| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 May 2017 10:51:40 -0700
From: Kees Cook <keescook@...omium.org>
To: Baoquan He <bhe@...hat.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...nel.org>, m.mizuma@...fujitsu.com,
LKML <linux-kernel@...r.kernel.org>,
Dave Young <dyoung@...hat.com>, douly.fnst@...fujitsu.com,
Dan Williams <dan.j.williams@...el.com>,
"H. Peter Anvin" <hpa@...or.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH v5 0/3] Handle memmap and mem kernel options in boot stage kaslr
On Fri, May 12, 2017 at 10:46 PM, Baoquan He <bhe@...hat.com> wrote:
> People reported kernel panic occurs during system boots up with mem boot option.
> After checking code, several problems are found about memmap= and mem= in boot stage
> kaslr.
>
> *) In commit f28442497b5c ("x86/boot: Fix KASLR and memmap= collision"), only one memmap
> entry is considered and only the last one if multiple memmap entries are specified.
>
> *) mem= and memmap=nn[KMG] are not considered yet. They are used to limit max address
> of system. Kernel can't be randomized to be above the limit.
>
> *) kernel-parameters.txt doesn't tell the updated behaviour of memmap=.
>
> This patchset tries to solve above issues, and it sits on top of
> tip:x86/boot branch.
Thanks for keeping at this. I think they look good now!
Acked-by: Kees Cook <keescook@...omium.org>
-Kees
>
> Changelog
> v4->v5:
> 1. Change patch log according to Thomas's comment.
>
> 2. Put "Fall through" to the right place in parse_memmap() according
> to Kees's suggestion.
>
> v3->v4:
> 1. Code improved patch 1/3 according to Kees's suggestion.
>
> 2. Add 'Fall through' in switch case of parse_memmap() which
> is suggestd by Kees.
>
> v2->v3:
> No functionality change in this round.
> 1. Use local static variable insted of global variable
> mem_avoid_memmap_index in patch 1/3.
>
> 2. Fix a typo in patch 3/3.
>
> v1->v2:
> 1. The original patch 1/4 has been put in tip:x86/boot and no update,
> so it's not included in this post.
>
> 2. Use patch log Ingo reorganized.
>
> 3. lib/ctype.c and lib/cmdline.c are needed for kaslr.c, while those
> EXPORT_SYMBOL(x) contained caused failure of build on 32-bit allmodconfig:
> ......
> ld: -r and -shared may not be used together
> scripts/Makefile.build:294: recipe for target 'arch/x86/boot/compressed/kaslr.o' failed
> ......
> Disabling the symbol exporting removes the build failure.
>
> 4. Use dynamic allocation to allocate memory to contain copied kernel cmdline
> buffer, it's implemented in include/linux/decompress/mm.h.
>
> Baoquan He (3):
> KASLR: Parse all memmap entries in command line
> KASLR: Handle memory limit specified by memmap and mem option
> Documentation/kernel-parameters.txt: Update 'memmap=' option
> description
>
> Documentation/admin-guide/kernel-parameters.txt | 9 ++
> arch/x86/boot/compressed/cmdline.c | 2 +-
> arch/x86/boot/compressed/kaslr.c | 190 ++++++++++++++++--------
> arch/x86/boot/string.c | 8 +
> 4 files changed, 143 insertions(+), 66 deletions(-)
>
> --
> 2.5.5
>
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists