| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Feb 2019 10:54:39 +0100
From: Julian Stecklina <jsteckli@...zon.de>
To: Baoquan He <bhe@...hat.com>
Cc: Julian Stecklina <js@...en8.de>, <x86@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
<hpa@...or.com>, <linux-kernel@...r.kernel.org>,
<jschoenh@...zon.de>
Subject: Re: [PATCH 1/2] x86/boot: fix KASL when memmap range manipulation is used
Baoquan He <bhe@...hat.com> writes:
> On 01/30/19 at 05:40pm, Julian Stecklina wrote:
>> diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
>> index 9ed9709..5657e34 100644
>> --- a/arch/x86/boot/compressed/kaslr.c
>> +++ b/arch/x86/boot/compressed/kaslr.c
>> @@ -155,6 +155,12 @@ parse_memmap(char *p, unsigned long long *start, unsigned long long *size)
>> case '#':
>> case '$':
>> case '!':
>> + /*
>> + * % would need some more complex parsing, because regions might
>> + * actually become usable for KASLR, but the simple way of
>> + * ignoring anything that is mentioned in % works for now.
>> + */
>
> This seems to make thing more complicated even though have to. One
> concern is whether we need to check the oldtype|newtype , e.g
> oldtype=reserverd, newtype=RAM, is it possible to set like that?
With the above patch the boot code will avoid using any region targeted
by % for KASLR. This does mean regions that are changed to be usable via
% are not taken into account.
Julian
Powered by blists - more mailing lists