lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200204074330.1e7cd4db@oasis.local.home>
Date:   Tue, 4 Feb 2020 07:43:30 -0500
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Tom Zanussi <zanussi@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>
Subject: [PATCH] bootconfig: Add "disable_bootconfig" cmdline option to
 disable bootconfig


From: "Steven Rostedt (VMware)" <rostedt@...dmis.org>

As the bootconfig is appended to the initrd it is not as easy to modify as
the kernel command line. If there's some issue with the kernel, and the
developer wants to boot a pristine kernel, it should not be needed to modify
the initrd to remove the bootconfig for a single boot.

A "disable_bootconfig" kernel command line option solves this. If
"disable_bootconfig" is found on the kernel command line, then the
bootconfig file that may be attached to the initrd will not be parsed.

Link: https://lore.kernel.org/r/CAHk-=wjfjO+h6bQzrTf=YCZA53Y3EDyAs3Z4gEsT7icA3u_Psw@mail.gmail.com

Suggested-by: Linus Torvalds <torvalds@...ux-foundation.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@...dmis.org>
---
 Documentation/admin-guide/kernel-parameters.txt |  4 ++++
 init/main.c                                     | 14 +++++++++++---
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index ade4e6ec23e0..c4f1417f1934 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -857,6 +857,10 @@
                 on      Perform hardened usercopy checks (default).
                 off     Disable hardened usercopy checks.
 
+	disable_bootconfig
+			Disable reading the bootconfig that may be attached
+			to the initrd.
+
 	disable_radix	[PPC]
 			Disable RADIX MMU mode on POWER9
 
diff --git a/init/main.c b/init/main.c
index dd7da62d99a5..b52636cd9c1d 100644
--- a/init/main.c
+++ b/init/main.c
@@ -336,15 +336,23 @@ u32 boot_config_checksum(unsigned char *p, u32 size)
 	return ret;
 }
 
-static void __init setup_boot_config(void)
+static void __init setup_boot_config(const char *cmdline)
 {
 	u32 size, csum;
 	char *data, *copy;
+	const char *p;
 	u32 *hdr;
 
 	if (!initrd_end)
 		return;
 
+	p = strstr(cmdline, "disable_bootconfig");
+	if (p && (p == cmdline || isspace(*(p-1))) &&
+	    (!p[18] || isspace(p[18]))) {
+		pr_info("Disabling bootconfig because 'disable_bootconfig' found on the command line\n");
+		return;
+	}
+
 	hdr = (u32 *)(initrd_end - 8);
 	size = hdr[0];
 	csum = hdr[1];
@@ -379,7 +387,7 @@ static void __init setup_boot_config(void)
 	}
 }
 #else
-#define setup_boot_config()	do { } while (0)
+#define setup_boot_config(cmdline)	do { } while (0)
 #endif
 
 /* Change NUL term back to "=", to make "param" the whole string. */
@@ -760,7 +768,7 @@ asmlinkage __visible void __init start_kernel(void)
 	pr_notice("%s", linux_banner);
 	early_security_init();
 	setup_arch(&command_line);
-	setup_boot_config();
+	setup_boot_config(command_line);
 	setup_command_line(command_line);
 	setup_nr_cpu_ids();
 	setup_per_cpu_areas();
-- 
2.20.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ