From: tip-bot for Andy Lutomirski <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, luto@amacapital.net, hpa@zytor.com,
mingo@kernel.org, stefani@seibold.net, tglx@linutronix.de,
hpa@linux.intel.com
Subject: [tip:x86/vdso] x86, vdso: Zero-pad the VVAR page
Date: Wed, 5 Mar 2014 14:32:37 -0800 [thread overview]
Message-ID: <tip-bab2c42e8a52d5a76009ad805c97060377f98fdf@git.kernel.org> (raw)
In-Reply-To: <1393881143-3569-13-git-send-email-stefani@seibold.net>
Commit-ID: bab2c42e8a52d5a76009ad805c97060377f98fdf
Gitweb: http://git.kernel.org/tip/bab2c42e8a52d5a76009ad805c97060377f98fdf
Author: Andy Lutomirski <luto@amacapital.net>
AuthorDate: Mon, 3 Mar 2014 22:12:23 +0100
Committer: H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Wed, 5 Mar 2014 14:02:39 -0800
x86, vdso: Zero-pad the VVAR page
By coincidence, the VVAR page is at the end of an ELF segment. As a
result, if it ends up being a partial page, the kernel loader will
leave garbage behind at the end of the vvar page. Zero-pad it to a
full page to fix this issue.
This has probably been broken since the VVAR page was introduced.
On QEMU, if you dump the run-time contents of the VVAR page, you can
find entertaining strings from seabios left behind.
It's remotely possible that this is a security bug -- conceivably
there's some BIOS out there that leaves something sensitive in the
few K of memory that is exposed to userspace.
Signed-off-by: Stefani Seibold <stefani@seibold.net>
Link: http://lkml.kernel.org/r/1393881143-3569-13-git-send-email-stefani@seibold.net
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
---
arch/x86/kernel/vmlinux.lds.S | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 1d4897b..49edf2d 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -164,6 +164,11 @@ SECTIONS
#undef __VVAR_KERNEL_LDS
#undef EMIT_VVAR
+ /*
+ * Pad the rest of the page with zeros. Otherwise the loader
+ * can leave garbage here.
+ */
+ . = __vvar_beginning_hack + PAGE_SIZE;
} :data
. = ALIGN(__vvar_page + PAGE_SIZE, PAGE_SIZE);
next prev parent reply other threads:[~2014-03-05 22:33 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-03 21:12 [PATCH v22 00/12] Add 32 bit VDSO time function support Stefani Seibold
2014-03-03 21:12 ` [Patch v22 01/12] x86: Make vsyscall_gtod_data handling x86 generic Stefani Seibold
2014-03-05 22:30 ` [tip:x86/vdso] x86, vdso: " tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 02/12] x86: Add new func _install_special_mapping() to mmap.c Stefani Seibold
2014-03-05 22:30 ` [tip:x86/vdso] mm: " tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 03/12] x86: revamp vclock_gettime.c Stefani Seibold
2014-03-05 22:30 ` [tip:x86/vdso] x86, vdso: Revamp vclock_gettime.c tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 04/12] x86: vclock_gettime.c __vdso_clock_gettime cleanup Stefani Seibold
2014-03-05 22:31 ` [tip:x86/vdso] x86, vdso: __vdso_clock_gettime() cleanup tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 05/12] x86: replace VVAR(vsyscall_gtod_data) by gtod macro Stefani Seibold
2014-03-05 22:31 ` [tip:x86/vdso] x86, vdso: Replace " tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 06/12] x86: cleanup __vdso_gettimeofday Stefani Seibold
2014-03-05 22:31 ` [tip:x86/vdso] x86, vdso: Cleanup __vdso_gettimeofday() tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 07/12] x86: introduce VVAR marco for vdso32 Stefani Seibold
2014-03-05 22:31 ` [tip:x86/vdso] x86, vdso: Introduce " tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 08/12] x86: Patch alternatives in the 32-bit vDSO Stefani Seibold
2014-03-05 22:31 ` [tip:x86/vdso] x86, vdso: Patch alternatives in the 32-bit VDSO tip-bot for Andy Lutomirski
2014-03-03 21:12 ` [Patch v22 09/12] x86: Add 32 bit VDSO time support for 32 bit kernel Stefani Seibold
2014-03-05 22:32 ` [tip:x86/vdso] x86, vdso: " tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 10/12] x86: Add 32 bit VDSO time support for 64 " Stefani Seibold
2014-03-05 22:32 ` [tip:x86/vdso] x86, vdso: " tip-bot for Stefani Seibold
2014-03-03 21:12 ` [Patch v22 12/12] x86: Zero-pad the VVAR page Stefani Seibold
2014-03-05 22:32 ` tip-bot for Andy Lutomirski [this message]
2014-03-06 17:51 ` [tip:x86/vdso] x86, vdso32: Disable stack protector, adjust optimizations tip-bot for H. Peter Anvin
-- strict thread matches above, loose matches on Subject: below --
2014-03-17 22:22 [PATCH v23 11/13] x86, vdso: Zero-pad the VVAR page Stefani Seibold
2014-03-18 21:29 ` [tip:x86/vdso] " tip-bot for Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-bab2c42e8a52d5a76009ad805c97060377f98fdf@git.kernel.org \
--to=tipbot@zytor.com \
--cc=hpa@linux.intel.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mingo@kernel.org \
--cc=stefani@seibold.net \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.