lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20131121191653.GM16208@redhat.com>
Date:	Thu, 21 Nov 2013 14:16:53 -0500
From:	Vivek Goyal <vgoyal@...hat.com>
To:	Greg KH <greg@...ah.com>
Cc:	linux-kernel@...r.kernel.org, kexec@...ts.infradead.org,
	ebiederm@...ssion.com, hpa@...or.com, mjg59@...f.ucam.org
Subject: Re: [PATCH 4/6] kexec: A new system call, kexec_file_load, for in
 kernel kexec

On Thu, Nov 21, 2013 at 11:03:50AM -0800, Greg KH wrote:
> On Wed, Nov 20, 2013 at 12:50:49PM -0500, Vivek Goyal wrote:
> > This patch implements the in kernel kexec functionality. It implements a
> > new system call kexec_file_load. I think parameter list of this system
> > call will change as I have not done the kernel image signature handling
> > yet. I have been told that I might have to pass the detached signature
> > and size as part of system call.
> 
> This could be done as we do with modules, and just tack the signature
> onto the end of the 'blob' of the image.  That way we could use the same
> tool to sign the binary as we do for modules, and save the need for
> extra parameters in the syscall.

I was hoping to do that. Just that we will have to somehow resolve the
conflict with PE/COFF authenticode signature of kernel.

> 
> > +/*
> > + * Free up tempory buffers allocated which are not needed after image has
> > + * been loaded.
> > + *
> > + * Free up memory used by kernel, initrd, and comand line. This is temporary
> > + * memory allocation which is not needed any more after these buffers have
> > + * been loaded into separate segments and have been copied elsewhere
> > + */
> > +static void kimage_file_post_load_cleanup(struct kimage *image)
> > +{
> > +	if (image->kernel_buf) {
> > +		vfree(image->kernel_buf);
> > +		image->kernel_buf = NULL;
> > +	}
> > +
> > +	if (image->initrd_buf) {
> > +		vfree(image->initrd_buf);
> > +		image->initrd_buf = NULL;
> > +	}
> > +
> > +	if (image->cmdline_buf) {
> > +		vfree(image->cmdline_buf);
> > +		image->cmdline_buf = NULL;
> > +	}
> 
> No need to check the buffer before calling vfree(), it can handle NULL
> just fine.

Ok, I will remove this extra non-null check.

Thanks
Vivek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ