lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c4b9a536-d889-4429-76a5-a9fdd5f6234b@suse.com>
Date:   Mon, 15 Jan 2018 16:40:32 +0100
From:   Juergen Gross <jgross@...e.com>
To:     Ingo Molnar <mingo@...nel.org>
Cc:     Borislav Petkov <bp@...en8.de>,
        Mike Galbraith <mgalbraith@...e.de>,
        LKML <linux-kernel@...r.kernel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Zijlstra <peterz@...radead.org>
Subject: Re: [x86-tip] RSDP changes converted i4790 box SMP -> UP

On 15/01/18 16:32, Ingo Molnar wrote:
> 
> * Juergen Gross <jgross@...e.com> wrote:
> 
>> On 15/01/18 15:56, Borislav Petkov wrote:
>>> On Mon, Jan 15, 2018 at 03:52:25PM +0100, Juergen Gross wrote:
>>>> Ingo, with my finding that above boot failure is related to a bug in
>>>> openSUSE's grub2 (I've verified it soesn't exist in upstream grub2),
>>>
>>> The box I'm seeing this on has SLES12-SP2 grub:
>>>
>>> Version        : 2.02~beta2-115.9.1
>>>
>>> Does it have the same bug?
>>
>> The patch introducing this problem is from 2012. So I guess: yes.
> 
> I suspect this makes it a widespread, unintended ABI. Can we detect and somehow avoid it?
> 
> The boot protocol ABI sucks if it's fragile against such mistakes.

Well, copying sizeof(setup_header) into grub2 and then coyping back just
1024 bytes is plain wrong. It is a miracle nothing broke up to now.


Juergen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ