| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Jul 2020 16:08:10 -0400
From: Arvind Sankar <nivedita@...m.mit.edu>
To: Kees Cook <keescook@...omium.org>
Cc: Arvind Sankar <nivedita@...m.mit.edu>, x86@...nel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 8/8] x86/kaslr: Don't use 64-bit mem_vector for 32-bit
kernel
On Tue, Jul 28, 2020 at 12:37:12PM -0700, Kees Cook wrote:
> On Mon, Jul 27, 2020 at 07:08:01PM -0400, Arvind Sankar wrote:
> > Commit
> > f28442497b5c ("x86/boot: Fix KASLR and memmap= collision")
> > converted mem_vector type to use 64-bit on the 32-bit kernel as well,
> > based on Thomas's review [0]. However:
> > - the code still doesn't consistently use 64-bit types. For instance,
> > mem_avoid_overlap uses 32-bit types when checking for overlaps. This
> > is actually okay, as the passed in memory range will have been clipped
> > to below 4G, but it is difficult to reason about the safety of the
> > code.
> > - KASLR on 32-bit can't use memory above 4G anyway, so it's pointless
> > to keep track of ranges above 4G.
> >
> > Switch the type back to unsigned long, and use a helper function to clip
> > regions to 4G on 32-bit, when storing mem_avoid, immovable_mem, EFI,
> > E820 and command-line memory regions.
>
> The reason for long long is to avoid having to check for overflows in
> any of the offset calculations. Why not just leave this as-is?
>
The first bullet: there are still unsigned long's in the code that get
assigned mem_vector.start etc. Taking into account Ingo's review as
well, I'm planning to just make all those u64 as well in v3, instead of
this patch.
Powered by blists - more mailing lists