lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 19 Feb 2020 16:55:16 -0000
From:   "tip-bot2 for Arvind Sankar" <tip-bot2@...utronix.de>
To:     linux-tip-commits@...r.kernel.org
Cc:     Arvind Sankar <nivedita@...m.mit.edu>,
        Borislav Petkov <bp@...e.de>,
        Kees Cook <keescook@...omium.org>, x86 <x86@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: [tip: x86/boot] x86/boot/compressed/64: Remove .bss/.pgtable from bzImage

The following commit has been merged into the x86/boot branch of tip:

Commit-ID:     3ee372ccce4d4e7c610748d0583979d3ed3a0cf4
Gitweb:        https://git.kernel.org/tip/3ee372ccce4d4e7c610748d0583979d3ed3a0cf4
Author:        Arvind Sankar <nivedita@...m.mit.edu>
AuthorDate:    Thu, 09 Jan 2020 10:02:17 -05:00
Committer:     Borislav Petkov <bp@...e.de>
CommitterDate: Wed, 19 Feb 2020 17:28:57 +01:00

x86/boot/compressed/64: Remove .bss/.pgtable from bzImage

Commit

  5b11f1cee579 ("x86, boot: straighten out ranges to copy/zero in
  compressed/head*.S")

introduced a separate .pgtable section, splitting it out from the rest
of .bss. This section was added without the writeable flag, marking it
as read-only. This results in the linker putting the .rela.dyn section
(containing bogus dynamic relocations from head_64.o) after the .bss and
.pgtable sections.

When objcopy is used to convert compressed/vmlinux into a binary for
the bzImage:

$ objcopy  -O binary -R .note -R .comment -S arch/x86/boot/compressed/vmlinux \
		arch/x86/boot/vmlinux.bin

the .bss and .pgtable sections get materialized as ~176KiB of zero
bytes in the binary in order to place .rela.dyn at the correct location.

Fix this by marking .pgtable as writeable. This moves the .rela.dyn
section up in the ELF image layout so that .bss and .pgtable are the
last allocated sections and so don't appear in bzImage.

 [ bp: Massage commit message. ]

Signed-off-by: Arvind Sankar <nivedita@...m.mit.edu>
Signed-off-by: Borislav Petkov <bp@...e.de>
Acked-by: Kees Cook <keescook@...omium.org>
Link: https://lkml.kernel.org/r/20200109150218.16544-1-nivedita@alum.mit.edu
---
 arch/x86/boot/compressed/head_64.S | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index 68f31c4..c8ee6ef 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -645,7 +645,7 @@ SYM_DATA_END_LABEL(boot_stack, SYM_L_LOCAL, boot_stack_end)
 /*
  * Space for page tables (not in .bss so not zeroed)
  */
-	.section ".pgtable","a",@nobits
+	.section ".pgtable","aw",@nobits
 	.balign 4096
 SYM_DATA_LOCAL(pgtable,		.fill BOOT_PGT_SIZE, 1, 0)
 

Powered by blists - more mailing lists