lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMj1kXHEJubE42e6cUiEUv=Z66d9Gqw0EM7Wts9hrHzf8ZDsGQ@mail.gmail.com>
Date: Thu, 4 Jan 2024 17:51:11 +0100
From: Ard Biesheuvel <ardb@...nel.org>
To: Thomas Zimmermann <tzimmermann@...e.de>
Cc: tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, 
	dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com, 
	bhelgaas@...gle.com, arnd@...db.de, zohar@...ux.ibm.com, 
	dmitry.kasatkin@...il.com, paul@...l-moore.com, jmorris@...ei.org, 
	serge@...lyn.com, javierm@...hat.com, linux-arch@...r.kernel.org, 
	linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux-pci@...r.kernel.org, linux-integrity@...r.kernel.org, 
	linux-security-module@...r.kernel.org
Subject: Re: [PATCH v3 4/4] arch/x86: Do not include <asm/bootparam.h> in
 several files

On Thu, 4 Jan 2024 at 10:54, Thomas Zimmermann <tzimmermann@...e.de> wrote:
>
> Remove the include statement for <asm/bootparam.h> from several files
> that don't require it. Limits the exposure of the boot parameters
> within the Linux kernel code.
>
> Signed-off-by: Thomas Zimmermann <tzimmermann@...e.de>
> Acked-by: Ard Biesheuvel <ardb@...nel.org>
>
> ---
>
> v3:
>         * revert of e820/types.h required
> v2:
>         * clean up misc.h and e820/types.h
>         * include bootparam.h in several source files
> ---
>  arch/x86/boot/compressed/acpi.c       | 2 ++
>  arch/x86/boot/compressed/cmdline.c    | 2 ++
>  arch/x86/boot/compressed/efi.c        | 2 ++
>  arch/x86/boot/compressed/misc.h       | 3 ++-
>  arch/x86/boot/compressed/pgtable_64.c | 1 +
>  arch/x86/boot/compressed/sev.c        | 1 +
>  arch/x86/include/asm/kexec.h          | 1 -
>  arch/x86/include/asm/mem_encrypt.h    | 2 +-
>  arch/x86/include/asm/sev.h            | 3 ++-
>  arch/x86/include/asm/x86_init.h       | 2 --
>  arch/x86/kernel/crash.c               | 1 +
>  arch/x86/kernel/sev-shared.c          | 2 ++
>  arch/x86/platform/pvh/enlighten.c     | 1 +
>  arch/x86/xen/enlighten_pvh.c          | 1 +
>  arch/x86/xen/vga.c                    | 1 -
>  15 files changed, 18 insertions(+), 7 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/acpi.c b/arch/x86/boot/compressed/acpi.c
> index 18d15d1ce87d..f196b1d1ddf8 100644
> --- a/arch/x86/boot/compressed/acpi.c
> +++ b/arch/x86/boot/compressed/acpi.c
> @@ -5,6 +5,8 @@
>  #include "../string.h"
>  #include "efi.h"
>
> +#include <asm/bootparam.h>
> +
>  #include <linux/numa.h>
>
>  /*
> diff --git a/arch/x86/boot/compressed/cmdline.c b/arch/x86/boot/compressed/cmdline.c
> index c1bb180973ea..e162d7f59cc5 100644
> --- a/arch/x86/boot/compressed/cmdline.c
> +++ b/arch/x86/boot/compressed/cmdline.c
> @@ -1,6 +1,8 @@
>  // SPDX-License-Identifier: GPL-2.0
>  #include "misc.h"
>
> +#include <asm/bootparam.h>
> +
>  static unsigned long fs;
>  static inline void set_fs(unsigned long seg)
>  {
> diff --git a/arch/x86/boot/compressed/efi.c b/arch/x86/boot/compressed/efi.c
> index 6edd034b0b30..f2e50f9758e6 100644
> --- a/arch/x86/boot/compressed/efi.c
> +++ b/arch/x86/boot/compressed/efi.c
> @@ -7,6 +7,8 @@
>
>  #include "misc.h"
>
> +#include <asm/bootparam.h>
> +
>  /**
>   * efi_get_type - Given a pointer to boot_params, determine the type of EFI environment.
>   *
> diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
> index c0d502bd8716..01c89c410efd 100644
> --- a/arch/x86/boot/compressed/misc.h
> +++ b/arch/x86/boot/compressed/misc.h
> @@ -33,7 +33,6 @@
>  #include <linux/elf.h>
>  #include <asm/page.h>
>  #include <asm/boot.h>
> -#include <asm/bootparam.h>
>  #include <asm/desc_defs.h>
>
>  #include "tdx.h"
> @@ -53,6 +52,8 @@
>  #define memptr unsigned
>  #endif
>
> +struct boot_param;
> +

Typo?

Interestingly, it still builds fine for me without any warnings.


>  /* boot/compressed/vmlinux start and end markers */
>  extern char _head[], _end[];
>
> diff --git a/arch/x86/boot/compressed/pgtable_64.c b/arch/x86/boot/compressed/pgtable_64.c
> index 51f957b24ba7..c882e1f67af0 100644
> --- a/arch/x86/boot/compressed/pgtable_64.c
> +++ b/arch/x86/boot/compressed/pgtable_64.c
> @@ -1,5 +1,6 @@
>  // SPDX-License-Identifier: GPL-2.0
>  #include "misc.h"
> +#include <asm/bootparam.h>
>  #include <asm/e820/types.h>
>  #include <asm/processor.h>
>  #include "pgtable.h"
> diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c
> index 454acd7a2daf..13beae767e48 100644
> --- a/arch/x86/boot/compressed/sev.c
> +++ b/arch/x86/boot/compressed/sev.c
> @@ -12,6 +12,7 @@
>   */
>  #include "misc.h"
>
> +#include <asm/bootparam.h>
>  #include <asm/pgtable_types.h>
>  #include <asm/sev.h>
>  #include <asm/trapnr.h>
> diff --git a/arch/x86/include/asm/kexec.h b/arch/x86/include/asm/kexec.h
> index c9f6a6c5de3c..91ca9a9ee3a2 100644
> --- a/arch/x86/include/asm/kexec.h
> +++ b/arch/x86/include/asm/kexec.h
> @@ -25,7 +25,6 @@
>
>  #include <asm/page.h>
>  #include <asm/ptrace.h>
> -#include <asm/bootparam.h>
>
>  struct kimage;
>
> diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h
> index 359ada486fa9..c1a8a3408c18 100644
> --- a/arch/x86/include/asm/mem_encrypt.h
> +++ b/arch/x86/include/asm/mem_encrypt.h
> @@ -15,7 +15,7 @@
>  #include <linux/init.h>
>  #include <linux/cc_platform.h>
>
> -#include <asm/bootparam.h>
> +struct boot_params;
>

Unfortunately, the SEV/SNP code is a bit of a kludge given that it
declares routines in headers under arch/x86/include/asm, and defines
them in two different places (the decompressor and the kernel proper).

So while I feel that we should avoid relying on incomplete struct
definitions, this one (and the one below) seems fine to me for now.
If/when someone gets around to cleaning up the SEV/SNP header files,
to split the init code from the more widely used mm types etc, we can
revisit this.


>  #ifdef CONFIG_X86_MEM_ENCRYPT
>  void __init mem_encrypt_init(void);
> diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h
> index 5b4a1ce3d368..8dad8b1613bf 100644
> --- a/arch/x86/include/asm/sev.h
> +++ b/arch/x86/include/asm/sev.h
> @@ -13,7 +13,6 @@
>
>  #include <asm/insn.h>
>  #include <asm/sev-common.h>
> -#include <asm/bootparam.h>
>  #include <asm/coco.h>
>
>  #define GHCB_PROTOCOL_MIN      1ULL
> @@ -22,6 +21,8 @@
>
>  #define        VMGEXIT()                       { asm volatile("rep; vmmcall\n\r"); }
>
> +struct boot_params;
> +
>  enum es_result {
>         ES_OK,                  /* All good */
>         ES_UNSUPPORTED,         /* Requested operation not supported */
> diff --git a/arch/x86/include/asm/x86_init.h b/arch/x86/include/asm/x86_init.h
> index c878616a18b8..f062715578a0 100644
> --- a/arch/x86/include/asm/x86_init.h
> +++ b/arch/x86/include/asm/x86_init.h
> @@ -2,8 +2,6 @@
>  #ifndef _ASM_X86_PLATFORM_H
>  #define _ASM_X86_PLATFORM_H
>
> -#include <asm/bootparam.h>
> -
>  struct ghcb;
>  struct mpc_bus;
>  struct mpc_cpu;
> diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c
> index c92d88680dbf..564cff7ed33a 100644
> --- a/arch/x86/kernel/crash.c
> +++ b/arch/x86/kernel/crash.c
> @@ -26,6 +26,7 @@
>  #include <linux/vmalloc.h>
>  #include <linux/memblock.h>
>
> +#include <asm/bootparam.h>
>  #include <asm/processor.h>
>  #include <asm/hardirq.h>
>  #include <asm/nmi.h>
> diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c
> index ccb0915e84e1..4962ec42dc68 100644
> --- a/arch/x86/kernel/sev-shared.c
> +++ b/arch/x86/kernel/sev-shared.c
> @@ -9,6 +9,8 @@
>   * and is included directly into both code-bases.
>   */
>
> +#include <asm/setup_data.h>
> +
>  #ifndef __BOOT_COMPRESSED
>  #define error(v)       pr_err(v)
>  #define has_cpuflag(f) boot_cpu_has(f)
> diff --git a/arch/x86/platform/pvh/enlighten.c b/arch/x86/platform/pvh/enlighten.c
> index 00a92cb2c814..944e0290f2c0 100644
> --- a/arch/x86/platform/pvh/enlighten.c
> +++ b/arch/x86/platform/pvh/enlighten.c
> @@ -3,6 +3,7 @@
>
>  #include <xen/hvc-console.h>
>
> +#include <asm/bootparam.h>
>  #include <asm/io_apic.h>
>  #include <asm/hypervisor.h>
>  #include <asm/e820/api.h>
> diff --git a/arch/x86/xen/enlighten_pvh.c b/arch/x86/xen/enlighten_pvh.c
> index ada3868c02c2..9e9db601bd52 100644
> --- a/arch/x86/xen/enlighten_pvh.c
> +++ b/arch/x86/xen/enlighten_pvh.c
> @@ -4,6 +4,7 @@
>
>  #include <xen/hvc-console.h>
>
> +#include <asm/bootparam.h>
>  #include <asm/io_apic.h>
>  #include <asm/hypervisor.h>
>  #include <asm/e820/api.h>
> diff --git a/arch/x86/xen/vga.c b/arch/x86/xen/vga.c
> index d97adab8420f..f7547807b0bd 100644
> --- a/arch/x86/xen/vga.c
> +++ b/arch/x86/xen/vga.c
> @@ -2,7 +2,6 @@
>  #include <linux/screen_info.h>
>  #include <linux/init.h>
>
> -#include <asm/bootparam.h>
>  #include <asm/setup.h>
>
>  #include <xen/interface/xen.h>
> --
> 2.43.0
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ