| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 18 Jan 2020 14:41:09 +0100
From: Ard Biesheuvel <ard.biesheuvel@...aro.org>
To: Dmitry Vyukov <dvyukov@...gle.com>
Cc: Qian Cai <cai@....pw>, Ard Biesheuvel <ardb@...nel.org>,
Ingo Molnar <mingo@...hat.com>,
kasan-dev <kasan-dev@...glegroups.com>,
linux-efi <linux-efi@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH -next] x86/efi_64: fix a user-memory-access in runtime
On Sat, 18 Jan 2020 at 14:37, Dmitry Vyukov <dvyukov@...gle.com> wrote:
>
> On Sat, Jan 18, 2020 at 2:35 PM Ard Biesheuvel
> <ard.biesheuvel@...aro.org> wrote:
> > > > On Jan 18, 2020, at 3:00 AM, Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote:
> > > >
> > > > Can't we just use READ_ONCE_NOCHECK() instead?
> > >
> > > My understanding is that KASAN actually want to make sure there is a no dereference of user memory because it has security implications. Does that make no sense here?
> >
> > Not really. This code runs extremely early in the boot, with a
> > temporary 1:1 memory mapping installed so that the EFI firmware can
> > transition into virtually remapped mode.
> >
> > Furthermore, the same issue exists for mixed mode, so we'll need to
> > fix that as well. I'll spin a patch and credit you as the reporter.
>
> If this code runs extremely early and uses even completely different
> mapping, it may make sense to disable KASAN instrumentation of this
> file in Makefile.
The routine in question runs extremely early, but the other code in
the file may be called at any time, so this is probably not the right
choice in this case.
Powered by blists - more mailing lists