lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID:
 <DS7PR19MB57092B4012BEFBBA52E2C2748BA92@DS7PR19MB5709.namprd19.prod.outlook.com>
Date: Tue, 23 Jul 2024 14:21:31 +0000
From: "Shao, Marshall" <Marshall.Shao@...l.com>
To: Ard Biesheuvel <ardb@...nel.org>
CC: "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "hpa@...or.com" <hpa@...or.com>,
        "dave.hansen@...ux.intel.com"
	<dave.hansen@...ux.intel.com>,
        "bp@...en8.de" <bp@...en8.de>, "mingo@...hat.com" <mingo@...hat.com>,
        "tglx@...utronix.de"
	<tglx@...utronix.de>,
        "Mishra, Ashish" <Ashish.Mishra4@...l.com>,
        "Chia, Jia
 Yuan" <JiaYuan.Chia@...l.com>,
        "Dion, Christopher"
	<Christopher.Dion@...l.com>,
        "Caisse, Joe" <Joe.Caisse@...l.com>,
        "Mukundan,
 Govind" <Govind.Mukundan@...l.com>
Subject: RE: [Patch] Do not clear BSS region in x86 stub

Hi Ard,

Many thanks for your reply.

> systemd-boot does not use the EFI handover protocol. Please try to
> determine where this confusion comes from: are you using a UKI image
> perhaps?

I can confirm that both systemd-boot and stub will be used, and you 
are correct about the stub part, because currently, the stub will lead 
the system to handover protocol and trigger the problem.

> I am trying to understand *why* this particular change works around
> the issue. Please elaborate.

When I removed the memset, and booted to efi_decompress_kernel, the
boot service crashed, and it indicated that the memory region from _bss
to the end of boot_heap cannot be overwritten. Upon inspecting the data 
in the BSS region found one thing is that the _bss address is not fixed on 
each boot (when the MOR bit is set to 1), and it changes randomly. 

For example, in normal boot the _bss address is 0xffee0000, if I set MOR 
to 1, then the address shifts to 0xff990000 or 0xff991000 or
 0xff993000. I cannot predict which will be the starting address for the 
next boot.

Since the entire BSS region was not cleaned, and it contains zeros and 
other data, so I tried to increase the boot_stack size by 0x3000 to 
cover the 'fragile' part. 

> My preliminary conclusion here is that your implementation of the EFI
> handover protocol (which I fail to understand where it comes from) is
> not allocating enough memory. This should be fixed on the bootloader
> side, as not clearing the BSS does not prevent this memory from being
> corrupted.

I understand that the handover protocol is nearing the end of its support 
and it seems I am only one experiencing the issue. However,
from the perspective of backward compatibility, I think this patch maybe 
useful.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ