| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Aug 2013 16:33:52 +0800 From: joeyli <jlee@...e.com> To: Pavel Machek <pavel@....cz> Cc: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, linux-efi@...r.kernel.org, linux-pm@...r.kernel.org, linux-crypto@...r.kernel.org, opensuse-kernel@...nsuse.org, David Howells <dhowells@...hat.com>, "Rafael J. Wysocki" <rjw@...k.pl>, Matthew Garrett <mjg59@...f.ucam.org>, Len Brown <len.brown@...el.com>, Josh Boyer <jwboyer@...hat.com>, Vojtech Pavlik <vojtech@...e.cz>, Matt Fleming <matt.fleming@...el.com>, James Bottomley <james.bottomley@...senpartnership.com>, Greg KH <gregkh@...uxfoundation.org>, JKosina@...e.com, Rusty Russell <rusty@...tcorp.com.au>, Herbert Xu <herbert@...dor.apana.org.au>, "David S. Miller" <davem@...emloft.net>, "H. Peter Anvin" <hpa@...or.com>, Michal Marek <mmarek@...e.cz>, Gary Lin <GLin@...e.com>, Vivek Goyal <vgoyal@...hat.com> Subject: Re: [PATCH 13/18] Hibernate: Avoid S4 sign key data included in snapshot image 於 日,2013-08-25 於 18:39 +0200,Pavel Machek 提到: > On Thu 2013-08-22 19:01:52, Lee, Chun-Yi wrote: > > This patch add swsusp_page_is_sign_key() method to hibernate_key.c and > > check the page is S4 sign key data when collect saveable page in > > snapshot.c to avoid sign key data included in snapshot image. > > > > Reviewed-by: Jiri Kosina <jkosina@...e.cz> > > Signed-off-by: Lee, Chun-Yi <jlee@...e.com> > > --- > > kernel/power/snapshot.c | 6 ++++++ > > 1 files changed, 6 insertions(+), 0 deletions(-) > > > > diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c > > index 72e2911..9e4c94b 100644 > > --- a/kernel/power/snapshot.c > > +++ b/kernel/power/snapshot.c > > @@ -860,6 +860,9 @@ static struct page *saveable_highmem_page(struct zone *zone, unsigned long pfn) > > > > BUG_ON(!PageHighMem(page)); > > > > + if (swsusp_page_is_sign_key(page)) > > + return NULL; > > + > > if (swsusp_page_is_forbidden(page) || swsusp_page_is_free(page) || > > PageReserved(page)) > > return NULL; > > Just do set_page_forbidden() on your page? Before call swsusp_unset_page_forbidden(), we need make sure the create_basic_memory_bitmaps() function already called to initial forbidden_pages_map. That means need careful the timing, otherwise the page of private key will not register to forbidden pages map. So, I choice to refuse the page of private key when snapshot finding which page is saveable. It has clearer code and we don't need worry the future change of hibernate.c or user.c for when they call create_basic_memory_bitmaps() and when the code clear forbidden pages map. Thanks a lot! Joey Lee -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists