From: Yinghai Lu <yinghai@kernel.org>
To: Matt Fleming <matt.fleming@intel.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Kees Cook <keescook@chromium.org>, Borislav Petkov <bp@suse.de>,
Baoquan He <bhe@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Jiri Kosina <jkosina@suse.cz>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
Yinghai Lu <yinghai@kernel.org>,
Josh Triplett <josh@joshtriplett.org>,
Andrew Morton <akpm@linux-foundation.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Junjie Mao <eternal.n08@gmail.com>
Subject: [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size
Date: Sat, 7 Mar 2015 14:07:15 -0800 [thread overview]
Message-ID: <1425766041-6551-2-git-send-email-yinghai@kernel.org> (raw)
In-Reply-To: <1425766041-6551-1-git-send-email-yinghai@kernel.org>
commit e6023367d779 ("x86, kaslr: Prevent .bss from overlaping initrd")
introduced one run_size for kaslr.
We should use real runtime size (include copy/decompress) aka init_size.
run_size is VO (vmlinux) init size include bss and brk.
init_size is the size needed for decompress and it is bigger than run_size
when decompress need more buff.
According to arch/x86/boot/header.S:
| #define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_extract_offset)
| #define VO_INIT_SIZE (VO__end - VO__text)
| #if ZO_INIT_SIZE > VO_INIT_SIZE
| #define INIT_SIZE ZO_INIT_SIZE
| #else
| #define INIT_SIZE VO_INIT_SIZE
| #endif
| init_size: .long INIT_SIZE # kernel initialization size
Bootloader allocate buffer according to init_size in hdr, and load the
ZO (arch/x86/boot/compressed/vmlinux) from start of that buffer.
init_size first come from VO (vmlinux) init size. That VO init size
is from VO _end to VO _end and include VO bss and brk area.
During running of ZO, ZO move itself to the middle of buffer at
z_extract_offset to make sure that decompressor would not have output
overwrite input data before input data get consumed.
But z_extract_offset calculating is based on size of VO (vmlinux) and size
of compressed VO only at first.
So need to make sure [z_extra_offset, init_size) will fit ZO, that means
init_size need to be adjusted according to ZO size.
That make init_size is always >= run_size.
During aslr buffer searching, we need to make sure the new buffer is big
enough for decompress at first. So use init_size instead, and kill not
needed run_size related code.
Fixes: e6023367d779 ("x86, kaslr: Prevent .bss from overlaping initrd")
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Josh Triplett <josh@joshtriplett.org>
Cc: Matt Fleming <matt.fleming@intel.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Junjie Mao <eternal.n08@gmail.com>
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
---
arch/x86/boot/compressed/Makefile | 4 +---
arch/x86/boot/compressed/head_32.S | 5 ++---
arch/x86/boot/compressed/head_64.S | 5 +----
arch/x86/boot/compressed/misc.c | 15 +++++++-------
arch/x86/boot/compressed/mkpiggy.c | 9 ++------
arch/x86/tools/calc_run_size.sh | 42 --------------------------------------
6 files changed, 13 insertions(+), 67 deletions(-)
delete mode 100644 arch/x86/tools/calc_run_size.sh
diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 0a291cd..70cc92c 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -92,10 +92,8 @@ suffix-$(CONFIG_KERNEL_XZ) := xz
suffix-$(CONFIG_KERNEL_LZO) := lzo
suffix-$(CONFIG_KERNEL_LZ4) := lz4
-RUN_SIZE = $(shell $(OBJDUMP) -h vmlinux | \
- $(CONFIG_SHELL) $(srctree)/arch/x86/tools/calc_run_size.sh)
quiet_cmd_mkpiggy = MKPIGGY $@
- cmd_mkpiggy = $(obj)/mkpiggy $< $(RUN_SIZE) > $@ || ( rm -f $@ ; false )
+ cmd_mkpiggy = $(obj)/mkpiggy $< > $@ || ( rm -f $@ ; false )
targets += piggy.S
$(obj)/piggy.S: $(obj)/vmlinux.bin.$(suffix-y) $(obj)/mkpiggy FORCE
diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
index 1d7fbbc..cbed140 100644
--- a/arch/x86/boot/compressed/head_32.S
+++ b/arch/x86/boot/compressed/head_32.S
@@ -207,8 +207,7 @@ relocated:
* Do the decompression, and jump to the new kernel..
*/
/* push arguments for decompress_kernel: */
- pushl $z_run_size /* size of kernel with .bss and .brk */
- pushl $z_output_len /* decompressed length, end of relocs */
+ pushl $z_output_len /* decompressed length */
leal z_extract_offset_negative(%ebx), %ebp
pushl %ebp /* output address */
pushl $z_input_len /* input_len */
@@ -218,7 +217,7 @@ relocated:
pushl %eax /* heap area */
pushl %esi /* real mode pointer */
call decompress_kernel /* returns kernel location in %eax */
- addl $28, %esp
+ addl $24, %esp
/*
* Jump to the decompressed kernel.
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index 6b1766c..2884e0c 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -402,16 +402,13 @@ relocated:
* Do the decompression, and jump to the new kernel..
*/
pushq %rsi /* Save the real mode argument */
- movq $z_run_size, %r9 /* size of kernel with .bss and .brk */
- pushq %r9
movq %rsi, %rdi /* real mode address */
leaq boot_heap(%rip), %rsi /* malloc area for uncompression */
leaq input_data(%rip), %rdx /* input_data */
movl $z_input_len, %ecx /* input_len */
movq %rbp, %r8 /* output target address */
- movq $z_output_len, %r9 /* decompressed length, end of relocs */
+ movq $z_output_len, %r9 /* decompressed length */
call decompress_kernel /* returns kernel location in %rax */
- popq %r9
popq %rsi
/*
diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c
index 5903089..51e9e54 100644
--- a/arch/x86/boot/compressed/misc.c
+++ b/arch/x86/boot/compressed/misc.c
@@ -370,10 +370,10 @@ asmlinkage __visible void *decompress_kernel(void *rmode, memptr heap,
unsigned char *input_data,
unsigned long input_len,
unsigned char *output,
- unsigned long output_len,
- unsigned long run_size)
+ unsigned long output_len)
{
unsigned char *output_orig = output;
+ unsigned long init_size;
real_mode = rmode;
@@ -396,15 +396,14 @@ asmlinkage __visible void *decompress_kernel(void *rmode, memptr heap,
free_mem_ptr = heap; /* Heap */
free_mem_end_ptr = heap + BOOT_HEAP_SIZE;
+ init_size = real_mode->hdr.init_size;
+
/*
- * The memory hole needed for the kernel is the larger of either
- * the entire decompressed kernel plus relocation table, or the
- * entire decompressed kernel plus .bss and .brk sections.
+ * The memory hole needed for the kernel is init_size for running
+ * and init_size is bigger than output_len always.
*/
output = choose_kernel_location(real_mode, input_data, input_len,
- output,
- output_len > run_size ? output_len
- : run_size);
+ output, init_size);
/* Validate memory location choices. */
if ((unsigned long)output & (MIN_KERNEL_ALIGN - 1))
diff --git a/arch/x86/boot/compressed/mkpiggy.c b/arch/x86/boot/compressed/mkpiggy.c
index d8222f2..b669ab6 100644
--- a/arch/x86/boot/compressed/mkpiggy.c
+++ b/arch/x86/boot/compressed/mkpiggy.c
@@ -36,13 +36,11 @@ int main(int argc, char *argv[])
uint32_t olen;
long ilen;
unsigned long offs;
- unsigned long run_size;
FILE *f = NULL;
int retval = 1;
- if (argc < 3) {
- fprintf(stderr, "Usage: %s compressed_file run_size\n",
- argv[0]);
+ if (argc < 2) {
+ fprintf(stderr, "Usage: %s compressed_file\n", argv[0]);
goto bail;
}
@@ -76,7 +74,6 @@ int main(int argc, char *argv[])
offs += olen >> 12; /* Add 8 bytes for each 32K block */
offs += 64*1024 + 128; /* Add 64K + 128 bytes slack */
offs = (offs+4095) & ~4095; /* Round to a 4K boundary */
- run_size = atoi(argv[2]);
printf(".section \".rodata..compressed\",\"a\",@progbits\n");
printf(".globl z_input_len\n");
@@ -88,8 +85,6 @@ int main(int argc, char *argv[])
/* z_extract_offset_negative allows simplification of head_32.S */
printf(".globl z_extract_offset_negative\n");
printf("z_extract_offset_negative = -0x%lx\n", offs);
- printf(".globl z_run_size\n");
- printf("z_run_size = %lu\n", run_size);
printf(".globl input_data, input_data_end\n");
printf("input_data:\n");
diff --git a/arch/x86/tools/calc_run_size.sh b/arch/x86/tools/calc_run_size.sh
deleted file mode 100644
index 1a4c17b..0000000
--- a/arch/x86/tools/calc_run_size.sh
+++ /dev/null
@@ -1,42 +0,0 @@
-#!/bin/sh
-#
-# Calculate the amount of space needed to run the kernel, including room for
-# the .bss and .brk sections.
-#
-# Usage:
-# objdump -h a.out | sh calc_run_size.sh
-
-NUM='\([0-9a-fA-F]*[ \t]*\)'
-OUT=$(sed -n 's/^[ \t0-9]*.b[sr][sk][ \t]*'"$NUM$NUM$NUM$NUM"'.*/\1\4/p')
-if [ -z "$OUT" ] ; then
- echo "Never found .bss or .brk file offset" >&2
- exit 1
-fi
-
-OUT=$(echo ${OUT# })
-sizeA=$(printf "%d" 0x${OUT%% *})
-OUT=${OUT#* }
-offsetA=$(printf "%d" 0x${OUT%% *})
-OUT=${OUT#* }
-sizeB=$(printf "%d" 0x${OUT%% *})
-OUT=${OUT#* }
-offsetB=$(printf "%d" 0x${OUT%% *})
-
-run_size=$(( $offsetA + $sizeA + $sizeB ))
-
-# BFD linker shows the same file offset in ELF.
-if [ "$offsetA" -ne "$offsetB" ] ; then
- # Gold linker shows them as consecutive.
- endB=$(( $offsetB + $sizeB ))
- if [ "$endB" != "$run_size" ] ; then
- printf "sizeA: 0x%x\n" $sizeA >&2
- printf "offsetA: 0x%x\n" $offsetA >&2
- printf "sizeB: 0x%x\n" $sizeB >&2
- printf "offsetB: 0x%x\n" $offsetB >&2
- echo ".bss and .brk are non-contiguous" >&2
- exit 1
- fi
-fi
-
-printf "%d\n" $run_size
-exit 0
--
1.8.4.5
next prev parent reply other threads:[~2015-03-07 22:07 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-07 22:07 [PATCH v3 0/7] x86, boot: clean up kasl Yinghai Lu
2015-03-07 22:07 ` Yinghai Lu
2015-03-07 22:07 ` Yinghai Lu [this message]
[not found] ` <1425766041-6551-2-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-09 12:49 ` [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size Borislav Petkov
2015-03-09 12:49 ` Borislav Petkov
2015-03-09 15:58 ` Ingo Molnar
[not found] ` <20150309155813.GA21755-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-09 15:58 ` Borislav Petkov
2015-03-09 15:58 ` Borislav Petkov
2015-03-09 19:35 ` Yinghai Lu
2015-03-09 20:00 ` Borislav Petkov
[not found] ` <20150309200035.GK12732-fF5Pk5pvG8Y@public.gmane.org>
2015-03-09 20:06 ` Yinghai Lu
2015-03-09 20:06 ` Yinghai Lu
[not found] ` <CAE9FiQVEaeWZ2oggks8_jbS+dObZJLq7aEo9cFEqJNtOhWTNRw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-09 20:18 ` Borislav Petkov
2015-03-09 20:18 ` Borislav Petkov
[not found] ` <20150309201846.GM12732-fF5Pk5pvG8Y@public.gmane.org>
2015-03-09 21:28 ` Yinghai Lu
2015-03-09 21:28 ` Yinghai Lu
2015-03-10 0:42 ` Kees Cook
2015-03-10 0:42 ` Kees Cook
2015-03-13 12:27 ` Ingo Molnar
[not found] ` <20150313122756.GA28855-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-14 2:47 ` Yinghai Lu
2015-03-14 2:47 ` Yinghai Lu
[not found] ` <CAE9FiQXaRmJFdEUhyn2q0v=9ymdbqZWEo1pzo6iyaNupWEp5Xg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-14 7:53 ` Ingo Molnar
2015-03-14 7:53 ` Ingo Molnar
[not found] ` <20150314075357.GA8319-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-03-14 9:59 ` Borislav Petkov
2015-03-14 9:59 ` Borislav Petkov
[not found] ` <20150314095923.GA3114-fF5Pk5pvG8Y@public.gmane.org>
2015-03-16 10:06 ` [PATCH] Revert "x86/mm/ASLR: Propagate base load address calculation" Borislav Petkov
2015-03-16 10:06 ` Borislav Petkov
2015-03-16 12:11 ` [tip:x86/urgent] " tip-bot for Borislav Petkov
2015-03-16 19:32 ` Yinghai Lu
[not found] ` <20150316100628.GD22995-fF5Pk5pvG8Y@public.gmane.org>
2015-03-16 13:56 ` [PATCH] " Jiri Kosina
2015-03-16 13:56 ` Jiri Kosina
2015-03-16 19:15 ` Yinghai Lu
2015-03-17 8:14 ` Ingo Molnar
2015-03-07 22:07 ` [PATCH v3 2/7] x86, boot: Move ZO to end of buffer Yinghai Lu
[not found] ` <1425766041-6551-3-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 0:54 ` Kees Cook
2015-03-10 0:54 ` Kees Cook
2015-03-10 1:04 ` Yinghai Lu
[not found] ` <CAGXu5jJFms+vYOtEpVAQ6iZXM45uYF70a=vgyb72T0uRkf8c0g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 5:59 ` Borislav Petkov
2015-03-10 5:59 ` Borislav Petkov
2015-03-10 8:00 ` Borislav Petkov
2015-03-10 8:00 ` Borislav Petkov
[not found] ` <20150310080024.GB3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 9:34 ` Jiri Kosina
2015-03-10 9:34 ` Jiri Kosina
[not found] ` <alpine.LNX.2.00.1503101032560.26925-ztGlSCb7Y1iN3ZZ/Hiejyg@public.gmane.org>
2015-03-10 9:35 ` Borislav Petkov
2015-03-10 9:35 ` Borislav Petkov
2015-03-10 15:11 ` Yinghai Lu
[not found] ` <CAE9FiQVPLUPWPhZ4yROTECVKeLTNUMXOURoYx0sG_SGPfCNGQw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 15:13 ` Borislav Petkov
2015-03-10 15:13 ` Borislav Petkov
2015-03-10 16:59 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 3/7] x86, boot: Don't overlap VO with ZO data Yinghai Lu
2015-03-10 9:34 ` Borislav Petkov
[not found] ` <20150310093430.GC3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 15:05 ` Yinghai Lu
2015-03-10 15:05 ` Yinghai Lu
[not found] ` <CAE9FiQWauOdsZ=CBcVHfqTik1ePvW51uH7yy29MSvafOABTWZA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 15:10 ` Borislav Petkov
2015-03-10 15:10 ` Borislav Petkov
[not found] ` <20150310151035.GG3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 15:17 ` Yinghai Lu
2015-03-10 15:17 ` Yinghai Lu
2015-03-10 15:21 ` Borislav Petkov
[not found] ` <20150310152137.GI3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 15:42 ` Yinghai Lu
2015-03-10 15:42 ` Yinghai Lu
[not found] ` <CAE9FiQUQn0vdU_MNf79=oE=DSkUG4U54-taVfgPro1JqUA7BTQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 15:48 ` Borislav Petkov
2015-03-10 15:48 ` Borislav Petkov
[not found] ` <20150310154828.GJ3535-fF5Pk5pvG8Y@public.gmane.org>
2015-03-10 19:29 ` Yinghai Lu
2015-03-10 19:29 ` Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 4/7] x86, kaslr: Access the correct kaslr_enabled variable Yinghai Lu
[not found] ` <1425766041-6551-5-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 0:55 ` Kees Cook
2015-03-10 0:55 ` Kees Cook
[not found] ` <1425766041-6551-1-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-07 22:07 ` [PATCH v3 5/7] x86, kaslr: Consolidate mem_avoid array filling Yinghai Lu
2015-03-07 22:07 ` Yinghai Lu
[not found] ` <1425766041-6551-6-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 1:00 ` Kees Cook
2015-03-10 1:00 ` Kees Cook
[not found] ` <CAGXu5j+exWabf=LdpkBtipcRYDVW=sH4LZf01P3RoSaKK7iYYA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 1:10 ` Yinghai Lu
2015-03-10 1:10 ` Yinghai Lu
[not found] ` <CAE9FiQX2Ee0gWhtDrQxi=NfwC3Vu9ZS_YLPC9qvR92htZfBcJg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 1:26 ` Kees Cook
2015-03-10 1:26 ` Kees Cook
2015-03-10 0:39 ` [PATCH v3 0/7] x86, boot: clean up kasl Kees Cook
2015-03-10 0:39 ` Kees Cook
[not found] ` <CAGXu5jJ-KVZTgd-bGdZvUwq0P2tfqo5S3L8S0JbWv0-aw3+Byw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 0:54 ` Yinghai Lu
2015-03-10 0:54 ` Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 6/7] x86, boot: Split kernel_ident_mapping_init to another file Yinghai Lu
[not found] ` <1425766041-6551-7-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 1:03 ` Kees Cook
2015-03-10 1:03 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 7/7] x86, kaslr, 64bit: Set new or extra ident_mapping Yinghai Lu
[not found] ` <1425766041-6551-8-git-send-email-yinghai-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2015-03-10 1:09 ` Kees Cook
2015-03-10 1:09 ` Kees Cook
[not found] ` <CAGXu5j+REYpi=hnf3s+F1Dd9nkXkvQ5w7wO_j_emmAM226VrGw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 1:14 ` Yinghai Lu
2015-03-10 1:14 ` Yinghai Lu
[not found] ` <CAE9FiQX=b38-mseWWeGg=eTFfbe1sH61PvXJYJYrsAF6Uxn8ow-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-03-10 6:54 ` Yinghai Lu
2015-03-10 6:54 ` Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1425766041-6551-2-git-send-email-yinghai@kernel.org \
--to=yinghai@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=bhe@redhat.com \
--cc=bp@suse.de \
--cc=eternal.n08@gmail.com \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=josh@joshtriplett.org \
--cc=keescook@chromium.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matt.fleming@intel.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.