| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YoP11ZNZv2/Z7B0g@zn.tnic>
Date: Tue, 17 May 2022 21:21:57 +0200
From: Borislav Petkov <bp@...en8.de>
To: Vit Kabele <vit@...ele.me>
Cc: platform-driver-x86@...r.kernel.org, r.marek@...embler.cz,
x86@...nel.org, linux-kernel@...r.kernel.org, rafael@...nel.org,
mingo@...hat.com
Subject: Re: [PATCH v2] arch/x86: Check validity of EBDA pointer in mpparse.c
On Mon, May 16, 2022 at 11:43:48AM +0200, Vit Kabele wrote:
> And the valid upper bound of the EBDA pointer is also different
> for these two use-cases. (The mpparse.c usage is interested in EBDA
> pointer only if it ends 1KiB before the end of low memory, while the
> ebda.c accepts even the values in the last KiB below 640KiB).
And I still don't know why this difference in the upper bounds is really
relevant and why you can't simply use the code in reserve_bios_regions()
after carving it out in a helper?
The latter considers ebda_start valid when it is between BIOS_START_MIN
and bios_start, after having sanitized that bios_start to 640K if "out
of bounds".
Why can't default_find_smp_config() simply scan the last KiB below
640KiB twice for the sake of simpler code?
I.e., there needs to be a single get_bios_ebda() - the current one can
be renamed to __get_bios_ebda() - and that get_bios_ebda() should give
either a sane EBDA address or 0 if the checks don't pass. And all code
should use that.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists