| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Oct 2021 23:10:06 -0700
From: Kees Cook <keescook@...omium.org>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>,
Kristen Carlson Accardi <kristen@...ux.intel.com>,
Tony Luck <tony.luck@...el.com>,
Alexander Lobakin <alexandr.lobakin@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...e.de>,
Arnd Bergmann <arnd@...db.de>, Joerg Roedel <jroedel@...e.de>,
Arvind Sankar <nivedita@...m.mit.edu>,
Jing Yangyang <jing.yangyang@....com.cn>,
Abaci Robot <abaci@...ux.alibaba.com>,
Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Vincenzo Frascino <vincenzo.frascino@....com>,
Andrey Konovalov <andreyknvl@...il.com>,
Miroslav Benes <mbenes@...e.cz>,
"H. Nikolaus Schaller" <hns@...delico.com>,
Fangrui Song <maskray@...gle.com>,
linux-kernel@...r.kernel.org, x86@...nel.org,
linux-arch@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH 0/4] x86: Various clean-ups in support of FGKASLR
On Wed, Oct 13, 2021 at 10:57:38AM -0700, Kees Cook wrote:
> Hi,
>
> These are a small set of patches that clean up various things that are
> each stand-alone improvements, but they're also needed for the coming
> FGKASLR series[1]. I thought it best to just get these landed instead
> of having them continue to tag along with FGKASLR, especially the
> early malloc() fix, which is a foot-gun waiting to happen. :)
>
> Thanks!
>
> -Kees
>
> [1] https://lore.kernel.org/lkml/20210831144114.154-1-alexandr.lobakin@intel.com/
Peter, Josh, Boris, can someone please take these through -tip?
They're each stand-alone correctness improvements, and while FGKASLR
depends on them, there is no reason to keep them tied to that series,
especially since anyone using the early-boot malloc or making changes to
text sections is going to trip over one or several of the issues fixed
here.
They've got a bunch of reviews and acks already:
https://patchwork.kernel.org/project/linux-hardening/list/?series=562929
Thanks!
-Kees
>
> Kees Cook (2):
> x86/boot: Allow a "silent" kaslr random byte fetch
> x86/boot/compressed: Avoid duplicate malloc() implementations
>
> Kristen Carlson Accardi (2):
> x86/tools/relocs: Support >64K section headers
> vmlinux.lds.h: Have ORC lookup cover entire _etext - _stext
>
> arch/x86/boot/compressed/kaslr.c | 4 --
> arch/x86/boot/compressed/misc.c | 3 +
> arch/x86/boot/compressed/misc.h | 2 +
> arch/x86/lib/kaslr.c | 18 ++++--
> arch/x86/tools/relocs.c | 103 ++++++++++++++++++++++--------
> include/asm-generic/vmlinux.lds.h | 3 +-
> include/linux/decompress/mm.h | 12 +++-
> 7 files changed, 107 insertions(+), 38 deletions(-)
>
> --
> 2.30.2
>
--
Kees Cook
Powered by blists - more mailing lists