lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 13 May 2017 13:46:27 +0800 From: Baoquan He <bhe@...hat.com> To: tglx@...utronix.de, keescook@...omium.org, mingo@...nel.org, m.mizuma@...fujitsu.com Cc: linux-kernel@...r.kernel.org, dyoung@...hat.com, douly.fnst@...fujitsu.com, dan.j.williams@...el.com, hpa@...or.com, x86@...nel.org, Baoquan He <bhe@...hat.com> Subject: [PATCH v5 0/3] Handle memmap and mem kernel options in boot stage kaslr People reported kernel panic occurs during system boots up with mem boot option. After checking code, several problems are found about memmap= and mem= in boot stage kaslr. *) In commit f28442497b5c ("x86/boot: Fix KASLR and memmap= collision"), only one memmap entry is considered and only the last one if multiple memmap entries are specified. *) mem= and memmap=nn[KMG] are not considered yet. They are used to limit max address of system. Kernel can't be randomized to be above the limit. *) kernel-parameters.txt doesn't tell the updated behaviour of memmap=. This patchset tries to solve above issues, and it sits on top of tip:x86/boot branch. Changelog v4->v5: 1. Change patch log according to Thomas's comment. 2. Put "Fall through" to the right place in parse_memmap() according to Kees's suggestion. v3->v4: 1. Code improved patch 1/3 according to Kees's suggestion. 2. Add 'Fall through' in switch case of parse_memmap() which is suggestd by Kees. v2->v3: No functionality change in this round. 1. Use local static variable insted of global variable mem_avoid_memmap_index in patch 1/3. 2. Fix a typo in patch 3/3. v1->v2: 1. The original patch 1/4 has been put in tip:x86/boot and no update, so it's not included in this post. 2. Use patch log Ingo reorganized. 3. lib/ctype.c and lib/cmdline.c are needed for kaslr.c, while those EXPORT_SYMBOL(x) contained caused failure of build on 32-bit allmodconfig: ...... ld: -r and -shared may not be used together scripts/Makefile.build:294: recipe for target 'arch/x86/boot/compressed/kaslr.o' failed ...... Disabling the symbol exporting removes the build failure. 4. Use dynamic allocation to allocate memory to contain copied kernel cmdline buffer, it's implemented in include/linux/decompress/mm.h. Baoquan He (3): KASLR: Parse all memmap entries in command line KASLR: Handle memory limit specified by memmap and mem option Documentation/kernel-parameters.txt: Update 'memmap=' option description Documentation/admin-guide/kernel-parameters.txt | 9 ++ arch/x86/boot/compressed/cmdline.c | 2 +- arch/x86/boot/compressed/kaslr.c | 190 ++++++++++++++++-------- arch/x86/boot/string.c | 8 + 4 files changed, 143 insertions(+), 66 deletions(-) -- 2.5.5
Powered by blists - more mailing lists