lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGXu5j+=tzD5Pk30PKOniDZXuNtt0UBmw8XJnRd_sAX5W7i5eA@mail.gmail.com>
Date:   Mon, 15 May 2017 10:51:40 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Baoquan He <bhe@...hat.com>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...nel.org>, m.mizuma@...fujitsu.com,
        LKML <linux-kernel@...r.kernel.org>,
        Dave Young <dyoung@...hat.com>, douly.fnst@...fujitsu.com,
        Dan Williams <dan.j.williams@...el.com>,
        "H. Peter Anvin" <hpa@...or.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH v5 0/3] Handle memmap and mem kernel options in boot stage kaslr

On Fri, May 12, 2017 at 10:46 PM, Baoquan He <bhe@...hat.com> wrote:
> People reported kernel panic occurs during system boots up with mem boot option.
> After checking code, several problems are found about memmap= and mem= in boot stage
> kaslr.
>
> *) In commit f28442497b5c ("x86/boot: Fix KASLR and memmap= collision"), only one memmap
>    entry is considered and only the last one if multiple memmap entries are specified.
>
> *) mem= and memmap=nn[KMG] are not considered yet. They are used to limit max address
>    of system. Kernel can't be randomized to be above the limit.
>
> *) kernel-parameters.txt doesn't tell the updated behaviour of memmap=.
>
> This patchset tries to solve above issues, and it sits on top of
> tip:x86/boot branch.

Thanks for keeping at this. I think they look good now!

Acked-by: Kees Cook <keescook@...omium.org>

-Kees

>
> Changelog
> v4->v5:
>   1. Change patch log according to Thomas's comment.
>
>   2. Put "Fall through" to the right place in parse_memmap() according
>   to Kees's suggestion.
>
> v3->v4:
>   1. Code improved patch 1/3 according to Kees's suggestion.
>
>   2. Add 'Fall through' in switch case of parse_memmap() which
>   is suggestd by Kees.
>
> v2->v3:
>   No functionality change in this round.
>   1. Use local static variable insted of global variable
>   mem_avoid_memmap_index in patch 1/3.
>
>   2. Fix a typo in patch 3/3.
>
> v1->v2:
>   1. The original patch 1/4 has been put in tip:x86/boot and no update,
>   so it's not included in this post.
>
>   2. Use patch log Ingo reorganized.
>
>   3. lib/ctype.c and lib/cmdline.c are needed for kaslr.c, while those
>   EXPORT_SYMBOL(x) contained caused failure of build on 32-bit allmodconfig:
>   ......
>   ld: -r and -shared may not be used together
>   scripts/Makefile.build:294: recipe for target 'arch/x86/boot/compressed/kaslr.o' failed
>   ......
>   Disabling the symbol exporting removes the build failure.
>
>   4. Use dynamic allocation to allocate memory to contain copied kernel cmdline
>   buffer, it's implemented in include/linux/decompress/mm.h.
>
> Baoquan He (3):
>   KASLR: Parse all memmap entries in command line
>   KASLR: Handle memory limit specified by memmap and mem option
>   Documentation/kernel-parameters.txt: Update 'memmap=' option
>     description
>
>  Documentation/admin-guide/kernel-parameters.txt |   9 ++
>  arch/x86/boot/compressed/cmdline.c              |   2 +-
>  arch/x86/boot/compressed/kaslr.c                | 190 ++++++++++++++++--------
>  arch/x86/boot/string.c                          |   8 +
>  4 files changed, 143 insertions(+), 66 deletions(-)
>
> --
> 2.5.5
>



-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ