lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAE9FiQU7JsSudgY9UOX=HcHjF6yobsbqXd_vST9CW2FqyM_GFw@mail.gmail.com>
Date:	Tue, 16 Aug 2016 12:19:42 -0700
From:	Yinghai Lu <yinghai@...nel.org>
To:	Kees Cook <keescook@...omium.org>, Ingo Molnar <mingo@...nel.org>,
	Yinghai Lu <yinghai@...nel.org>,
	Ingo Molnar <mingo@...hat.com>, Baoquan He <bhe@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
	Vivek Goyal <vgoyal@...hat.com>,
	Andy Lutomirski <luto@...nel.org>,
	Lasse Collin <lasse.collin@...aani.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Dave Young <dyoung@...hat.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Simon Glass <sjg@...omium.org>
Subject: Re: [PATCH 2/6] x86/boot: Move compressed kernel to end of
 decompression buffer

On Mon, Aug 15, 2016 at 9:01 PM, Matt Mullins <mmullins@...x.us> wrote:
>
> This appears to have a negative effect on booting the Intel Edison platform, as
> it uses u-boot as its bootloader.  u-boot does not copy the init_size parameter
> when booting a bzImage: it copies a fixed-size setup_header [1], and its
> definition of setup_header doesn't include the parameters beyond setup_data [2].
>
> With a zero value for init_size, this calculates a %rsp value of 0x101ff9600.
> This causes the boot process to hard-stop at the immediately-following pushq, as
> this platform has no usable physical addresses above 4G.
>
> What are the options for getting this type of platform to function again?  For
> now, kexec from a working Linux system does seem to be a work-around, but there
> appears to be other x86 hardware using u-boot: the chromium.org folks seem to be
> maintaining the u-boot x86 tree.
>
> [1] http://git.denx.de/?p=u-boot.git;a=blob;f=arch/x86/lib/zimage.c;h=1b33c771391f49ffe82864ff1582bdfd07e5e97d;hb=HEAD#l156
> [2] http://git.denx.de/?p=u-boot.git;a=blob;f=arch/x86/include/asm/bootparam.h;h=140095117e5a2daef0a097c55f0ed10e08acc781;hb=HEAD#l24

Then should fix the u-boot about header_size assumption.
correct way should be like kexec one:

        /* only copy setup_header */
        setup_header_size = kernel[0x201] + 0x202 - 0x1f1;
        if (setup_header_size > 0x7f)
                setup_header_size = 0x7f;
        memcpy((unsigned char *)real_mode + 0x1f1, kernel + 0x1f1,
                 setup_header_size);

need get setup_header_size at first before copying.

setup_base->hdr = params->hdr;

===>
        unsigned long setup_header_size;

        setup_header_size = image[0x201] + 0x202 - 0x1f1;
        if (setup_header_size > 0x7f)
                setup_header_size = 0x7f;

        memcpy((unsigned char *)&setup_base->hdr, &params->hdr,
                 setup_header_size);

Thanks

Yinghai

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ