From: tip-bot for Andy Lutomirski <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, luto@amacapital.net, hpa@zytor.com,
mingo@kernel.org, stefani@seibold.net, tglx@linutronix.de,
hpa@linux.intel.com
Subject: [tip:x86/vdso] x86, vdso: Zero-pad the VVAR page
Date: Tue, 18 Mar 2014 14:29:45 -0700 [thread overview]
Message-ID: <tip-309944be296efbb3ca4737d12ef49d2ba97cbecc@git.kernel.org> (raw)
In-Reply-To: <1395094933-14252-12-git-send-email-stefani@seibold.net>
Commit-ID: 309944be296efbb3ca4737d12ef49d2ba97cbecc
Gitweb: http://git.kernel.org/tip/309944be296efbb3ca4737d12ef49d2ba97cbecc
Author: Andy Lutomirski <luto@amacapital.net>
AuthorDate: Mon, 17 Mar 2014 23:22:11 +0100
Committer: H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Tue, 18 Mar 2014 12:52:44 -0700
x86, vdso: Zero-pad the VVAR page
By coincidence, the VVAR page is at the end of an ELF segment. As a
result, if it ends up being a partial page, the kernel loader will
leave garbage behind at the end of the vvar page. Zero-pad it to a
full page to fix this issue.
This has probably been broken since the VVAR page was introduced.
On QEMU, if you dump the run-time contents of the VVAR page, you can
find entertaining strings from seabios left behind.
It's remotely possible that this is a security bug -- conceivably
there's some BIOS out there that leaves something sensitive in the
few K of memory that is exposed to userspace.
Signed-off-by: Stefani Seibold <stefani@seibold.net>
Link: http://lkml.kernel.org/r/1395094933-14252-12-git-send-email-stefani@seibold.net
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
---
arch/x86/kernel/vmlinux.lds.S | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 1d4897b..49edf2d 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -164,6 +164,11 @@ SECTIONS
#undef __VVAR_KERNEL_LDS
#undef EMIT_VVAR
+ /*
+ * Pad the rest of the page with zeros. Otherwise the loader
+ * can leave garbage here.
+ */
+ . = __vvar_beginning_hack + PAGE_SIZE;
} :data
. = ALIGN(__vvar_page + PAGE_SIZE, PAGE_SIZE);
next prev parent reply other threads:[~2014-03-18 21:31 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-17 22:22 [PATCH v23 00/13] x86: Add x86 32 bit VDSO time function support Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 01/13] x86, vdso: Make vsyscall_gtod_data handling x86 generic Stefani Seibold
2014-03-18 21:27 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 02/13] mm: Add new func _install_special_mapping() to mmap.c Stefani Seibold
2014-03-18 21:28 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 03/13] x86, vdso: Revamp vclock_gettime.c Stefani Seibold
2014-03-18 21:28 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 04/13] x86, vdso: __vdso_clock_gettime() cleanup Stefani Seibold
2014-03-18 21:28 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 05/13] x86, vdso: Replace VVAR(vsyscall_gtod_data) by gtod macro Stefani Seibold
2014-03-18 21:28 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 06/13] x86, vdso: Cleanup __vdso_gettimeofday() Stefani Seibold
2014-03-18 21:28 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 07/13] x86, vdso: Introduce VVAR marco for vdso32 Stefani Seibold
2014-03-18 21:29 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 08/13] x86, vdso: Patch alternatives in the 32-bit VDSO Stefani Seibold
2014-03-18 21:29 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
2014-03-17 22:22 ` [PATCH v23 09/13] x86, vdso: Add 32 bit VDSO time support for 32 bit kernel Stefani Seibold
2014-03-18 21:29 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-17 22:22 ` [PATCH v23 10/13] x86, vdso: Add 32 bit VDSO time support for 64 " Stefani Seibold
2014-03-18 21:29 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
2014-03-27 20:44 ` [PATCH v23 10/13] " John Stultz
2014-03-27 21:12 ` Andy Lutomirski
2014-03-27 22:35 ` H. Peter Anvin
2014-03-17 22:22 ` [PATCH v23 11/13] x86, vdso: Zero-pad the VVAR page Stefani Seibold
2014-03-18 21:29 ` tip-bot for Andy Lutomirski [this message]
2014-03-17 22:22 ` [PATCH v23 12/13] x86, vdso32: Disable stack protector, adjust optimizations Stefani Seibold
2014-03-18 21:29 ` [tip:x86/vdso] " tip-bot for H. Peter Anvin
2014-03-17 22:22 ` [PATCH v23 13/13] x86, vdso32: handle 32 bit vDSO larger one page Stefani Seibold
2014-03-18 21:30 ` [tip:x86/vdso] " tip-bot for Stefani Seibold
-- strict thread matches above, loose matches on Subject: below --
2014-03-03 21:12 [Patch v22 12/12] x86: Zero-pad the VVAR page Stefani Seibold
2014-03-05 22:32 ` [tip:x86/vdso] x86, vdso: " tip-bot for Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-309944be296efbb3ca4737d12ef49d2ba97cbecc@git.kernel.org \
--to=tipbot@zytor.com \
--cc=hpa@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=stefani@seibold.net \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.