lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAMj1kXGhM+jqL8fZjjrPeoaC7Qc5tRDfRmmia5x-UVpB-uH_Xw@mail.gmail.com>
Date:   Thu, 7 Sep 2023 15:44:34 +0200
From:   Ard Biesheuvel <ardb@...nel.org>
To:     Marvin Häuser <mhaeuser@...teo.de>
Cc:     linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
        Evgeniy Baskov <baskov@...ras.ru>,
        Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Peter Jones <pjones@...hat.com>,
        Matthew Garrett <mjg59@...f.ucam.org>,
        Gerd Hoffmann <kraxel@...hat.com>,
        Kees Cook <keescook@...omium.org>,
        "H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH 15/17] x86/boot: Split off PE/COFF .data section

On Fri, 18 Aug 2023 at 16:35, Marvin Häuser <mhaeuser@...teo.de> wrote:
>
> Hi Ard,
>
> Thanks for your effort! Not sure what the documentation policies are, but might it be worth mentioning that we cannot have .rdata at this time, because current-gen EFI will map it as RW?
>

Yeah I'll mention this in the next version.


> Best regards,
> Marvin
>
> > On Aug 18, 2023, at 15:45, Ard Biesheuvel <ardb@...nel.org> wrote:
> > Describe the code and data of the decompressor binary using separate
> > .text and .data PE/COFF sections, so that we will be able to map them
> > using restricted permissions once we increase the section and file
> > alignment sufficiently. This avoids the need for memory mappings that
> > are writable and executable at the same time, which is something that
> > is best avoided for security reasons.
> >
> > Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
> > ---
> > arch/x86/boot/Makefile |  2 +-
> > arch/x86/boot/header.S | 19 +++++++++++++++----
> > 2 files changed, 16 insertions(+), 5 deletions(-)
> >
> > diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile
> > index b26e30a2d865f72d..50c50fce646e2417 100644
> > --- a/arch/x86/boot/Makefile
> > +++ b/arch/x86/boot/Makefile
> > @@ -90,7 +90,7 @@ $(obj)/vmlinux.bin: $(obj)/compressed/vmlinux FORCE
> >
> > SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
> >
> > -sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_edata\|z_.*\)$$/\#define ZO_\2 0x\1/p'
> > +sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [a-zA-Z] \(startup_32\|efi.._stub_entry\|efi\(32\)\?_pe_entry\|input_data\|kernel_info\|_end\|_ehead\|_text\|_e\?data\|z_.*\)$$/\#define ZO_\2 0x\1/p'
> >
> > quiet_cmd_zoffset = ZOFFSET $@
> >       cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
> > diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
> > index ccfb7a7d8c29275e..25dda40dacb52292 100644
> > --- a/arch/x86/boot/header.S
> > +++ b/arch/x86/boot/header.S
> > @@ -79,9 +79,9 @@ optional_header:
> >    .byte    0x02                # MajorLinkerVersion
> >    .byte    0x14                # MinorLinkerVersion
> >
> > -    .long    setup_size + ZO__end - 0x200    # SizeOfCode
> > +    .long    ZO__data            # SizeOfCode
> >
> > -    .long    0                # SizeOfInitializedData
> > +    .long    ZO__end - ZO__data        # SizeOfInitializedData
> >    .long    0                # SizeOfUninitializedData
> >
> >    .long    setup_size + ZO_efi_pe_entry    # AddressOfEntryPoint
> > @@ -182,9 +182,9 @@ section_table:
> >    .byte    0
> >    .byte    0
> >    .byte    0
> > -    .long    ZO__end
> > +    .long    ZO__data
> >    .long    setup_size
> > -    .long    ZO__edata            # Size of initialized data
> > +    .long    ZO__data            # Size of initialized data
> >                        # on disk
> >    .long    setup_size
> >    .long    0                # PointerToRelocations
> > @@ -195,6 +195,17 @@ section_table:
> >        IMAGE_SCN_MEM_READ        | \
> >        IMAGE_SCN_MEM_EXECUTE        # Characteristics
> >
> > +    .ascii    ".data\0\0\0"
> > +    .long    ZO__end - ZO__data        # VirtualSize
> > +    .long    setup_size + ZO__data        # VirtualAddress
> > +    .long    ZO__edata - ZO__data        # SizeOfRawData
> > +    .long    setup_size + ZO__data        # PointerToRawData
> > +
> > +    .long    0, 0, 0
> > +    .long    IMAGE_SCN_CNT_INITIALIZED_DATA    | \
> > +        IMAGE_SCN_MEM_READ        | \
> > +        IMAGE_SCN_MEM_WRITE        # Characteristics
> > +
> >    .set    section_count, (. - section_table) / 40
> > #endif /* CONFIG_EFI_STUB */
> >
> > --
> > 2.39.2
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ