From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1760066AbcCDQ0h (ORCPT ); Fri, 4 Mar 2016 11:26:37 -0500 Received: from mx1.redhat.com ([209.132.183.28]:56092 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759290AbcCDQ0e (ORCPT ); Fri, 4 Mar 2016 11:26:34 -0500 From: Baoquan He To: linux-kernel@vger.kernel.org Cc: yinghai@kernel.org, keescook@chromium.org, hpa@zytor.com, vgoyal@redhat.com, mingo@redhat.com, bp@alien8.de, luto@kernel.org, lasse.collin@tukaani.org, akpm@linux-foundation.org, dyoung@redhat.com Subject: [PATCH v3 07/19] x86, kaslr: Get correct max_addr for relocs pointer Date: Sat, 5 Mar 2016 00:25:05 +0800 Message-Id: <1457108717-12191-8-git-send-email-bhe@redhat.com> In-Reply-To: <1457108717-12191-1-git-send-email-bhe@redhat.com> References: <1457108717-12191-1-git-send-email-bhe@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Yinghai Lu There is boundary checking for pointer in kaslr relocation handling. Current code is using output_len, and that is VO (vmlinux after objcopy) file size plus vmlinux.relocs file size. That is not right, as we should use loaded address for running. At that time parse_elf already move the sections according to ELF headers. The valid range should be VO [_text, __bss_start) loaded physical addresses. In the patch, add export for __bss_start to voffset.h and use it to get max_addr. Signed-off-by: Yinghai Lu --- v2->v3: Tune the patch log. arch/x86/boot/compressed/Makefile | 2 +- arch/x86/boot/compressed/misc.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index fef80fa..2e7c0ce 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -41,7 +41,7 @@ LDFLAGS_vmlinux := -T hostprogs-y := mkpiggy HOST_EXTRACFLAGS += -I$(srctree)/tools/include -sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p' +sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|__bss_start\|_end\)$$/\#define VO_\2 _AC(0x\1,UL)/p' quiet_cmd_voffset = VOFFSET $@ cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@ diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c index 069120e..dd7ed8a 100644 --- a/arch/x86/boot/compressed/misc.c +++ b/arch/x86/boot/compressed/misc.c @@ -259,7 +259,7 @@ static void handle_relocations(void *output, unsigned long output_len) int *reloc; unsigned long delta, map, ptr; unsigned long min_addr = (unsigned long)output; - unsigned long max_addr = min_addr + output_len; + unsigned long max_addr = min_addr + (VO___bss_start - VO__text); /* * Calculate the delta between where vmlinux was linked to load -- 2.5.0