From: Dave Young <dyoung@redhat.com>
To: Mateusz Guzik <mguzik@redhat.com>
Cc: keescook@chromium.org, hpa@zytor.com, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] x86: kaslr to avoid setup_data regions
Date: Wed, 14 May 2014 17:09:06 +0800 [thread overview]
Message-ID: <20140514090906.GI2039@darkstar.nay.redhat.com> (raw)
In-Reply-To: <20140514082300.GH2039@darkstar.nay.redhat.com>
On 05/14/14 at 04:23pm, Dave Young wrote:
> On 05/14/14 at 10:13am, Mateusz Guzik wrote:
> > On Wed, May 14, 2014 at 04:02:01PM +0800, Dave Young wrote:
> > > X86 will pass setup_data region while necessary, these regions could be
> > > overwitten by kernel due to kaslr.
> > >
> > > Thus iterate and add setup regions to mem_avoid[] in this patch.
> > > Set max mem avoid entries 32, hopefully it will be enough.
> > >
> > > Signed-off-by: Dave Young <dyoung@redhat.com>
> > > ---
> > > arch/x86/boot/compressed/aslr.c | 30 ++++++++++++++++++++++++++++--
> > > 1 file changed, 28 insertions(+), 2 deletions(-)
> > >
> > > Index: linux-2.6/arch/x86/boot/compressed/aslr.c
> > > ===================================================================
> > > --- linux-2.6.orig/arch/x86/boot/compressed/aslr.c
> > > +++ linux-2.6/arch/x86/boot/compressed/aslr.c
> > > @@ -110,8 +110,9 @@ struct mem_vector {
> > > unsigned long size;
> > > };
> > >
> > > -#define MEM_AVOID_MAX 5
> > > +#define MEM_AVOID_MAX 32
> > > static struct mem_vector mem_avoid[MEM_AVOID_MAX];
> > > +static int mem_avoid_nr;
> > >
> > > static bool mem_contains(struct mem_vector *region, struct mem_vector *item)
> > > {
> > > @@ -135,6 +136,28 @@ static bool mem_overlaps(struct mem_vect
> > > return true;
> > > }
> > >
> > > +static void mem_avoid_setup_data(void)
> > > +{
> > > + struct setup_data *data;
> > > + u64 pa_data;
> > > +
> > > + if (mem_avoid_nr >= MEM_AVOID_MAX) {
> > > + debug_putstr("KASLR: too many setup_data ranges.\n");
> > > + return;
> > > + }
> > > +
> > > + pa_data = real_mode->hdr.setup_data;
> > > + while (pa_data) {
> > > + data = (struct setup_data *)pa_data;
> > > + if (pa_data < CONFIG_RANDOMIZE_BASE_MAX_OFFSET) {
> > > + mem_avoid[mem_avoid_nr].start = pa_data;
> > > + mem_avoid[mem_avoid_nr].size = sizeof(*data) + data->len;
> > > + mem_avoid_nr++;
> > > + }
> > > + pa_data = data->next;
> > > + }
> > > +}
> > > +
> >
> > I have no idea if this real_mode->hdr.setup_data examination is correct,
> > so not commenting on that.
Probably should return early when pa_data > 4G because of 4G early mapping.
Not sure for 32bit though. I'm not familar with the detail of x86 early boot.
Help will be appreciate.
> >
> > What prevents the loop from overflowing the table?
>
> Ooooops, the checking should be in the loop instead of our of it.
> Will repost. Thanks for catching.
>
> Dave
prev parent reply other threads:[~2014-05-14 9:07 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-14 8:02 [PATCH v2] x86: kaslr to avoid setup_data regions Dave Young
2014-05-14 8:13 ` Mateusz Guzik
2014-05-14 8:23 ` Dave Young
2014-05-14 9:09 ` Dave Young [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140514090906.GI2039@darkstar.nay.redhat.com \
--to=dyoung@redhat.com \
--cc=hpa@zytor.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mguzik@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.