lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jun 2019 21:15:17 +0000 From: "Lendacky, Thomas" <Thomas.Lendacky@....com> To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "x86@...nel.org" <x86@...nel.org> CC: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, Andy Lutomirski <luto@...nel.org>, Peter Zijlstra <peterz@...radead.org> Subject: [PATCH 0/2] x86: SME: Kexec/kdump memory loading fix This series addresses an issue related to kexec/kdump when SME is active. The SME support uses a workarea located after the end of the kernel to perform "in-place" encryption of the kernel. When kexec/kdump is used, it is possible that some other data used by kexec/kdump could be in this area of memory which would cause the kexec/kdump of the kernel to fail. Create a section for SME in vmlinux.lds.S that is positioned after "_end", so that the memory it occupies will be reclaimed after its use during boot. Since it is part of the kernel image, there is no worry now that kexec/kdump will place data in the SME workarea when installing the kexec/ kdump kernel. As part of this fix, clarify what occupied kernel memory is reserved and what parts of the kernel memory are discarded. The following patches are included: - Identify and document what parts of the kernel image are reserved (saved) and what is discarded. - Create a new SME workarea section that will be reclaimed after its use during boot, thus allow This patch series is based on tip/master. --- Tom Lendacky (2): x86/mm: Identify the end of the kernel area to be reserved x86/mm: Create an SME workarea in the kernel for early encryption arch/x86/include/asm/sections.h | 2 ++ arch/x86/kernel/setup.c | 8 +++++++- arch/x86/kernel/vmlinux.lds.S | 33 +++++++++++++++++++++++++++++- arch/x86/mm/mem_encrypt_identity.c | 22 ++++++++++++++++++-- 4 files changed, 61 insertions(+), 4 deletions(-) -- 2.17.1
Powered by blists - more mailing lists