lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 27 Mar 2018 12:34:53 +0100
From:   Russell King - ARM Linux <linux@...linux.org.uk>
To:     Tony Lindgren <tony@...mide.com>
Cc:     Stephen Rothwell <sfr@...b.auug.org.au>,
        Rich Felker <dalias@...c.org>,
        Yoshinori Sato <ysato@...rs.sourceforge.jp>,
        linux-kernel@...r.kernel.org, Ralf Baechle <ralf@...ux-mips.org>,
        linux-omap@...r.kernel.org, Huacai Chen <chenhc@...ote.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        James Hogan <james.hogan@...s.com>,
        linux-arm-kernel@...ts.infradead.org
Subject: Re: Regression with arm in next with stack protector

On Tue, Mar 27, 2018 at 10:04:10AM +0100, Russell King - ARM Linux wrote:
> On Fri, Mar 23, 2018 at 11:14:53AM -0700, Tony Lindgren wrote:
> > Hi,
> > 
> > Looks like commit 5638790dadae ("zboot: fix stack protector in
> > compressed boot phase") breaks booting on arm.
> > 
> > This is all I get from the bootloader on omap3:
> > 
> > Starting kernel ...
> > 
> > data abort
> > pc : [<810002d0>]          lr : [<100110a8>]
> > reloc pc : [<9d6002d0>]    lr : [<2c6110a8>]
> > sp : 81467c18  ip : 81466bf0     fp : 81466bf0
> > r10: 80fc2c40  r9 : 81000258     r8 : 86fec000
> > r7 : ffffffff  r6 : 81466bf8     r5 : 00000000  r4 : 80008000
> > r3 : 81466c14  r2 : 81466c18     r1 : 000a0dff  r0 : 00466bf8
> > Flags: nZCv  IRQs off  FIQs off  Mode SVC_32
> > Resetting CPU ...
> > 
> > resetting ...
> 
> The reason for this is the following code that was introduced by the
> referenced patch:
> 
> +               ldr     r0, =__stack_chk_guard
> +               ldr     r1, =0x000a0dff
> +               str     r1, [r0]
> 
> This uses the absolute address of __stack_chk_guard in the decompressor,
> which is a self-relocatable image.  As with all constructs like the
> above, this absolute address doesn't get fixed up, and so it ends up
> pointing at invalid memory (in this case 0x466bf8) vs RAM at 0x80000000,
> and the decompressor looks to be around 0x81000000.
> 
> Such constructs can not be used in the decompressor for exactly this
> reason - they need to use PC-relative addressing instead just like
> everything else does in head.S.

Is there any reason we can't do this in misc.c:

const unsigned int __stack_chk_guard = 0x000a0dff;

?  That would save having runtime code to set that value up, and after
all, it is constant.  Arguments about it potentially ending up at a
fixed offset into the image need not be said - that's already the case
with placing it in the early assembly code, and as has been established,
it needs to be initialised prior to any C code being called.

-- 
RMK's Patch system: http://www.armlinux.org.uk/developer/patches/
FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps up
According to speedtest.net: 8.21Mbps down 510kbps up

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ