lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3d0a8b229544ef879d05fee74849619d@ispras.ru>
Date:   Wed, 04 May 2022 23:40:26 +0300
From:   baskov@...ras.ru
To:     Borislav Petkov <bp@...en8.de>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86: Parse CONFIG_CMDLINE in compressed kernel

On 2022-05-04 11:59, Borislav Petkov wrote:
> On Thu, Apr 07, 2022 at 05:40:14AM +0300, Baskov Evgeniy wrote:
>> CONFIG_CMDLINE_BOOL and CONFIG_CMDLINE_OVERRIDE was ignored
>> during options lookup in compressed kernel, including
>> earlyprintk option, so it was impossible to get earlyprintk
>> messages from that stage of boot process via command line
>> provided at compile time. Being able to enable earlyprintk
>> via compile-time option might be desirable for booting
>> on systems with broken UEFI command line arguments via EFISTUB.
>> 
>> Parse CONFIG_CMDLINE-related options correctly in compressed
>> kernel code.
>> 
>> Signed-off-by: Baskov Evgeniy <baskov@...ras.ru>
>> 
>> diff --git a/arch/x86/boot/compressed/cmdline.c 
>> b/arch/x86/boot/compressed/cmdline.c
>> index f1add5d85da9..dd8cbbe61dff 100644
>> --- a/arch/x86/boot/compressed/cmdline.c
>> +++ b/arch/x86/boot/compressed/cmdline.c
>> @@ -22,9 +22,49 @@ unsigned long get_cmd_line_ptr(void)
>>  }
>>  int cmdline_find_option(const char *option, char *buffer, int 
>> bufsize)
>>  {
>> -	return __cmdline_find_option(get_cmd_line_ptr(), option, buffer, 
>> bufsize);
>> +	int len = -1;
>> +	unsigned long cmdline_ptr;
>> +
>> +	/*
>> +	 * First try command line string provided by user,
>> +	 * then try command line string configured at comple time.
>> +	 * Skip first step if CONFIG_CMDLINE_OVERRIDE is enabled
>> +	 * and parse only compile time command line.
>> +	 */
>> +
>> +	if (!IS_ENABLED(CONFIG_CMDLINE_OVERRIDE)) {
>> +		cmdline_ptr = get_cmd_line_ptr();
>> +		len = __cmdline_find_option(cmdline_ptr, option,
>> +					    buffer, bufsize);
>> +	}
>> +
>> +#ifdef CONFIG_CMDLINE_BOOL
>> +	if (len < 0) {
>> +		cmdline_ptr = (unsigned long)CONFIG_CMDLINE;
>> +		len = __cmdline_find_option(cmdline_ptr, option,
>> +					    buffer, bufsize);
>> +	}
>> +#endif
> 
> Do I see it correctly that all this logic boils down to returning the
> proper cmdline ptr and so you can do that once in get_cmd_line_ptr()
> instead of duplicating the ifdeffery?

Yes, it can be done by returning either concatenation of build-time
and run-time command line strings or only the build-time one,
depending on the kernel configuration.

Actually, it is implemented this way in arch/x86/kernel/setup.c.
I thought it's better to avoid imposing restrictions on kernel
command line length, but since it is already done, I guess,
I will do the same way in v2.

Thanks,
Baskov Evgeniy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ