lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1401800822-27425-1-git-send-email-vgoyal@redhat.com>
Date:	Tue,  3 Jun 2014 09:06:49 -0400
From:	Vivek Goyal <vgoyal@...hat.com>
To:	linux-kernel@...r.kernel.org, kexec@...ts.infradead.org
Cc:	ebiederm@...ssion.com, hpa@...or.com, mjg59@...f.ucam.org,
	greg@...ah.com, bp@...en8.de, jkosina@...e.cz, dyoung@...hat.com,
	chaowang@...hat.com, bhe@...hat.com, akpm@...ux-foundation.org,
	Vivek Goyal <vgoyal@...hat.com>
Subject: [RFC PATCH 00/13][V3] kexec: A new system call to allow in kernel loading

Hi,

This is V3 of the patchset. Previous versions were posted here.

V1: https://lkml.org/lkml/2013/11/20/540
V2: https://lkml.org/lkml/2014/1/27/331

Changes since v2:

- Took care of most of the review comments from V2.
- Added support for kexec/kdump on EFI systems.
- Dropped support for loading ELF vmlinux.

This patch series is generated on top of 3.15.0-rc8. It also requires a
two patch cleanup series which is sitting in -tip tree here.

https://git.kernel.org/cgit/linux/kernel/git/tip/tip.git/log/?h=x86/boot

This patch series does not do kernel signature verification yet. I plan
to post another patch series for that. Now bzImage is already signed
with PKCS7 signature I plan to parse and verify those signatures.

Primary goal of this patchset is to prepare groundwork so that kernel
image can be signed and signatures be verified during kexec load. This
should help with two things.

- It should allow kexec/kdump on secureboot enabled machines.

- In general it can help even without secureboot. By being able to verify
  kernel image signature in kexec, it should help with avoiding module
  signing restrictions. Matthew Garret showed how to boot into a custom
  kernel, modify first kernel's memory and then jump back to old kernel and
  bypass any policy one wants to.

Any feedback is welcome.

Thanks
Vivek

Vivek Goyal (13):
  bin2c: Move bin2c in scripts/basic
  kernel: Build bin2c based on config option CONFIG_BUILD_BIN2C
  kexec: Move segment verification code in a separate function
  resource: Provide new functions to walk through resources
  kexec: Make kexec_segment user buffer pointer a union
  kexec: New syscall kexec_file_load() declaration
  kexec: Implementation of new syscall kexec_file_load
  purgatory/sha256: Provide implementation of sha256 in purgaotory
    context
  purgatory: Core purgatory functionality
  kexec: Load and Relocate purgatory at kernel load time
  kexec-bzImage: Support for loading bzImage using 64bit entry
  kexec: Support for Kexec on panic using new system call
  kexec: Support kexec/kdump on EFI systems

 arch/x86/Kbuild                      |    1 +
 arch/x86/Kconfig                     |    3 +
 arch/x86/Makefile                    |    6 +
 arch/x86/include/asm/crash.h         |    9 +
 arch/x86/include/asm/kexec-bzimage.h |   11 +
 arch/x86/include/asm/kexec.h         |   53 ++
 arch/x86/kernel/Makefile             |    3 +-
 arch/x86/kernel/crash.c              |  581 ++++++++++++++++
 arch/x86/kernel/kexec-bzimage.c      |  314 +++++++++
 arch/x86/kernel/machine_kexec.c      |  232 +++++++
 arch/x86/kernel/machine_kexec_64.c   |  177 +++++
 arch/x86/purgatory/Makefile          |   35 +
 arch/x86/purgatory/entry64.S         |  101 +++
 arch/x86/purgatory/purgatory.c       |   71 ++
 arch/x86/purgatory/setup-x86_32.S    |   17 +
 arch/x86/purgatory/setup-x86_64.S    |   58 ++
 arch/x86/purgatory/sha256.c          |  284 ++++++++
 arch/x86/purgatory/sha256.h          |   22 +
 arch/x86/purgatory/stack.S           |   19 +
 arch/x86/purgatory/string.c          |   13 +
 arch/x86/syscalls/syscall_64.tbl     |    1 +
 drivers/firmware/efi/runtime-map.c   |   21 +
 include/linux/efi.h                  |   19 +
 include/linux/ioport.h               |    6 +
 include/linux/kexec.h                |   97 ++-
 include/linux/syscalls.h             |    3 +
 include/uapi/linux/kexec.h           |    4 +
 init/Kconfig                         |    5 +
 kernel/Makefile                      |    2 +-
 kernel/kexec.c                       | 1239 +++++++++++++++++++++++++++++++---
 kernel/resource.c                    |  108 ++-
 kernel/sys_ni.c                      |    1 +
 scripts/Makefile                     |    1 -
 scripts/basic/Makefile               |    1 +
 scripts/basic/bin2c.c                |   35 +
 scripts/bin2c.c                      |   36 -
 36 files changed, 3452 insertions(+), 137 deletions(-)
 create mode 100644 arch/x86/include/asm/crash.h
 create mode 100644 arch/x86/include/asm/kexec-bzimage.h
 create mode 100644 arch/x86/kernel/kexec-bzimage.c
 create mode 100644 arch/x86/kernel/machine_kexec.c
 create mode 100644 arch/x86/purgatory/Makefile
 create mode 100644 arch/x86/purgatory/entry64.S
 create mode 100644 arch/x86/purgatory/purgatory.c
 create mode 100644 arch/x86/purgatory/setup-x86_32.S
 create mode 100644 arch/x86/purgatory/setup-x86_64.S
 create mode 100644 arch/x86/purgatory/sha256.c
 create mode 100644 arch/x86/purgatory/sha256.h
 create mode 100644 arch/x86/purgatory/stack.S
 create mode 100644 arch/x86/purgatory/string.c
 create mode 100644 scripts/basic/bin2c.c
 delete mode 100644 scripts/bin2c.c

-- 
1.9.0

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ