lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 23 May 2008 13:14:42 -0700
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Sharyathi Nagesh <sharyath@...ibm.com>
Cc:	linux-kernel@...r.kernel.org, fastboot@...ts.osdl.org,
	akpm@...l.org, maneesh@...ltcfwd.linux.ibm.com, mohan@...ibm.com,
	sachinp@...ibm.com, mohd.omar@...ibm.com, IndhuDurai@...ibm.com,
	Kexec Mailing List <kexec@...ts.infradead.org>
Subject: Re: correction to compat_sys_kexec_load

Sharyathi Nagesh <sharyath@...ibm.com> writes:

> Hi
>   While testing with kexec tool, I observed some problems. When application
> (kexec) is 32 bit and kernel is 64 bit I observed that loading crash kernel
> works without any issues but unloading crash kernel fails.
> --------------------------------------------------------
> running strace over 'kexec -u -p'
> show the problem to be with sys_kexec_load() call
>
> sys_kexec_load(0, 0, 0, 0x1, 0)         = -1 EINVAL (Invalid argument)
> write(2, "kexec_load (0 segments) failed: "..., 49
> kexec_load (0 segments) failed: Invalid argument
> ) = 4

Yes.  This is a bug.  Although not in the kernel implementation.

> --------------------------------------------------------
>
> This is patch to fix the problem, I think kernel code had a typo where in:
> if((flags & KEXEC_ARCH_MASK) == KEXEC_ARCH) was used instead of
> if((flags & KEXEC_ARCH_MASK) != KEXEC_ARCH)

Nope.  We do the latter check after we have fixed up the arguments
and call sys_kexec_load.  The check really is meant to filter out
KEXEC_ARCH_DEFAULT.


> This patch takes care of that, I have tested the patch it worked fine for
> me. Please review the patch and let me know of your views. This patch is based
> on linux-2.6.26-rc3.

That patch as it exists is actively bad.  It removes the check for a really
nasty gotcha if someone passes in KEXEC_ARCH_DEFAULT in 32bit mode.  Code
expecting a 32bit handoff and getting a 64bit handoff will explode in fun
ways.  You happened to test the one corner case where this does not matter.

What we need to do is fix /sbin/kexec to pass in the correct
architecture of the kernel for unload as it does for load.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ