| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAFgQCTvFawbT0NwKbWe+1R-GP6NxSEhsfejJOPk37B=h0AckBA@mail.gmail.com>
Date: Wed, 8 May 2019 12:42:48 +0800
From: Pingfan Liu <kernelfans@...il.com>
To: Ingo Molnar <mingo@...nel.org>
Cc: "H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Kees Cook <keescook@...omium.org>, x86@...nel.org,
Ingo Molnar <mingo@...hat.com>,
Jordan Borgner <mail@...dan-borgner.de>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/2] x86/boot: move early_serial_base to .data section
On Tue, May 7, 2019 at 4:28 PM Ingo Molnar <mingo@...nel.org> wrote:
>
>
> * Pingfan Liu <kernelfans@...il.com> wrote:
>
> > arch/x86/boot/compressed/head_64.S clears BSS after relocated. If early
> > serial is set up before clearing BSS, the early_serial_base will be reset
> > to 0.
> >
> > Initializing early_serial_base as -1 to push it to .data section.
>
> I'm wondering whether it's wise to clear the BSS after relocation to
> begin with. It already gets cleared once, and an implicit zeroing of all
> fields on kernel relocation sounds dubious to me.
>
After reading the code more closely, I think that the BSS is not fully
initialized to 0, exception the stack and heap.
Furthermore the BSS is not copied to the target address. We just copy [0, _bss).
> Is there a strong reason for that? I.e. is there some uninitialized or
> otherwise important-to-clear data there?
>
I guess the reason may be stack or heap can contain some position
dependent data. (While in practice, there is no such kind of data in
the code now days)
Thanks,
Pingfan
Powered by blists - more mailing lists