lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHk-=whO3bt9wCFX-v54RYewdAuovVEDx9DHJ0SbhrzCwY3aEA@mail.gmail.com>
Date:   Fri, 13 Nov 2020 09:43:31 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...nel.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Chen Yu <yu.chen.surf@...il.com>
Subject: Re: [GIT PULL] bootconfig: Extend the magic check range to the
 preceding 3 bytes

On Fri, Nov 13, 2020 at 5:29 AM Steven Rostedt <rostedt@...dmis.org> wrote:
>
> Fix alignment of bootconfig
>
> GRUB may align the init ramdisk size to 4 bytes, the magic number at the
> end of the init ramdisk that denotes bootconfig is attached may not be at
> the exact end of the ramdisk. The kernel needs to check back at least 4
> bytes.

I've pulled this, but this really smells to me.

Isn't the thing that actually _writes_ that BOOTCONFIG_MAGIC able to
fix this properly? I'm looking at the bootconfig tool, and wondering
why that doesn't know about the alignment thing, for example.

And the fact that this got screwed up means that the BOOTCONFIG
documentation needs updating too, so that the rules are documented and
proper.

                      Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ