lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Jan 2019 10:28:16 +0800 From: Baoquan He <bhe@...hat.com> To: linux-kernel@...r.kernel.org Cc: tglx@...utronix.de, mingo@...nel.org, bp@...en8.de, hpa@...or.com, kirill.shutemov@...ux.intel.com, dyoung@...hat.com, x86@...nel.org, kexec@...ts.infradead.org, Baoquan He <bhe@...hat.com> Subject: [PATCH RESEND 2/3] x86/kexec/64: Error out if try to jump to old 4-level kernel from 5-level kernel In relocate_kernel() CR4.LA57 flag is set before kexec jumping if the kernel has 5-level paging enabled. Then in boot/compressed/head_64.S, it will check if the booting kernel is in 4-level or 5-level paging mode, and handle accordingly. However, the old kernel which doesn't contain the 5-level codes doesn't know how to cope with it, then #GP triggered. Instead of triggering #GP during kexec kernel boot, error out during kexec loading if find out we are trying to jump to old 4-level kernel from 5-level kernel. Signed-off-by: Baoquan He <bhe@...hat.com> --- arch/x86/kernel/kexec-bzimage64.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c index 278cd07228dd..5bfb39fc56fe 100644 --- a/arch/x86/kernel/kexec-bzimage64.c +++ b/arch/x86/kernel/kexec-bzimage64.c @@ -316,6 +316,11 @@ static int bzImage64_probe(const char *buf, unsigned long len) return ret; } + if (!(header->xloadflags & XLF_5LEVEL) && pgtable_l5_enabled()) { + pr_err("Can not jump to old 4-level kernel from 5-level kernel.\n"); + return ret; + } + /* I've got a bzImage */ pr_debug("It's a relocatable bzImage64\n"); ret = 0; -- 2.13.6
Powered by blists - more mailing lists