| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Aug 2016 21:01:48 -0700 From: Matt Mullins <mmullins@...x.us> To: Kees Cook <keescook@...omium.org> Cc: Ingo Molnar <mingo@...nel.org>, Yinghai Lu <yinghai@...nel.org>, Ingo Molnar <mingo@...hat.com>, Baoquan He <bhe@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>, Vivek Goyal <vgoyal@...hat.com>, Andy Lutomirski <luto@...nel.org>, lasse.collin@...aani.org, Andrew Morton <akpm@...ux-foundation.org>, Dave Young <dyoung@...hat.com>, LKML <linux-kernel@...r.kernel.org>, Simon Glass <sjg@...omium.org> Subject: Re: [PATCH 2/6] x86/boot: Move compressed kernel to end of decompression buffer [added Simon Glass to CC in case there's some input from u-boot] On Thu, Apr 28, 2016 at 05:09:04PM -0700, Kees Cook wrote: > From: Yinghai Lu <yinghai@...nel.org> > > This patch adds BP_init_size (which is the INIT_SIZE as passed in from > the boot_params) into asm-offsets.c to make it visible to the assembly > code. Then when moving the ZO, it calculates the starting position of > the copied ZO (via BP_init_size and the ZO run size) so that the VO__end > will be at the end of the decompression buffer. To make the position > calculation safe, the end of ZO is page aligned (and a comment is added > to the existing VO alignment for good measure). > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > index d43c30ed89ed..09cdc0c3ee7e 100644 > --- a/arch/x86/boot/compressed/head_64.S > +++ b/arch/x86/boot/compressed/head_64.S > @@ -338,7 +340,9 @@ preferred_addr: > 1: > > /* Target address to relocate to for decompression */ > - leaq z_extract_offset(%rbp), %rbx > + movl BP_init_size(%rsi), %ebx > + subl $_end, %ebx > + addq %rbp, %rbx > > /* Set up the stack */ > leaq boot_stack_end(%rbx), %rsp This appears to have a negative effect on booting the Intel Edison platform, as it uses u-boot as its bootloader. u-boot does not copy the init_size parameter when booting a bzImage: it copies a fixed-size setup_header [1], and its definition of setup_header doesn't include the parameters beyond setup_data [2]. With a zero value for init_size, this calculates a %rsp value of 0x101ff9600. This causes the boot process to hard-stop at the immediately-following pushq, as this platform has no usable physical addresses above 4G. What are the options for getting this type of platform to function again? For now, kexec from a working Linux system does seem to be a work-around, but there appears to be other x86 hardware using u-boot: the chromium.org folks seem to be maintaining the u-boot x86 tree. [1] http://git.denx.de/?p=u-boot.git;a=blob;f=arch/x86/lib/zimage.c;h=1b33c771391f49ffe82864ff1582bdfd07e5e97d;hb=HEAD#l156 [2] http://git.denx.de/?p=u-boot.git;a=blob;f=arch/x86/include/asm/bootparam.h;h=140095117e5a2daef0a097c55f0ed10e08acc781;hb=HEAD#l24
Powered by blists - more mailing lists