| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 29 Apr 2007 12:10:13 -0600 From: ebiederm@...ssion.com (Eric W. Biederman) To: "H. Peter Anvin" <hpa@...or.com> Cc: Jeremy Fitzhardinge <jeremy@...p.org>, Jeff Garzik <jeff@...zik.org>, Andi Kleen <ak@...e.de>, patches@...-64.org, Vivek Goyal <vgoyal@...ibm.com>, linux-kernel@...r.kernel.org Subject: Re: [patches] [PATCH] [21/22] x86_64: Extend bzImage protocol for relocatable bzImage "H. Peter Anvin" <hpa@...or.com> writes: > Jeremy Fitzhardinge wrote: >> Eric W. Biederman wrote: >>> All it does is set a flag that tells a bootloader. >>> "Hey. I can run when loaded a non-default address, and this is what >>> you have to align me to." >>> >>> All relocation processing happens in the kernel itself. >>> >> >> Is it possible to decompress and extract the kernel image from the >> bzImage without executing it? Ie, is there enough information to find >> the compressed data part of the bzImage by inspection? >> >> At some point we'll need to change the Xen domain builder to handle >> bzImage files, and it would be best if we didn't need to run them. >> > > Probabilistically, you might be able to (search for a gzip header), but > it is *definitely* not guaranteed by protocol. I suspect the issue isn't so much skipping the decompression but either getting at the Xen ELF notes or bypassing privileged instructions. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists