| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Jul 2020 18:57:22 -0400
From: Arvind Sankar <nivedita@...m.mit.edu>
To: Kees Cook <keescook@...omium.org>, x86@...nel.org
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH v3 21/21] x86/kaslr: Add a check that the random address is in range
Check in find_random_phys_addr that the chosen address is inside the
range that was required.
Signed-off-by: Arvind Sankar <nivedita@...m.mit.edu>
---
arch/x86/boot/compressed/kaslr.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
index 38ecbf2e61c5..903ccdca0551 100644
--- a/arch/x86/boot/compressed/kaslr.c
+++ b/arch/x86/boot/compressed/kaslr.c
@@ -802,6 +802,8 @@ static void process_e820_entries(unsigned long minimum,
static unsigned long find_random_phys_addr(unsigned long minimum,
unsigned long image_size)
{
+ u64 phys_addr;
+
/* Bail out early if it's impossible to succeed. */
if (minimum + image_size > mem_limit)
return 0;
@@ -815,7 +817,15 @@ static unsigned long find_random_phys_addr(unsigned long minimum,
if (!process_efi_entries(minimum, image_size))
process_e820_entries(minimum, image_size);
- return slots_fetch_random();
+ phys_addr = slots_fetch_random();
+
+ /* Perform a final check to make sure the address is in range. */
+ if (phys_addr < minimum || phys_addr + image_size > mem_limit) {
+ warn("Invalid physical address chosen!\n");
+ return 0;
+ }
+
+ return (unsigned long)phys_addr;
}
static unsigned long find_random_virt_addr(unsigned long minimum,
--
2.26.2
Powered by blists - more mailing lists