lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Sep 2022 19:32:46 -0700
From:   Daniel Walker <danielwa@...co.com>
To:     Will Deacon <will@...nel.org>,
        Christophe Leroy <christophe.leroy@...roup.eu>,
        Rob Herring <robh@...nel.org>,
        Daniel Gimpelevich <daniel@...pelevich.san-francisco.ca.us>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Sean Anderson <sean.anderson@...o.com>,
        "H. Peter Anvin" <hpa@...or.com>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        linux-arm-kernel@...ts.infradead.org, linux-mips@...r.kernel.org,
        linux-kernel@...r.kernel.org, devicetree@...r.kernel.org,
        linux-kbuild@...r.kernel.org
Cc:     xe-linux-external@...co.com, linux-efi@...r.kernel.org
Subject: [PATCH 0/8] generic command line v5

v5 release changes. Generally a rebase from v4.

* Modified OF changes to move the ugly code into the cmdline.h

* Minor compliation update in arm64. Added ifndef __ASSEMBLY__ in
  a few places.

* Worked around arm64 kaslr_early.c.

	This code needs some additional review and consideration. 
	It appears this code is missing the opposite option to nokaslr
	which is kaslr.disabled=1/0 which would allow kaslr to be turn
	back on later in the command line. For example,

	console=ttyS0 nokaslr root=/dev/ram0 nosmp kaslr.disabled=0 loglevel=7
	
	On arm64 in arch/arm64/kernel/idreg-override.c this is parsed correctly
	to turn on kaslr, but the kaslr_early.c is missing this logic.
	Doing this results in kaslr getting disabled with the following message,

	KASLR disabled due to lack of seed

	Even when there is a seed in the device tree.	

	So change to the generic command line would leave built in command
	lines with nokaslr with no option to re-enable kaslr in in the bootloader
	arguments.


Daniel Walker (8):
  CMDLINE: add generic builtin command line
  scripts: insert-sys-cert: add command line insert capability
  scripts: insert-sys-cert: change name to insert-symbol
  CMDLINE: mips: convert to generic builtin command line
  drivers: firmware: efi: libstub: enable generic commandline
  CMDLINE: x86: convert to generic builtin command line
  of: replace command line handling
  CMDLINE: arm64: convert to generic builtin command line

 arch/arm64/Kconfig                            |  33 +--
 arch/arm64/include/asm/setup.h                |   4 +
 arch/arm64/include/uapi/asm/setup.h           |   2 +
 arch/arm64/kernel/idreg-override.c            |   9 +-
 arch/arm64/kernel/pi/kaslr_early.c            |  14 +-
 arch/mips/Kconfig                             |   4 +-
 arch/mips/Kconfig.debug                       |  44 ----
 arch/mips/configs/ar7_defconfig               |   9 +-
 arch/mips/configs/bcm47xx_defconfig           |   8 +-
 arch/mips/configs/bcm63xx_defconfig           |  15 +-
 arch/mips/configs/bmips_be_defconfig          |  11 +-
 arch/mips/configs/bmips_stb_defconfig         |   6 +-
 arch/mips/configs/ci20_defconfig              |   9 +-
 arch/mips/configs/cu1000-neo_defconfig        |  10 +-
 arch/mips/configs/cu1830-neo_defconfig        |  10 +-
 arch/mips/configs/generic_defconfig           |   6 +-
 arch/mips/configs/gpr_defconfig               |  18 +-
 arch/mips/configs/loongson3_defconfig         |  12 +-
 arch/mips/include/asm/setup.h                 |   2 +
 arch/mips/kernel/relocate.c                   |  17 +-
 arch/mips/kernel/setup.c                      |  36 +--
 arch/mips/pic32/pic32mzda/early_console.c     |   2 +-
 arch/mips/pic32/pic32mzda/init.c              |   3 +-
 arch/x86/Kconfig                              |  44 +---
 arch/x86/kernel/setup.c                       |  18 +-
 .../firmware/efi/libstub/efi-stub-helper.c    |  29 +++
 drivers/firmware/efi/libstub/efi-stub.c       |   9 +
 drivers/firmware/efi/libstub/efistub.h        |   1 +
 drivers/firmware/efi/libstub/x86-stub.c       |  13 +-
 drivers/of/fdt.c                              |  22 +-
 include/linux/cmdline.h                       | 137 ++++++++++
 init/Kconfig                                  |  78 ++++++
 lib/Kconfig                                   |   4 +
 lib/Makefile                                  |   3 +
 lib/generic_cmdline.S                         |  53 ++++
 lib/test_cmdline1.c                           | 139 ++++++++++
 scripts/Makefile                              |   2 +-
 .../{insert-sys-cert.c => insert-symbol.c}    | 243 ++++++++++++------
 38 files changed, 724 insertions(+), 355 deletions(-)
 create mode 100644 include/linux/cmdline.h
 create mode 100644 lib/generic_cmdline.S
 create mode 100644 lib/test_cmdline1.c
 rename scripts/{insert-sys-cert.c => insert-symbol.c} (72%)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ