lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 21 Mar 2017 13:40:43 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Evgenii Shatokhin <eugene.shatokhin@...dex.ru>
Cc:     "H. Peter Anvin" <hpa@...or.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: 32-bit x86 system reboots automatically on resume from hibernate
 (ASLR issue?)

On Tue, Mar 21, 2017 at 6:54 AM, Evgenii Shatokhin
<eugene.shatokhin@...dex.ru> wrote:
> Hi,
>
> One of my x86 machines with a 32-bit Linux system (ROSA Linux in this case)
> automatically reboots when it tries to resume from hibernate. This happens
> shortly after "Image loading progress 100%" message is shown on the screen.
>
> No traces of the error are in the system log after reboot though.
>
> The problem is present at least in the mainline kernels 4.8 - 4.10. With
> earlier versions (I tried 4.4, 4.5, etc.), the system resumes OK.
>
> The bisection pointed to the following commit as the first "bad" one:
>
> commit 65fe935dd2387a4faf15314c73f5e6d31ef0217e
> Author: Kees Cook <keescook@...omium.org>
> Date:   Mon Jun 13 15:10:02 2016 -0700
>
>     x86/KASLR, x86/power: Remove x86 hibernation restrictions

Hrm, perhaps the 32-bit hibernation code still isn't KASLR-safe. If
you boot with nokaslr on the kernel command line, does the problem go
away?

> Hardware: https://linux-hardware.org/index.php?probe=e6a06c64c7
> Config used to build the kernel at rev. 65fe935:
> http://pastebin.com/AxEA6ahb
>
> If I understand it correctly, this commit just enabled ASLR by default
> regardless of whether hibernation support was present or not. Before this
> commit, ASLR was disabled on that system because hibernation was supported.
>
> To check if ASLR is really involved here, I rebuilt the kernel with
> CONFIG_RANDOMIZE_BASE unset - now the system resumes OK from hibernation, no
> auto reboots, no other visible problems so far.
>
> The problem does not show up in a 64-bit Linux system installed on the same
> machine. Only the 32-bit system is affected.

(Why would you want to run 32-bit kernels on a 64-bit system?)

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists