lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170804104333.GB29975@x1>
Date:   Fri, 4 Aug 2017 18:43:33 +0800
From:   Baoquan He <bhe@...hat.com>
To:     Chao Fan <fanc.fnst@...fujitsu.com>
Cc:     linux-kernel@...r.kernel.org, mingo@...nel.org,
        matt@...eblueprint.co.uk, keescook@...omium.org,
        tglx@...utronix.de, hpa@...or.com, izumi.taku@...fujitsu.com,
        thgarnie@...gle.com, n-horiguchi@...jp.nec.com,
        ard.biesheuvel@...aro.org, linux-efi@...r.kernel.org,
        x86@...nel.org
Subject: Re: [PATCH v8 0/2] x86/boot/KASLR: Restrict kernel to be randomized
 in mirror regions

On 08/04/17 at 05:59pm, Chao Fan wrote:
> On Fri, Aug 04, 2017 at 05:22:41PM +0800, Baoquan He wrote:
> >On 08/04/17 at 03:52pm, Baoquan He wrote:
> >> Sorry, NACK this series, there's error to hang system. Before I just
> >> halt system intentionally with error() to check the efi memmap printing,
> >> didn't notice this. Checking the cause.
> >
> >I rebuilt the code or change the one of the replacement back, hang never
> >seen again. Not sure if I copied the wrong kernel or any other mistakes.
> >Have got a hardware system with efi enabled to try again, see if
> >anything wrong will happen. It's really weird. And Chao also is helping
> >to try on his side.
> 
> Hi Bao,
> 
> After testing for 10 times, no problem happened.
> Maybe you did something wrong in the first time.

Thanks, Chao. I tried several times on a machine with efi enabled, no
problem found.

Sorry, guys, so it's a false alarm.

> >
> >> 
> >> On 08/04/17 at 03:26pm, Baoquan He wrote:
> >> > Patch 1/2 is newly added to add efi_memdesc_ptr helper to wrap the
> >> > open code which gets the start of efi memmap descriptor and also
> >> > explain why it need be done like that, Ingo suggested it. 
> >> > 
> >> > And also replace several places of the open code with efi_memdesc_ptr
> >> > helper.
> >> > 
> >> > And also use efi_memdesc_ptr in process_efi_entries() which handle efi
> >> > mirror issue during KASLR.
> >> > 
> >> > 
> >> > Change:
> >> > v7->v8:
> >> >     Add efi_memdesc_ptr helper to wrap the open code which gets the
> >> >     start of map descriptor according to Ingo's suggestion.
> >> > 
> >> > v6->v7:
> >> >   Ingo pointed out several incorrect line break issues and unclear
> >> >   description of patch log. Correct them and rewrite patch log.
> >> > 
> >> >   And also rewrite the EFI warning message that if EFI memmap is above
> >> >   4G in 32bit system since 32bit system can not handle data above 4G at
> >> >   kernel decompression stage. This is suggested by Ingo too.
> >> > 
> >> > v5->v6:
> >> >   Code style issue fix according to Kees's comment.
> >> > 
> >> >   This is based on tip/x86/boot, patch 1,2,3/4 in v5 post has
> >> >   been put into tip/x86/boot now.
> >> > 
> >> > 
> >> > 
> >> > Baoquan He (2):
> >> >   efi: Introduce efi_memdesc_ptr to get pointer to memmap descriptor
> >> >   x86/boot/KASLR: Restrict kernel to be randomized in mirror regions
> >> > 
> >> >  arch/x86/boot/compressed/eboot.c               |  2 +-
> >> >  arch/x86/boot/compressed/kaslr.c               | 68 +++++++++++++++++++++++++-
> >> >  drivers/firmware/efi/libstub/efi-stub-helper.c |  4 +-
> >> >  include/linux/efi.h                            | 19 +++++++
> >> >  4 files changed, 88 insertions(+), 5 deletions(-)
> >> > 
> >> > -- 
> >> > 2.5.5
> >> > 
> >
> >
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ