| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Jan 2024 21:12:44 +0100 From: Christian Marangi <ansuelsmth@...il.com> To: Russell King <linux@...linux.org.uk>, Arnd Bergmann <arnd@...db.de>, Andrew Morton <akpm@...ux-foundation.org>, Geert Uytterhoeven <geert+renesas@...der.be>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, Jonathan Corbet <corbet@....net>, Thomas Gleixner <tglx@...utronix.de>, Randy Dunlap <rdunlap@...radead.org>, Christian Marangi <ansuelsmth@...il.com>, "Mike Rapoport (IBM)" <rppt@...nel.org>, Eric DeVolder <eric.devolder@...cle.com>, Nathan Chancellor <nathan@...nel.org>, "Russell King (Oracle)" <rmk+kernel@...linux.org.uk>, Kees Cook <keescook@...omium.org>, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Bjorn Andersson <andersson@...nel.org>, Konrad Dybcio <konrad.dybcio@...ainline.org>, Linus Walleij <linus.walleij@...aro.org>, John Crispin <john@...ozen.org> Subject: [PATCH 1/2] ARM: decompressor: support memory start validation for appended DTB There is currently a problem with a very specific sets of kernel config and AUTO_ZRELADDR. For the most common case AUTO_ZRELADDR check the PC register and calculate the start of the physical memory. Then fdt_check_mem_start is called to make sure the detected value makes sense by comparing it with what is present in DTB in the memory nodes and if additional fixup are required with the use of linux,usable-memory-range in the chosen node to hardcode usable memory range in case some reserved space needs to be addressed. With the help of this function the right address is calculated and the kernel correctly decompress and loads. Things starts to become problematic when in the mix, CONFIG_ARM_APPENDED_DTB is used. This is a particular kernel config is used when legacy systems doesn't support passing a DTB directly and a DTB is appended at the end of the image. In such case, fdt_check_mem_start is skipped in AUTO_ZRELADDR iteration as the appended DTB can be augumented later with ATAGS passed from the bootloader (if CONFIG_ARM_ATAG_DTB_COMPAT is enabled). The main problem and what this patch address is the fact that fdt_check_mem_start is never called later when the appended DTB is augumented, hence any fixup and validation is not done making AUTO_ZRELADDR detection inconsistent and most of the time wrong. Add support in head.S for this by checking if AUTO_ZRELADDR is enabled and calling fdt_check_mem_start with the appended DTB and the augumented values permitting legacy device to provide info in DTB instead of disabling AUTO_ZRELADDR and hardcoding the physical address offsets. Signed-off-by: Christian Marangi <ansuelsmth@...il.com> --- arch/arm/boot/compressed/head.S | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S index 9f406e9c0ea6..2ff38a8df1f0 100644 --- a/arch/arm/boot/compressed/head.S +++ b/arch/arm/boot/compressed/head.S @@ -443,6 +443,28 @@ restart: adr r0, LC1 add r6, r6, r5 add r10, r10, r5 add sp, sp, r5 + +#ifdef CONFIG_AUTO_ZRELADDR + /* + * Validate calculated start of physical memory with appended DTB. + * In the first iteration for physical memory start calculation, + * we skipped validating it as it could have been augumented by + * ATAGS stored at an offset from the same start of physical memory. + * + * We now have parsed them and augumented the appended DTB if asked + * so we can finally validate the start of physical memory. + * + * This is needed to apply additional fixup with + * linux,usable-memory-range or to make sure AUTO_ZRELADDR detected + * the correct value. + */ + sub r0, r4, #TEXT_OFFSET @ revert to base address + mov r1, r8 @ use appended DTB + bl fdt_check_mem_start + + /* Determine final kernel image address. */ + add r4, r0, #TEXT_OFFSET +#endif dtb_check_done: #endif -- 2.43.0
Powered by blists - more mailing lists