mem_limit);
> - if (entry->addr >= end)
> + end = min(entry->size + entry->start, mem_limit);
> + if (entry->start >= end)
> return;
> - cur_entry.addr = entry->addr;
> - cur_entry.size = end - entry->addr;
> + cur_entry.start = entry->start;
> + cur_entry.size = end - entry->start;
>
> - region.start = cur_entry.addr;
> + region.start = cur_entry.start;
> region.size = cur_entry.size;
>
> /* Give up if slot area array is full. */
> @@ -518,7 +518,7 @@ static void process_e820_entry(struct boot_e820_entry *entry,
> region.start = ALIGN(region.start, CONFIG_PHYSICAL_ALIGN);
>
> /* Did we raise the address above this e820 region? */
> - if (region.start > cur_entry.addr + cur_entry.size)
> + if (region.start > cur_entry.start + cur_entry.size)
> return;
>
> /* Reduce size by any delta from the original address. */
> @@ -562,6 +562,7 @@ static void process_e820_entries(unsigned long minimum,
> unsigned long image_size)
> {
> int i;
> + struct mem_vector region;
> struct boot_e820_entry *entry;
>
> /* Verify potential e820 positions, appending to slots list. */
> @@ -570,7 +571,9 @@ static void process_e820_entries(unsigned long minimum,
> /* Skip non-RAM entries. */
> if (entry->type != E820_TYPE_RAM)
> continue;
> - process_e820_entry(entry, minimum, image_size);
> + region.start = entry->addr;
> + region.size = entry->size;
> + process_e820_entry(®ion, minimum, image_size);
> if (slot_area_index == MAX_SLOT_AREA) {
> debug_putstr("Aborted e820 scan (slot_areas full)!\n");
> break;
> --
> 2.5.5
>
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists