lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1519414953-5478-3-git-send-email-tbaicar@codeaurora.org>
Date:   Fri, 23 Feb 2018 12:42:33 -0700
From:   Tyler Baicar <tbaicar@...eaurora.org>
To:     ard.biesheuvel@...aro.org, linux-efi@...r.kernel.org,
        linux-kernel@...r.kernel.org, jhugo@...eaurora.org,
        sgoel@...eaurora.org, takahiro.akashi@...aro.org,
        timur@...eaurora.org
Cc:     Tyler Baicar <tbaicar@...eaurora.org>
Subject: [PATCH 2/2] efi/esrt: mark ESRT memory region as nomap

The ESRT memory region is being exposed as System RAM in /proc/iomem
which is wrong because it cannot be overwritten. This memory is needed
for kexec kernels in order to properly initialize ESRT, so if it is
overwritten it will cause ESRT failures in the kexec kernel. Mark this
region as nomap so that it is not overwritten.

Signed-off-by: Tyler Baicar <tbaicar@...eaurora.org>
Tested-by: Jeffrey Hugo <jhugo@...eaurora.org>
---
 drivers/firmware/efi/esrt.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c
index 504f3c3..f5f79c7 100644
--- a/drivers/firmware/efi/esrt.c
+++ b/drivers/firmware/efi/esrt.c
@@ -335,6 +335,14 @@ void __init efi_esrt_init(void)
 	pr_info("Reserving ESRT space from %pa to %pa.\n", &esrt_data, &end);
 	efi_mem_reserve(esrt_data, esrt_data_size);
 
+	/*
+	 * Mark the ESRT memory region as nomap to avoid it being exposed as
+	 * System RAM in /proc/iomem. Otherwise this block can be overwritten
+	 * which will then cause failures in kexec'd kernels since the ESRT
+	 * information is no longer there.
+	 */
+	memblock_mark_nomap(esrt_data, esrt_data_size);
+
 	pr_debug("esrt-init: loaded.\n");
 err_memunmap:
 	early_memunmap(va, size);
-- 
Qualcomm Datacenter Technologies, Inc. as an affiliate of Qualcomm Technologies, Inc.
Qualcomm Technologies, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ