lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240805150750.170739-1-petr.tesarik@suse.com>
Date: Mon,  5 Aug 2024 17:07:50 +0200
From: Petr Tesarik <petr.tesarik@...e.com>
To: Eric Biederman <ebiederm@...ssion.com>,
	Sourabh Jain <sourabhjain@...ux.ibm.com>,
	Hari Bathini <hbathini@...ux.ibm.com>,
	Baoquan He <bhe@...hat.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Eric DeVolder <eric.devolder@...cle.com>,
	kexec@...ts.infradead.org (open list:KEXEC),
	linux-kernel@...r.kernel.org (open list)
Cc: Petr Tesarik <ptesarik@...e.com>,
	stable@...nel.org
Subject: [PATCH 1/1] kexec_file: fix elfcorehdr digest exclusion when CONFIG_CRASH_HOTPLUG=y

From: Petr Tesarik <ptesarik@...e.com>

Fix the condition to exclude the elfcorehdr segment from the SHA digest
calculation.

The j iterator is an index into the output sha_regions[] array, not into
the input image->segment[] array. Once it reaches image->elfcorehdr_index,
all subsequent segments are excluded. Besides, if the purgatory segment
precedes the elfcorehdr segment, the elfcorehdr may be wrongly included in
the calculation.

Fixes: f7cc804a9fd4 ("kexec: exclude elfcorehdr from the segment digest")
Cc: stable@...nel.org
Signed-off-by: Petr Tesarik <ptesarik@...e.com>
---
 kernel/kexec_file.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c
index 3d64290d24c9..3eedb8c226ad 100644
--- a/kernel/kexec_file.c
+++ b/kernel/kexec_file.c
@@ -752,7 +752,7 @@ static int kexec_calculate_store_digests(struct kimage *image)
 
 #ifdef CONFIG_CRASH_HOTPLUG
 		/* Exclude elfcorehdr segment to allow future changes via hotplug */
-		if (j == image->elfcorehdr_index)
+		if (i == image->elfcorehdr_index)
 			continue;
 #endif
 
-- 
2.45.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ