lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191007130942.GA82950@gmail.com>
Date:   Mon, 7 Oct 2019 15:09:42 +0200
From:   Ingo Molnar <mingo@...nel.org>
To:     Hans de Goede <hdegoede@...hat.com>
Cc:     Arvind Sankar <nivedita@...m.mit.edu>,
        linux-kernel@...r.kernel.org, x86@...nel.org,
        Borislav Petkov <bp@...en8.de>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: kexec breaks with 5.4 due to memzero_explicit


* Hans de Goede <hdegoede@...hat.com> wrote:

> Hi,
> 
> On 07-10-2019 10:50, Hans de Goede wrote:
> > Hi,
> > 
> > On 07-10-2019 05:09, Arvind Sankar wrote:
> > > Hi, arch/x86/purgatory/purgatory.ro has an undefined symbol
> > > memzero_explicit. This has come from commit 906a4bb97f5d ("crypto:
> > > sha256 - Use get/put_unaligned_be32 to get input, memzero_explicit")
> > > according to git bisect.
> > 
> > Hmm, it (obviously) does build for me and using kexec still also works
> > for me.
> > 
> > But it seems that you are right and that this should not build, weird.
> 
> Ok, I understand now, it seems that the kernel will happily build with
> undefined symbols in the purgatory and my kexec testing did not hit
> the sha256 check path (*) so it did not crash. I can reproduce this before my patch:
> 
> [hans@...lem linux]$ ld arch/x86/purgatory/purgatory.ro
> ld: warning: cannot find entry symbol _start; defaulting to 0000000000401000
> ld: arch/x86/purgatory/purgatory.ro: in function `sha256_transform':
> sha256.c:(.text+0x1c0c): undefined reference to `memzero_explicit'

I've applied your fix, but would it make sense to also integrate this 
linker test in the regular build with a second patch, to make sure 
something similar doesn't occur again?

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ