From: Yinghai Lu <yinghai@kernel.org>
To: Matt Fleming <matt.fleming@intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
Bjorn Helgaas <bhelgaas@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Jiri Kosina <jkosina@suse.cz>,
Borislav Petkov <bp@suse.de>, Baoquan He <bhe@redhat.com>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
linux-pci@vger.kernel.org, Yinghai Lu <yinghai@kernel.org>,
Kees Cook <keescook@chromium.org>
Subject: [PATCH v2 05/15] x86, kaslr: consolidate the mem_avoid filling
Date: Wed, 4 Mar 2015 00:00:38 -0800 [thread overview]
Message-ID: <1425456048-16236-6-git-send-email-yinghai@kernel.org> (raw)
In-Reply-To: <1425456048-16236-1-git-send-email-yinghai@kernel.org>
Now ZO sit end of the buffer, we can find out where is ZO text
and data/bss etc.
[input, input+input_size) is copied compressed kernel, not the whole ZO.
[output, output+init_size) is the buffer for VO.
[input+input_size, output+init_size) is [_text, _end) for ZO.
that will be first range in mem_avoid. we don't need to guess that anymore.
That area aleady include heap and stack. So we don't need to put
them into mem_avoid array.
Also we need to put boot_params into the mem_avoid too.
as with 64bit boot loader will put them above 4G.
Also change output_size to init_size, as we pass that instead already.
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
---
arch/x86/boot/compressed/aslr.c | 29 ++++++++++++++---------------
1 file changed, 14 insertions(+), 15 deletions(-)
diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
index 7083c16..e8486a5 100644
--- a/arch/x86/boot/compressed/aslr.c
+++ b/arch/x86/boot/compressed/aslr.c
@@ -116,7 +116,7 @@ struct mem_vector {
unsigned long size;
};
-#define MEM_AVOID_MAX 5
+#define MEM_AVOID_MAX 4
static struct mem_vector mem_avoid[MEM_AVOID_MAX];
static bool mem_contains(struct mem_vector *region, struct mem_vector *item)
@@ -142,7 +142,7 @@ static bool mem_overlaps(struct mem_vector *one, struct mem_vector *two)
}
static void mem_avoid_init(unsigned long input, unsigned long input_size,
- unsigned long output, unsigned long output_size)
+ unsigned long output, unsigned long init_size)
{
u64 initrd_start, initrd_size;
u64 cmd_line, cmd_line_size;
@@ -151,10 +151,13 @@ static void mem_avoid_init(unsigned long input, unsigned long input_size,
/*
* Avoid the region that is unsafe to overlap during
- * decompression (see calculations at top of misc.c).
+ * decompression.
+ * As we already move compressed to the end of buffer,
+ * [input+input_size, output+init_size) has [_text, _end)
+ * for arch/x86/boot/compressed/vmlinux.
*/
- unsafe_len = (output_size >> 12) + 32768 + 18;
- unsafe = (unsigned long)input + input_size - unsafe_len;
+ unsafe_len = output + init_size - (input + input_size);
+ unsafe = (unsigned long)input + input_size;
mem_avoid[0].start = unsafe;
mem_avoid[0].size = unsafe_len;
@@ -176,13 +179,9 @@ static void mem_avoid_init(unsigned long input, unsigned long input_size,
mem_avoid[2].start = cmd_line;
mem_avoid[2].size = cmd_line_size;
- /* Avoid heap memory. */
- mem_avoid[3].start = (unsigned long)free_mem_ptr;
- mem_avoid[3].size = BOOT_HEAP_SIZE;
-
- /* Avoid stack memory. */
- mem_avoid[4].start = (unsigned long)free_mem_end_ptr;
- mem_avoid[4].size = BOOT_STACK_SIZE;
+ /* Avoid params */
+ mem_avoid[3].start = (unsigned long)real_mode;
+ mem_avoid[3].size = sizeof(*real_mode);
}
/* Does this memory vector overlap a known avoided area? */
@@ -327,7 +326,7 @@ unsigned char *choose_kernel_location(struct boot_params *params,
unsigned char *input,
unsigned long input_size,
unsigned char *output,
- unsigned long output_size)
+ unsigned long init_size)
{
unsigned long choice = (unsigned long)output;
unsigned long random;
@@ -349,10 +348,10 @@ unsigned char *choose_kernel_location(struct boot_params *params,
/* Record the various known unsafe memory ranges. */
mem_avoid_init((unsigned long)input, input_size,
- (unsigned long)output, output_size);
+ (unsigned long)output, init_size);
/* Walk e820 and find a random address. */
- random = find_random_addr(choice, output_size);
+ random = find_random_addr(choice, init_size);
if (!random) {
debug_putstr("KASLR could not find suitable E820 region...\n");
goto out;
--
1.8.4.5
next prev parent reply other threads:[~2015-03-04 8:01 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-04 8:00 [PATCH v2 00/15] x86, boot: clean up kasl and setup_data handling Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 01/15] x86, kaslr: Use init_size instead of run_size Yinghai Lu
2015-03-06 13:55 ` Borislav Petkov
2015-03-06 18:44 ` Yinghai Lu
2015-03-06 18:55 ` Kees Cook
2015-03-06 19:28 ` Yinghai Lu
2015-03-06 19:56 ` Kees Cook
2015-03-07 0:52 ` Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 02/15] x86, boot: move ZO to end of buffer Yinghai Lu
2015-03-06 13:58 ` Borislav Petkov
2015-03-04 8:00 ` [PATCH v2 03/15] x86, boot: keep data from ZO boot stage to VO kernel stage Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 04/15] x86, kaslr: get kaslr_enabled back correctly Yinghai Lu
2015-03-04 10:16 ` Borislav Petkov
2015-03-04 15:54 ` Jiri Kosina
2015-03-04 18:12 ` Yinghai Lu
2015-03-04 19:41 ` Ingo Molnar
2015-03-05 2:58 ` joeyli
2015-03-05 3:20 ` Yinghai Lu
2015-03-04 18:06 ` Yinghai Lu
2015-03-04 18:56 ` Yinghai Lu
2015-03-04 20:00 ` Ingo Molnar
2015-03-04 21:32 ` Yinghai Lu
2015-03-06 13:33 ` Borislav Petkov
2015-03-06 17:49 ` Yinghai Lu
2015-03-07 20:50 ` Borislav Petkov
2015-03-06 19:50 ` Yinghai Lu
2015-03-06 19:53 ` Yinghai Lu
2015-03-07 21:05 ` Borislav Petkov
2015-03-07 21:11 ` Yinghai Lu
2015-03-07 20:56 ` Borislav Petkov
2015-03-04 8:00 ` Yinghai Lu [this message]
2015-03-04 8:00 ` [PATCH v2 06/15] x86, boot: split kernel_ident_mapping_init into another file Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 07/15] x86, kaslr, 64bit: set new or extra ident_mapping Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 08/15] x86: Kill E820_RESERVED_KERN Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 09/15] x86, efi: copy SETUP_EFI data and access directly Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 10/15] x86, of: let add_dtb reserve by itself Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 11/15] x86, boot: Add add_pci handler for SETUP_PCI Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 12/15] x86: kill not used setup_data handling code Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 13/15] x86, pci: convert SETUP_PCI data to list Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 14/15] x86, boot: copy rom to kernel space Yinghai Lu
2015-03-04 8:00 ` [PATCH v2 15/15] x86, pci: export SETUP_PCI data via sysfs Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1425456048-16236-6-git-send-email-yinghai@kernel.org \
--to=yinghai@kernel.org \
--cc=bhe@redhat.com \
--cc=bhelgaas@google.com \
--cc=bp@suse.de \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=keescook@chromium.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=matt.fleming@intel.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).