lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202110262301.A1C8F597A@keescook>
Date:   Tue, 26 Oct 2021 23:10:06 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     Josh Poimboeuf <jpoimboe@...hat.com>,
        "H. Peter Anvin" <hpa@...or.com>,
        Kristen Carlson Accardi <kristen@...ux.intel.com>,
        Tony Luck <tony.luck@...el.com>,
        Alexander Lobakin <alexandr.lobakin@...el.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...e.de>,
        Arnd Bergmann <arnd@...db.de>, Joerg Roedel <jroedel@...e.de>,
        Arvind Sankar <nivedita@...m.mit.edu>,
        Jing Yangyang <jing.yangyang@....com.cn>,
        Abaci Robot <abaci@...ux.alibaba.com>,
        Jiapeng Chong <jiapeng.chong@...ux.alibaba.com>,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Vincenzo Frascino <vincenzo.frascino@....com>,
        Andrey Konovalov <andreyknvl@...il.com>,
        Miroslav Benes <mbenes@...e.cz>,
        "H. Nikolaus Schaller" <hns@...delico.com>,
        Fangrui Song <maskray@...gle.com>,
        linux-kernel@...r.kernel.org, x86@...nel.org,
        linux-arch@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH 0/4] x86: Various clean-ups in support of FGKASLR

On Wed, Oct 13, 2021 at 10:57:38AM -0700, Kees Cook wrote:
> Hi,
> 
> These are a small set of patches that clean up various things that are
> each stand-alone improvements, but they're also needed for the coming
> FGKASLR series[1]. I thought it best to just get these landed instead
> of having them continue to tag along with FGKASLR, especially the
> early malloc() fix, which is a foot-gun waiting to happen. :)
> 
> Thanks!
> 
> -Kees
> 
> [1] https://lore.kernel.org/lkml/20210831144114.154-1-alexandr.lobakin@intel.com/

Peter, Josh, Boris, can someone please take these through -tip?

They're each stand-alone correctness improvements, and while FGKASLR
depends on them, there is no reason to keep them tied to that series,
especially since anyone using the early-boot malloc or making changes to
text sections is going to trip over one or several of the issues fixed
here.

They've got a bunch of reviews and acks already:
https://patchwork.kernel.org/project/linux-hardening/list/?series=562929

Thanks!

-Kees

> 
> Kees Cook (2):
>   x86/boot: Allow a "silent" kaslr random byte fetch
>   x86/boot/compressed: Avoid duplicate malloc() implementations
> 
> Kristen Carlson Accardi (2):
>   x86/tools/relocs: Support >64K section headers
>   vmlinux.lds.h: Have ORC lookup cover entire _etext - _stext
> 
>  arch/x86/boot/compressed/kaslr.c  |   4 --
>  arch/x86/boot/compressed/misc.c   |   3 +
>  arch/x86/boot/compressed/misc.h   |   2 +
>  arch/x86/lib/kaslr.c              |  18 ++++--
>  arch/x86/tools/relocs.c           | 103 ++++++++++++++++++++++--------
>  include/asm-generic/vmlinux.lds.h |   3 +-
>  include/linux/decompress/mm.h     |  12 +++-
>  7 files changed, 107 insertions(+), 38 deletions(-)
> 
> -- 
> 2.30.2
> 

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ