| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Jul 2019 08:59:43 -0700
From: hpa@...or.com
To: Daniel Kiper <daniel.kiper@...cle.com>, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, x86@...nel.org
CC: bp@...en8.de, corbet@....net, dpsmith@...rtussolutions.com,
eric.snowberg@...cle.com, kanth.ghatraju@...cle.com,
konrad.wilk@...cle.com, mingo@...hat.com,
ross.philipson@...cle.com, tglx@...utronix.de
Subject: Re: [PATCH v2 3/3] x86/boot: Introduce the kernel_info.setup_type_max
On July 4, 2019 9:36:12 AM PDT, Daniel Kiper <daniel.kiper@...cle.com> wrote:
>This field contains maximal allowed type for setup_data and
>setup_indirect structs.
>
>And finally bump setup_header version in arch/x86/boot/header.S.
>
>Suggested-by: H. Peter Anvin <hpa@...or.com>
>Signed-off-by: Daniel Kiper <daniel.kiper@...cle.com>
>Reviewed-by: Ross Philipson <ross.philipson@...cle.com>
>Reviewed-by: Eric Snowberg <eric.snowberg@...cle.com>
>---
> Documentation/x86/boot.rst | 10 +++++++++-
> arch/x86/boot/compressed/kernel_info.S | 4 ++++
> arch/x86/boot/header.S | 2 +-
> arch/x86/include/uapi/asm/bootparam.h | 3 +++
> 4 files changed, 17 insertions(+), 2 deletions(-)
>
>diff --git a/Documentation/x86/boot.rst b/Documentation/x86/boot.rst
>index 23d3726d54fc..63609fd0517f 100644
>--- a/Documentation/x86/boot.rst
>+++ b/Documentation/x86/boot.rst
>@@ -73,7 +73,8 @@ Protocol 2.14: BURNT BY INCORRECT COMMIT
>ae7e1238e68f2a472a125673ab506d49158c188
> (x86/boot: Add ACPI RSDP address to setup_header)
> DO NOT USE!!! ASSUME SAME AS 2.13.
>
>-Protocol 2.15: (Kernel 5.3) Added the kernel_info and setup_indirect.
>+Protocol 2.15: (Kernel 5.3) Added the kernel_info,
>kernel_info.setup_type_max
>+ and setup_indirect.
>============= ============================================================
>
> .. note::
>@@ -980,6 +981,13 @@ Offset/size: 0x0004/4
>This field contains the size of the kernel_info including
>kernel_info.header.
>It should be used by the boot loader to detect supported fields in the
>kernel_info.
>
>+============ ==============
>+Field name: setup_type_max
>+Offset/size: 0x0008/4
>+============ ==============
>+
>+ This field contains maximal allowed type for setup_data and
>setup_indirect structs.
>+
>
> The Image Checksum
> ==================
>diff --git a/arch/x86/boot/compressed/kernel_info.S
>b/arch/x86/boot/compressed/kernel_info.S
>index 3f1cb301b9ff..2f28aabf6558 100644
>--- a/arch/x86/boot/compressed/kernel_info.S
>+++ b/arch/x86/boot/compressed/kernel_info.S
>@@ -1,5 +1,7 @@
> /* SPDX-License-Identifier: GPL-2.0 */
>
>+#include <asm/bootparam.h>
>+
> .section ".rodata.kernel_info", "a"
>
> .global kernel_info
>@@ -9,4 +11,6 @@ kernel_info:
> .ascii "InfO"
> /* Size. */
> .long kernel_info_end - kernel_info
>+ /* Maximal allowed type for setup_data and setup_indirect
>structs. */
>+ .long SETUP_TYPE_MAX
> kernel_info_end:
>diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
>index ec6a25a43148..893a456663ab 100644
>--- a/arch/x86/boot/header.S
>+++ b/arch/x86/boot/header.S
>@@ -300,7 +300,7 @@ _start:
> # Part 2 of the header, from the old setup.S
>
> .ascii "HdrS" # header signature
>- .word 0x020d # header version number (>= 0x0105)
>+ .word 0x020f # header version number (>= 0x0105)
> # or else old loadlin-1.5 will fail)
> .globl realmode_swtch
> realmode_swtch: .word 0, 0 # default_switch, SETUPSEG
>diff --git a/arch/x86/include/uapi/asm/bootparam.h
>b/arch/x86/include/uapi/asm/bootparam.h
>index aaaa17fa6ad6..2ba870dae6f3 100644
>--- a/arch/x86/include/uapi/asm/bootparam.h
>+++ b/arch/x86/include/uapi/asm/bootparam.h
>@@ -12,6 +12,9 @@
> #define SETUP_JAILHOUSE 6
> #define SETUP_INDIRECT 7
>
>+/* max(SETUP_*) */
>+#define SETUP_TYPE_MAX SETUP_INDIRECT
>+
> /* ram_size flags */
> #define RAMDISK_IMAGE_START_MASK 0x07FF
> #define RAMDISK_PROMPT_FLAG 0x8000
Bump the version number and add setup_max before adding the indirect stuff. That will nicely double as at the very least a first-order validity check.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
Powered by blists - more mailing lists