lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181002150517.GA19822@zn.tnic>
Date:   Tue, 2 Oct 2018 17:05:18 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     m.mizuma@...fujitsu.com
Cc:     bhe@...hat.com, torvalds@...ux-foundation.org,
        msys.mizuma@...il.com, tglx@...utronix.de,
        linux-kernel@...r.kernel.org, peterz@...radead.org,
        mingo@...nel.org, hpa@...or.com, linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/boot] ACPI/NUMA: Add warning message if the padding
 size for KASLR is not enough

On Tue, Oct 02, 2018 at 03:18:41AM -0700, tip-bot for Masayoshi Mizuma wrote:
> Commit-ID:  3b054ca88c4f4dd5f516a12d4b6d6bd0ae826f41
> Gitweb:     https://git.kernel.org/tip/3b054ca88c4f4dd5f516a12d4b6d6bd0ae826f41
> Author:     Masayoshi Mizuma <m.mizuma@...fujitsu.com>
> AuthorDate: Mon, 1 Oct 2018 10:08:42 -0400
> Committer:  Ingo Molnar <mingo@...nel.org>
> CommitDate: Tue, 2 Oct 2018 11:47:21 +0200
> 
> ACPI/NUMA: Add warning message if the padding size for KASLR is not enough
> 
> Add warning message if the padding size for KASLR,
> rand_mem_physical_padding, is not enough. The message also
> says the suitable padding size.
> 
> Signed-off-by: Masayoshi Mizuma <m.mizuma@...fujitsu.com>
> Cc: Baoquan He <bhe@...hat.com>
> Cc: Borislav Petkov <bp@...en8.de>
> Cc: Linus Torvalds <torvalds@...ux-foundation.org>
> Cc: Masayoshi Mizuma <msys.mizuma@...il.com>
> Cc: Peter Zijlstra <peterz@...radead.org>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Link: http://lkml.kernel.org/r/20181001140843.26137-3-msys.mizuma@gmail.com
> Signed-off-by: Ingo Molnar <mingo@...nel.org>
> ---
>  arch/x86/include/asm/setup.h |  2 ++
>  drivers/acpi/numa.c          | 14 ++++++++++++++
>  2 files changed, 16 insertions(+)
> 
> diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h
> index ae13bc974416..65a5bf8f6aba 100644
> --- a/arch/x86/include/asm/setup.h
> +++ b/arch/x86/include/asm/setup.h
> @@ -80,6 +80,8 @@ static inline unsigned long kaslr_offset(void)
>  	return (unsigned long)&_text - __START_KERNEL;
>  }
>  
> +extern int rand_mem_physical_padding;
> +
>  /*
>   * Do NOT EVER look at the BIOS memory size location.
>   * It does not work on many machines.
> diff --git a/drivers/acpi/numa.c b/drivers/acpi/numa.c
> index 85167603b9c9..3d69834c692f 100644
> --- a/drivers/acpi/numa.c
> +++ b/drivers/acpi/numa.c
> @@ -32,6 +32,7 @@
>  #include <linux/numa.h>
>  #include <linux/nodemask.h>
>  #include <linux/topology.h>
> +#include <asm/setup.h>
>  
>  static nodemask_t nodes_found_map = NODE_MASK_NONE;
>  
> @@ -435,6 +436,7 @@ acpi_table_parse_srat(enum acpi_srat_type id,
>  int __init acpi_numa_init(void)
>  {
>  	int cnt = 0;
> +	u64 max_possible_phys, max_actual_phys, threshold;
>  
>  	if (acpi_disabled)
>  		return -EINVAL;
> @@ -463,6 +465,18 @@ int __init acpi_numa_init(void)
>  
>  		cnt = acpi_table_parse_srat(ACPI_SRAT_TYPE_MEMORY_AFFINITY,
>  					    acpi_parse_memory_affinity, 0);
> +
> +		/* check the padding size for KASLR is enough. */
> +		if (parsed_numa_memblks && kaslr_enabled()) {
> +			max_actual_phys = roundup(PFN_PHYS(max_pfn), 1ULL << 40);
> +			max_possible_phys = roundup(PFN_PHYS(max_possible_pfn), 1ULL << 40);
> +			threshold = max_actual_phys + ((u64)rand_mem_physical_padding << 40);

Nope, not really:

ld: drivers/acpi/numa.o: in function `acpi_numa_init':
/home/boris/kernel/linux/drivers/acpi/numa.c:473: undefined reference to `rand_mem_physical_padding'
make: *** [Makefile:1030: vmlinux] Error 1

due to CONFIG_RANDOMIZE_MEMORY=n in my .config.

You need to add a fix ontop which adds a function
get_rand_mem_physical_padding() which is defined in CONFIG_RANDOMIZE_MEMORY=y
and outside returns 0.

And then make that rand_mem_physical_padding static and do not export it
to anything outside of kaslr.c but use the accessor.

Thx.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ