lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140425094444.GA1896@darkstar.nay.redhat.com>
Date:	Fri, 25 Apr 2014 17:44:45 +0800
From:	Dave Young <dyoung@...hat.com>
To:	Kees Cook <keescook@...omium.org>
Cc:	"H. Peter Anvin" <hpa@...or.com>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: kaslr should avoid setup_data region

On 04/24/14 at 03:50pm, Kees Cook wrote:
> Ah, it sounds like boot_params.hdr.setup_data contains a series of
> e820-like entries chained together as a linked list? Which loaders
> currently populate that? Looks like EFI? Seems like
> arch/x86/boot/compressed/eboot.c works on setup_data at least.

AFAIK efi stub, kexec, also as HPA mentioned syslinux use it as well.

kexec use setup_data for passing e820 ext ranges, also use it for efi boot.

> 
> I won't be in a position to test EFI booting for a while. If someone
> else took this, that would make it get fixed much faster.

Because kaslr is randomizing the base, it's hard to produce the failure.

>From the code itself, maybe just iterate the setup_data regions and add them
to avoid list, not necessary to care about the setup_data type..

> 
> Do you have examples where this is actually causing failures?

As mentioned above I have no idea how to test. Probably need manually hack
the code to create a failure? 

> 
> -Kees
> 
> On Wed, Apr 23, 2014 at 7:50 PM, Dave Young <dyoung@...hat.com> wrote:
> > On 04/23/14 at 07:43pm, Kees Cook wrote:
> >> On Wed, Apr 23, 2014 at 7:35 PM, Dave Young <dyoung@...hat.com> wrote:
> >> > Hello Kees
> >> >
> >> > I'm worrying that setup_data regions could be overwitten by randomize
> >> > kernel base. Would you like to fix it in kaslr code?
> >> >
> >> > One problem is there could be a lot of setup_data regions but current
> >> > mem_avoid is an fixed array.
> >>
> >> Sure, can you give me some examples? Seems like it shouldn't be too
> >> hard to have the mem_avoid logic walk additional areas.
> >
> > Great, To walk through the list just like the function parse_setup_data in
> > arch/x86/kernel/setup.c
> >
> > Thanks
> > Dave
> 
> 
> 
> -- 
> Kees Cook
> Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ