lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Aug 2017 18:43:33 +0800 From: Baoquan He <bhe@...hat.com> To: Chao Fan <fanc.fnst@...fujitsu.com> Cc: linux-kernel@...r.kernel.org, mingo@...nel.org, matt@...eblueprint.co.uk, keescook@...omium.org, tglx@...utronix.de, hpa@...or.com, izumi.taku@...fujitsu.com, thgarnie@...gle.com, n-horiguchi@...jp.nec.com, ard.biesheuvel@...aro.org, linux-efi@...r.kernel.org, x86@...nel.org Subject: Re: [PATCH v8 0/2] x86/boot/KASLR: Restrict kernel to be randomized in mirror regions On 08/04/17 at 05:59pm, Chao Fan wrote: > On Fri, Aug 04, 2017 at 05:22:41PM +0800, Baoquan He wrote: > >On 08/04/17 at 03:52pm, Baoquan He wrote: > >> Sorry, NACK this series, there's error to hang system. Before I just > >> halt system intentionally with error() to check the efi memmap printing, > >> didn't notice this. Checking the cause. > > > >I rebuilt the code or change the one of the replacement back, hang never > >seen again. Not sure if I copied the wrong kernel or any other mistakes. > >Have got a hardware system with efi enabled to try again, see if > >anything wrong will happen. It's really weird. And Chao also is helping > >to try on his side. > > Hi Bao, > > After testing for 10 times, no problem happened. > Maybe you did something wrong in the first time. Thanks, Chao. I tried several times on a machine with efi enabled, no problem found. Sorry, guys, so it's a false alarm. > > > >> > >> On 08/04/17 at 03:26pm, Baoquan He wrote: > >> > Patch 1/2 is newly added to add efi_memdesc_ptr helper to wrap the > >> > open code which gets the start of efi memmap descriptor and also > >> > explain why it need be done like that, Ingo suggested it. > >> > > >> > And also replace several places of the open code with efi_memdesc_ptr > >> > helper. > >> > > >> > And also use efi_memdesc_ptr in process_efi_entries() which handle efi > >> > mirror issue during KASLR. > >> > > >> > > >> > Change: > >> > v7->v8: > >> > Add efi_memdesc_ptr helper to wrap the open code which gets the > >> > start of map descriptor according to Ingo's suggestion. > >> > > >> > v6->v7: > >> > Ingo pointed out several incorrect line break issues and unclear > >> > description of patch log. Correct them and rewrite patch log. > >> > > >> > And also rewrite the EFI warning message that if EFI memmap is above > >> > 4G in 32bit system since 32bit system can not handle data above 4G at > >> > kernel decompression stage. This is suggested by Ingo too. > >> > > >> > v5->v6: > >> > Code style issue fix according to Kees's comment. > >> > > >> > This is based on tip/x86/boot, patch 1,2,3/4 in v5 post has > >> > been put into tip/x86/boot now. > >> > > >> > > >> > > >> > Baoquan He (2): > >> > efi: Introduce efi_memdesc_ptr to get pointer to memmap descriptor > >> > x86/boot/KASLR: Restrict kernel to be randomized in mirror regions > >> > > >> > arch/x86/boot/compressed/eboot.c | 2 +- > >> > arch/x86/boot/compressed/kaslr.c | 68 +++++++++++++++++++++++++- > >> > drivers/firmware/efi/libstub/efi-stub-helper.c | 4 +- > >> > include/linux/efi.h | 19 +++++++ > >> > 4 files changed, 88 insertions(+), 5 deletions(-) > >> > > >> > -- > >> > 2.5.5 > >> > > > > > > >
Powered by blists - more mailing lists