From: Georg Lippold <georg.lippold@gmx.de>
To: Alon Bar-Lev <alon.barlev@gmail.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
Jesper Juhl <jesper.juhl@gmail.com>
Subject: Re: [PATCH 1/1] 2.6.14-rc3 x86: COMMAND_LINE_SIZE
Date: Mon, 10 Oct 2005 22:36:59 +0200 [thread overview]
Message-ID: <434AD0EB.6000405@gmx.de> (raw)
In-Reply-To: <434AB1EB.6070309@gmail.com>
Hi Alon,
Alon Bar-Lev wrote:
> For boot protocol <2.02, the kernel command line is a null-terminated
> string up to 255 characters long, plus the final null. For boot protocol
>>=2.02 command line that is referred by cmd_line_ptr is null-terminated
> string, the kernel will truncate this string if it is too large to handle.
Thus, someone could use bootloaders to "patch" the kernel: If the
bootloader writes a string of arbitary length to some memory region,
then there is a fair chance that if you make the string just long
enough, the kernel image gets (partly) overwritten. It resembles a bit
"Smashing the stack for fun and profit", but this time, it's "Rewriting
the kernel to your own needs via the bootloader on x86" :)
Same thing for user defined COMMAND_LINE_SIZE. I think that a common
interface for boot loaders is required. Especially in uncontrolled multi
user environments like Universities, everything else could lead to
undesired results.
Greetings,
Georg
next prev parent reply other threads:[~2005-10-10 20:37 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4315B668.6030603@gmail.com>
2005-08-31 21:29 ` THE LINUX/I386 BOOT PROTOCOL - Breaking the 256 limit H. Peter Anvin
2005-08-31 21:57 ` Chris Wedgwood
2005-08-31 22:01 ` H. Peter Anvin
2005-08-31 22:07 ` Chris Wedgwood
2005-08-31 22:12 ` Jesper Juhl
2005-08-31 22:14 ` Chris Wedgwood
2005-08-31 22:17 ` H. Peter Anvin
2005-08-31 22:18 ` Jesper Juhl
2005-08-31 22:24 ` H. Peter Anvin
2005-09-01 8:54 ` Alon Bar-Lev
2005-08-31 22:12 ` H. Peter Anvin
2005-08-31 22:15 ` Chris Wedgwood
2005-09-01 20:48 ` [syslinux] " Peter Jones
2005-09-06 20:19 ` Alon Bar-Lev
2005-09-06 20:40 ` H. Peter Anvin
2005-09-06 20:49 ` Alon Bar-Lev
2005-10-06 22:49 ` Georg Lippold
2005-10-10 12:44 ` [PATCH] " Georg Lippold
2005-10-10 13:21 ` Jesper Juhl
2005-10-10 13:32 ` Alon Bar-Lev
2005-10-10 13:57 ` Georg Lippold
2005-10-10 14:07 ` Alon Bar-Lev
2005-10-10 14:53 ` H. Peter Anvin
2005-10-10 14:59 ` Alon Bar-Lev
2005-10-10 15:03 ` H. Peter Anvin
2005-10-10 16:23 ` Alon Bar-Lev
2005-10-10 17:02 ` Bernd Petrovitsch
2005-10-10 15:46 ` Georg Lippold
2005-10-10 15:49 ` H. Peter Anvin
2005-10-10 17:16 ` [PATCH 1/1] 2.6.14-rc3 x86: COMMAND_LINE_SIZE Georg Lippold
2005-10-10 18:24 ` Alon Bar-Lev
2005-10-10 20:36 ` Georg Lippold [this message]
2005-10-11 8:32 ` Alon Bar-Lev
2005-10-11 16:50 ` Georg Lippold
2005-10-11 17:44 ` Alon Bar-Lev
2005-10-11 19:21 ` Andi Kleen
2005-10-11 19:24 ` Alon Bar-Lev
2005-10-11 20:21 ` Andi Kleen
2005-10-11 20:04 ` Alon Bar-Lev
2005-10-13 20:18 ` Georg Lippold
2005-10-11 1:48 ` THE LINUX/I386 BOOT PROTOCOL - Breaking the 256 limit Coywolf Qi Hunt
2005-10-11 1:49 ` H. Peter Anvin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=434AD0EB.6000405@gmx.de \
--to=georg.lippold@gmx.de \
--cc=alon.barlev@gmail.com \
--cc=hpa@zytor.com \
--cc=jesper.juhl@gmail.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.