lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID:
 <IA2PR20MB72069B2764125FF8A1927940FD1D2@IA2PR20MB7206.namprd20.prod.outlook.com>
Date: Sat, 11 Jan 2025 14:17:43 +0000
From: Nir Lichtman <nir_lichtman@...mail.com>
To: "dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
	"luto@...nel.org" <luto@...nel.org>, "peterz@...radead.org"
	<peterz@...radead.org>, "tglx@...utronix.de" <tglx@...utronix.de>,
	"mingo@...hat.com" <mingo@...hat.com>, "bp@...en8.de" <bp@...en8.de>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"m.younesbadr@...il.com" <m.younesbadr@...il.com>
CC: Nir Lichtman <nir@...htman.org>
Subject: [PATCH v2 RESEND] x86/kaslr: Ingest nokaslr to avoid passing it to
 init process

Problem: Currently booting the kernel with "nokaslr" on x86 incorrectly
doesn't recognize this parameter and passes it on to the init process

Reason: On x86, this parameter is parsed by the early loader, and so the
main kernel itself doesn't do anything with it.

Example: I have encountered this issue when booting the kernel with QEMU
using -kernel and -initrd with a simple initrd I have built containing
bash as the init executable. Upon running init, the kernel passed the
"unrecognized parameter" to bash causing bash to exit with a failure and
the kernel to panic.

Solution: Ingest this parameter as part of the kernel logic in x86 so the
kernel will recognize this as a valid parameter and not pass it to user
mode.
This is similar to the logic that already exists in the case of ARM64
which can be found in arch/arm64/kernel/kaslr.c:43

Crediting also Mahmoud since he came up with a similar patch a couple of
months ago, the patch was left with unaddressed CR comments by Borislav
which I have addressed in this patch,
link to thread: https://lore.kernel.org/all/20240331200546.869343-1-m.younesbadr@gmail.com/

v2: Remove single line if-condition braces, following check patch script warning

Signed-off-by: Mahmoud Younes <m.younesbadr@...il.com>
Signed-off-by: Nir Lichtman <nir@...htman.org>
---

Note: resending this since I got no reply on my previous email that was sent a couple of months ago, trying from my second email (perhaps my primary email got to spam)

 arch/x86/mm/kaslr.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/arch/x86/mm/kaslr.c b/arch/x86/mm/kaslr.c
index 230f1dee4f09..e2aaa72be749 100644
--- a/arch/x86/mm/kaslr.c
+++ b/arch/x86/mm/kaslr.c
@@ -71,6 +71,20 @@ static inline unsigned long get_padding(struct kaslr_memory_region *region)
 	return (region->size_tb << TB_SHIFT);
 }
 
+/*
+ * nokaslr param handling is done by the loader which treats the
+ * boot parameters as read only so this is a hack to ingest this
+ * to keep it from passing to user mode
+ */
+static int __init parse_nokaslr(char *p)
+{
+	if (!!(boot_params.hdr.loadflags & KASLR_FLAG))
+		pr_warn("the loader has not parsed the nokaslr flag");
+
+	return 0;
+}
+early_param("nokaslr", parse_nokaslr);
+
 /* Initialize base and padding for each memory region randomized with KASLR */
 void __init kernel_randomize_memory(void)
 {
-- 
2.39.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ