lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 10 Nov 2018 08:02:45 +0100 From: Juergen Gross <jgross@...e.com> To: "H. Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org, xen-devel@...ts.xenproject.org, x86@...nel.org, linux-doc@...r.kernel.org Cc: tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, corbet@....net, boris.ostrovsky@...cle.com Subject: Re: PLEASE REVERT URGENTLY: Re: [PATCH v5 2/3] x86/boot: add acpi rsdp address to setup_header On 10/11/2018 07:32, H. Peter Anvin wrote: >> >> Unfortunately there are many major distros shipping boot loaders which >> write crap data past the end of setup_header. >> > > Yes. We know that and it is resolved by: > > a) the length field in setup_header; > b) the "sentinel" field which catches legacy non-compliant bootloaders. Doesn't help for boot loaders reading struct setup_header from the kernel image and then writing e.g. 512 bytes back to the setup_header location. The sentinel is cleared and the length field just isn't taken into account. And this is what happened. > >>> >>> This field thus belongs in struct boot_params, not struct setup_header. >> >> Okay, I can change that. Hoping that all boot loaders really write >> zeroes to that field in case they don't know it. >> > > This is what we added the sentinel field for: bootloaders which don't zero > unknown fields (read: Grub) will trigger the sentinel, and we wipe most of > this structure. Unfortunately the sentinel seems to be cleared by said broken grub. Juergen
Powered by blists - more mailing lists