lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 07 Aug 2008 17:05:26 +0800
From:	Huang Ying <ying.huang@...el.com>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Pavel Machek <pavel@....cz>, nigel@...el.suspend2.net,
	"Rafael J. Wysocki" <rjw@...k.pl>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Vivek Goyal <vgoyal@...hat.com>, mingo@...e.hu,
	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org,
	Kexec Mailing List <kexec@...ts.infradead.org>
Subject: [PATCH 2/6] kexec jump: check code size in control page

Kexec/Kexec-jump requires code size in control page is less than
PAGE_SIZE/2. This patch adds runtime checking for this.

Signed-off-by: Huang Ying <ying.huang@...el.com>

---
 arch/x86/kernel/machine_kexec_32.c   |    4 ++++
 arch/x86/kernel/relocate_kernel_32.S |    3 +++
 include/asm-x86/kexec.h              |    1 +
 3 files changed, 8 insertions(+)

--- a/arch/x86/kernel/machine_kexec_32.c
+++ b/arch/x86/kernel/machine_kexec_32.c
@@ -92,6 +92,10 @@ int machine_kexec_prepare(struct kimage 
 {
 	if (nx_enabled)
 		set_pages_x(image->control_code_page, 1);
+
+	BUG_ON((unsigned long)kexec_control_page_code_end - \
+	       (unsigned long)relocate_kernel >= PAGE_SIZE/2);
+
 	return 0;
 }
 
--- a/arch/x86/kernel/relocate_kernel_32.S
+++ b/arch/x86/kernel/relocate_kernel_32.S
@@ -376,3 +376,6 @@ swap_pages:
 	popl	%ebx
 	popl	%ebp
 	ret
+
+	.globl kexec_control_page_code_end
+kexec_control_page_code_end:
--- a/include/asm-x86/kexec.h
+++ b/include/asm-x86/kexec.h
@@ -159,6 +159,7 @@ relocate_kernel(unsigned long indirectio
 		unsigned long start_address,
 		unsigned int has_pae,
 		unsigned int preserve_context);
+void kexec_control_page_code_end(void);
 #else
 NORET_TYPE void
 relocate_kernel(unsigned long indirection_page,


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ