On 04/24/14 at 03:50pm, Kees Cook wrote: > Ah, it sounds like boot_params.hdr.setup_data contains a series of > e820-like entries chained together as a linked list? Which loaders > currently populate that? Looks like EFI? Seems like > arch/x86/boot/compressed/eboot.c works on setup_data at least.
AFAIK efi stub, kexec, also as HPA mentioned syslinux use it as well. kexec use setup_data for passing e820 ext ranges, also use it for efi boot. > > I won't be in a position to test EFI booting for a while. If someone > else took this, that would make it get fixed much faster. Because kaslr is randomizing the base, it's hard to produce the failure. >From the code itself, maybe just iterate the setup_data regions and add them to avoid list, not necessary to care about the setup_data type.. > > Do you have examples where this is actually causing failures? As mentioned above I have no idea how to test. Probably need manually hack the code to create a failure? > > -Kees > > On Wed, Apr 23, 2014 at 7:50 PM, Dave Young <dyo...@redhat.com> wrote: > > On 04/23/14 at 07:43pm, Kees Cook wrote: > >> On Wed, Apr 23, 2014 at 7:35 PM, Dave Young <dyo...@redhat.com> wrote: > >> > Hello Kees > >> > > >> > I'm worrying that setup_data regions could be overwitten by randomize > >> > kernel base. Would you like to fix it in kaslr code? > >> > > >> > One problem is there could be a lot of setup_data regions but current > >> > mem_avoid is an fixed array. > >> > >> Sure, can you give me some examples? Seems like it shouldn't be too > >> hard to have the mem_avoid logic walk additional areas. > > > > Great, To walk through the list just like the function parse_setup_data in > > arch/x86/kernel/setup.c > > > > Thanks > > Dave > > > > -- > Kees Cook > Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
