lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180513200541.5lywvjfoppjtivpa@black.fi.intel.com>
Date:   Sun, 13 May 2018 23:05:41 +0300
From:   "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
        "H. Peter Anvin" <hpa@...or.com>, Hugh Dickins <hughd@...gle.com>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] x86/boot/compressed/64: Fix moving page table out of
 trampoline memory

On Sun, May 13, 2018 at 06:56:14PM +0000, Thomas Gleixner wrote:
> On Thu, 10 May 2018, Kirill A. Shutemov wrote:
> 
> > top_pgtable address has to be calculated relative to where the kernel
> > image will be relocated for decompression, not relative to position of
> > kernel is running at the moment. We do the same for the rest of page
> > table we use the stage. It makes them safe from being overwritten during
> > decompression.
> > 
> > Calculate the address of top_pgtable in assembly and pass down to
> > cleanup_trampoline().
> > 
> > Move the page table to .pgtable section where the rest of page tables
> > are. The section is @nobits so we save 4k in kernel image.
> 
> So this is supposed to be a fix, but the whole changelog talks about WHAT
> the patch does and not WHY. Darn, we need proper description of the failure
> which is about to be fixed.

"It makes them safe from being overwritten during decompression."

> It's not that hard and I'm really tired to tell you that over and over.
> 
> >  	/*
> >  	 * cleanup_trampoline() would restore trampoline memory.
> >  	 *
> > +	 * RDI is address of the page table to use instead of page table
> > +	 * in trampoline memory (if required).
> 
> Do you really believe that you understand that comment 6 month from now?

Yes, I think I will.

-- 
 Kirill A. Shutemov

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ