| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Oct 2018 21:37:13 +0200 (CEST)
From: Thomas Gleixner <tglx@...utronix.de>
To: Paul Menzel <pmenzel@...gen.mpg.de>
cc: Jörg Rödel <joro@...tes.org>,
Borislav Petkov <bp@...en8.de>, linux-mm@...ck.org,
x86@...nel.org, lkml <linux-kernel@...r.kernel.org>,
Bjorn Helgaas <bhelgaas@...gle.com>
Subject: Re: x86/mm: Found insecure W+X mapping at address
(ptrval)/0xc00a0000
Paul,
On Fri, 5 Oct 2018, Paul Menzel wrote:
> On 10/05/18 11:27, Thomas Gleixner wrote:
> > If pcibios is enabled and used, need to look at the gory details of that
> > first, then the W+X check has to exclude that region. We can't do much
> > about that.
>
> That would also explain, why it only happens with the SeaBIOS payload,
> which sets up legacy BIOS calls. Using GRUB directly as payload, no BIOS
> calls are set up.
>
> Reading the Kconfig description of the PCI access mode, the BIOS should
> only be used last.
Correct. And looking at the dmesg you provided it is initialized:
[ 0.441062] PCI: PCI BIOS area is rw and x. Use pci=nobios if you want it NX.
[ 0.441062] PCI: PCI BIOS revision 2.10 entry at 0xffa40, last bus=3
Though I assume it's not really required, but this PCI BIOS thing is not
really well documented and there are some obsure usage sites involved.
Bjorn, do you have any insight or did you flush those memories long ago?
Anyway we need to exclude the BIOS area when the kernel sets the W+X on
purpose. Warning about that is bogus. I'll send out a patch soon.
Thanks,
tglx
Powered by blists - more mailing lists