| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Apr 2019 08:16:45 +0000
From: Junichi Nomura <j-nomura@...jp.nec.com>
To: Borislav Petkov <bp@...en8.de>
CC: Dave Young <dyoung@...hat.com>,
Chao Fan <fanc.fnst@...fujitsu.com>,
Baoquan He <bhe@...hat.com>, Kairui Song <kasong@...hat.com>,
"x86@...nel.org" <x86@...nel.org>,
"kexec@...ts.infradead.org" <kexec@...ts.infradead.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v4] x86/boot: Use efi_setup_data for searching RSDP on
kexec-ed kernel
On 4/11/19 5:09 PM, Borislav Petkov wrote:
> On Wed, Apr 10, 2019 at 11:34:51PM +0000, Junichi Nomura wrote:
>> But efi_get_rsdp_addr() needs to check whether the kernel was
>> kexec booted to avoid accessing invalid EFI table address.
>> efi_get_kexec_setup_data_addr() is the only method I know
>> to check if it was kexec-booted.
>
> Your v3 had the right approach - you first check if you can get the
> address as a kexec-ed kernel. If you do, you use that one and continue
> the normal path.
>
> If you don't, you fall back to efi_get_rsdp_addr() and get it directly
> from EFI.
>
> And then carve out the functionality you need to call multiple times in
> helper functions like __efi_get_rsdp_addr().
>
> Why doesn't that work anymore?
kexec_get_rsdp_addr() might fail on kexec-booted kernel, e.g. if the
setup_data was invalid. In such a case, falling back to efi_get_rsdp_addr()
will hit the problem of accessing invalid table pointer again.
--
Jun'ichi Nomura, NEC Corporation / NEC Solution Innovators, Ltd.
Powered by blists - more mailing lists