lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 7 Oct 2019 15:55:26 +0200
From:   Ingo Molnar <mingo@...nel.org>
To:     Hans de Goede <hdegoede@...hat.com>
Cc:     Arvind Sankar <nivedita@...m.mit.edu>,
        linux-kernel@...r.kernel.org, x86@...nel.org,
        Borislav Petkov <bp@...en8.de>,
        Thomas Gleixner <tglx@...utronix.de>
Subject: Re: kexec breaks with 5.4 due to memzero_explicit


* Hans de Goede <hdegoede@...hat.com> wrote:

> Hi,
> 
> On 07-10-2019 15:09, Ingo Molnar wrote:
> > 
> > * Hans de Goede <hdegoede@...hat.com> wrote:
> > 
> > > Hi,
> > > 
> > > On 07-10-2019 10:50, Hans de Goede wrote:
> > > > Hi,
> > > > 
> > > > On 07-10-2019 05:09, Arvind Sankar wrote:
> > > > > Hi, arch/x86/purgatory/purgatory.ro has an undefined symbol
> > > > > memzero_explicit. This has come from commit 906a4bb97f5d ("crypto:
> > > > > sha256 - Use get/put_unaligned_be32 to get input, memzero_explicit")
> > > > > according to git bisect.
> > > > 
> > > > Hmm, it (obviously) does build for me and using kexec still also works
> > > > for me.
> > > > 
> > > > But it seems that you are right and that this should not build, weird.
> > > 
> > > Ok, I understand now, it seems that the kernel will happily build with
> > > undefined symbols in the purgatory and my kexec testing did not hit
> > > the sha256 check path (*) so it did not crash. I can reproduce this before my patch:
> > > 
> > > [hans@...lem linux]$ ld arch/x86/purgatory/purgatory.ro
> > > ld: warning: cannot find entry symbol _start; defaulting to 0000000000401000
> > > ld: arch/x86/purgatory/purgatory.ro: in function `sha256_transform':
> > > sha256.c:(.text+0x1c0c): undefined reference to `memzero_explicit'
> > 
> > I've applied your fix,
> 
> Thank you, unfortunately I was just minutes away from sending a v2
> which adds a missing barrier call (not strictly necessary, more future
> proofing).
> 
> Hopefully you can still pick up v2 instead, let me know if you want
> an incremental patch instead.

Yeah, our mails crossed: I noticed that and didn't push out your fix, so 
all should be good. Take your time.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ