From: Kees Cook <keescook@chromium.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>, Baoquan He <bhe@redhat.com>,
Yinghai Lu <yinghai@kernel.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Matt Redfearn <matt.redfearn@imgtec.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Vivek Goyal <vgoyal@redhat.com>,
Andy Lutomirski <luto@kernel.org>,
lasse.collin@tukaani.org,
Andrew Morton <akpm@linux-foundation.org>,
Dave Young <dyoung@redhat.com>,
kernel-hardening@lists.openwall.com,
LKML <linux-kernel@vger.kernel.org>
Subject: [PATCH v5 15/21] x86, KASLR: Add slot_area support functions
Date: Thu, 14 Apr 2016 15:29:08 -0700 [thread overview]
Message-ID: <1460672954-32567-16-git-send-email-keescook@chromium.org> (raw)
In-Reply-To: <1460672954-32567-1-git-send-email-keescook@chromium.org>
From: Baoquan He <bhe@redhat.com>
The function store_slot_info() is used to calculate the slot info of the
passed-in memory region and stores it into slot_areas[] after adjusting
for alignment and size requirements.
The function mem_min_overlap() is used to iterate over all mem_avoid
regions to find the earliest mem_avoid address that conflicts with the
given memory region. (For example, with the region [1024M, 2048M), if
there is a mem_avoid of [1536M, 1664M), this returns 1536M.) This can
be used to split memory regions when building the slot_area array.
Signed-off-by: Baoquan He <bhe@redhat.com>
[kees: rewrote changelog]
Signed-off-by: Kees Cook <keescook@chromium.org>
---
arch/x86/boot/compressed/aslr.c | 51 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+)
diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
index abe618d489ea..b06618000732 100644
--- a/arch/x86/boot/compressed/aslr.c
+++ b/arch/x86/boot/compressed/aslr.c
@@ -257,6 +257,40 @@ static bool mem_avoid_overlap(struct mem_vector *img)
return false;
}
+static unsigned long
+mem_min_overlap(struct mem_vector *img, struct mem_vector *out)
+{
+ int i;
+ struct setup_data *ptr;
+ unsigned long min = img->start + img->size;
+
+ for (i = 0; i < MEM_AVOID_MAX; i++) {
+ if (mem_overlaps(img, &mem_avoid[i]) &&
+ (mem_avoid[i].start < min)) {
+ *out = mem_avoid[i];
+ min = mem_avoid[i].start;
+ }
+ }
+
+ /* Check all entries in the setup_data linked list. */
+ ptr = (struct setup_data *)(unsigned long)real_mode->hdr.setup_data;
+ while (ptr) {
+ struct mem_vector avoid;
+
+ avoid.start = (unsigned long)ptr;
+ avoid.size = sizeof(*ptr) + ptr->len;
+
+ if (mem_overlaps(img, &avoid) && (avoid.start < min)) {
+ *out = avoid;
+ min = avoid.start;
+ }
+
+ ptr = (struct setup_data *)(unsigned long)ptr->next;
+ }
+
+ return min;
+}
+
static unsigned long slots[KERNEL_IMAGE_SIZE / CONFIG_PHYSICAL_ALIGN];
struct slot_area {
@@ -272,6 +306,23 @@ static unsigned long slot_max;
static unsigned long slot_area_index;
+static void store_slot_info(struct mem_vector *region, unsigned long image_size)
+{
+ struct slot_area slot_area;
+
+ slot_area.addr = region->start;
+ if (image_size <= CONFIG_PHYSICAL_ALIGN)
+ slot_area.num = region->size / CONFIG_PHYSICAL_ALIGN;
+ else
+ slot_area.num = (region->size - image_size) /
+ CONFIG_PHYSICAL_ALIGN + 1;
+
+ if (slot_area.num > 0) {
+ slot_areas[slot_area_index++] = slot_area;
+ slot_max += slot_area.num;
+ }
+}
+
static void slots_append(unsigned long addr)
{
/* Overflowing the slots list should be impossible. */
--
2.6.3
WARNING: multiple messages have this Message-ID (diff)
From: Kees Cook <keescook@chromium.org>
To: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>, Baoquan He <bhe@redhat.com>,
Yinghai Lu <yinghai@kernel.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Matt Redfearn <matt.redfearn@imgtec.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Vivek Goyal <vgoyal@redhat.com>,
Andy Lutomirski <luto@kernel.org>,
lasse.collin@tukaani.org,
Andrew Morton <akpm@linux-foundation.org>,
Dave Young <dyoung@redhat.com>,
kernel-hardening@lists.openwall.com,
LKML <linux-kernel@vger.kernel.org>
Subject: [kernel-hardening] [PATCH v5 15/21] x86, KASLR: Add slot_area support functions
Date: Thu, 14 Apr 2016 15:29:08 -0700 [thread overview]
Message-ID: <1460672954-32567-16-git-send-email-keescook@chromium.org> (raw)
In-Reply-To: <1460672954-32567-1-git-send-email-keescook@chromium.org>
From: Baoquan He <bhe@redhat.com>
The function store_slot_info() is used to calculate the slot info of the
passed-in memory region and stores it into slot_areas[] after adjusting
for alignment and size requirements.
The function mem_min_overlap() is used to iterate over all mem_avoid
regions to find the earliest mem_avoid address that conflicts with the
given memory region. (For example, with the region [1024M, 2048M), if
there is a mem_avoid of [1536M, 1664M), this returns 1536M.) This can
be used to split memory regions when building the slot_area array.
Signed-off-by: Baoquan He <bhe@redhat.com>
[kees: rewrote changelog]
Signed-off-by: Kees Cook <keescook@chromium.org>
---
arch/x86/boot/compressed/aslr.c | 51 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+)
diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
index abe618d489ea..b06618000732 100644
--- a/arch/x86/boot/compressed/aslr.c
+++ b/arch/x86/boot/compressed/aslr.c
@@ -257,6 +257,40 @@ static bool mem_avoid_overlap(struct mem_vector *img)
return false;
}
+static unsigned long
+mem_min_overlap(struct mem_vector *img, struct mem_vector *out)
+{
+ int i;
+ struct setup_data *ptr;
+ unsigned long min = img->start + img->size;
+
+ for (i = 0; i < MEM_AVOID_MAX; i++) {
+ if (mem_overlaps(img, &mem_avoid[i]) &&
+ (mem_avoid[i].start < min)) {
+ *out = mem_avoid[i];
+ min = mem_avoid[i].start;
+ }
+ }
+
+ /* Check all entries in the setup_data linked list. */
+ ptr = (struct setup_data *)(unsigned long)real_mode->hdr.setup_data;
+ while (ptr) {
+ struct mem_vector avoid;
+
+ avoid.start = (unsigned long)ptr;
+ avoid.size = sizeof(*ptr) + ptr->len;
+
+ if (mem_overlaps(img, &avoid) && (avoid.start < min)) {
+ *out = avoid;
+ min = avoid.start;
+ }
+
+ ptr = (struct setup_data *)(unsigned long)ptr->next;
+ }
+
+ return min;
+}
+
static unsigned long slots[KERNEL_IMAGE_SIZE / CONFIG_PHYSICAL_ALIGN];
struct slot_area {
@@ -272,6 +306,23 @@ static unsigned long slot_max;
static unsigned long slot_area_index;
+static void store_slot_info(struct mem_vector *region, unsigned long image_size)
+{
+ struct slot_area slot_area;
+
+ slot_area.addr = region->start;
+ if (image_size <= CONFIG_PHYSICAL_ALIGN)
+ slot_area.num = region->size / CONFIG_PHYSICAL_ALIGN;
+ else
+ slot_area.num = (region->size - image_size) /
+ CONFIG_PHYSICAL_ALIGN + 1;
+
+ if (slot_area.num > 0) {
+ slot_areas[slot_area_index++] = slot_area;
+ slot_max += slot_area.num;
+ }
+}
+
static void slots_append(unsigned long addr)
{
/* Overflowing the slots list should be impossible. */
--
2.6.3
next prev parent reply other threads:[~2016-04-14 22:30 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-14 22:28 [PATCH v5 00/21] x86, boot: KASLR cleanup and 64-bit improvements Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-14 22:28 ` [PATCH v5 01/21] x86, KASLR: Remove unneeded boot_params argument Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-15 7:29 ` Ingo Molnar
2016-04-15 7:29 ` [kernel-hardening] " Ingo Molnar
2016-04-15 18:55 ` Kees Cook
2016-04-15 18:55 ` [kernel-hardening] " Kees Cook
2016-04-14 22:28 ` [PATCH v5 02/21] x86, KASLR: Handle kernel relocation above 2G Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-15 7:47 ` Ingo Molnar
2016-04-15 7:47 ` [kernel-hardening] " Ingo Molnar
2016-04-15 19:01 ` Kees Cook
2016-04-15 19:01 ` [kernel-hardening] " Kees Cook
2016-04-14 22:28 ` [PATCH v5 03/21] x86, KASLR: Drop CONFIG_RANDOMIZE_BASE_MAX_OFFSET Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-15 8:07 ` Ingo Molnar
2016-04-15 8:07 ` [kernel-hardening] " Ingo Molnar
2016-04-15 19:12 ` Kees Cook
2016-04-15 19:12 ` [kernel-hardening] " Kees Cook
2016-04-16 8:42 ` Ingo Molnar
2016-04-16 8:42 ` [kernel-hardening] " Ingo Molnar
2016-04-14 22:28 ` [PATCH v5 04/21] x86, boot: Move compressed kernel to end of decompression buffer Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-15 8:09 ` Ingo Molnar
2016-04-15 8:09 ` [kernel-hardening] " Ingo Molnar
2016-04-18 16:50 ` Kees Cook
2016-04-18 16:50 ` [kernel-hardening] " Kees Cook
2016-04-15 9:05 ` Ingo Molnar
2016-04-15 9:05 ` [kernel-hardening] " Ingo Molnar
2016-04-14 22:28 ` [PATCH v5 05/21] x86, boot: Calculate decompression size during boot not build Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-15 8:12 ` Ingo Molnar
2016-04-15 8:12 ` [kernel-hardening] " Ingo Molnar
2016-04-15 19:14 ` Kees Cook
2016-04-15 19:14 ` [kernel-hardening] " Kees Cook
2016-04-14 22:28 ` [PATCH v5 06/21] x86, KASLR: Update description for decompressor worst case size Kees Cook
2016-04-14 22:28 ` [kernel-hardening] " Kees Cook
2016-04-15 16:17 ` Lasse Collin
2016-04-15 16:17 ` [kernel-hardening] " Lasse Collin
2016-04-14 22:29 ` [PATCH v5 07/21] x86, boot: Fix run_size calculation Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-15 8:31 ` Ingo Molnar
2016-04-15 8:31 ` [kernel-hardening] " Ingo Molnar
2016-04-15 19:26 ` Kees Cook
2016-04-15 19:26 ` [kernel-hardening] " Kees Cook
2016-04-16 9:00 ` Ingo Molnar
2016-04-16 9:00 ` [kernel-hardening] " Ingo Molnar
2016-04-14 22:29 ` [PATCH v5 08/21] x86, KASLR: Clean up unused code from old run_size Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 09/21] x86, KASLR: Correctly bounds-check relocations Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 10/21] x86, KASLR: Consolidate mem_avoid entries Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 11/21] x86, boot: Split out kernel_ident_mapping_init Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 12/21] x86, 64bit: Set ident_mapping for KASLR Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 13/21] x86, boot: Report overlap failures in memcpy Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-15 14:42 ` Lasse Collin
2016-04-15 14:42 ` [kernel-hardening] " Lasse Collin
2016-04-15 19:28 ` Kees Cook
2016-04-15 19:28 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 14/21] x86, KASLR: Add slot_area to manage random slots Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` Kees Cook [this message]
2016-04-14 22:29 ` [kernel-hardening] [PATCH v5 15/21] x86, KASLR: Add slot_area support functions Kees Cook
2016-04-14 22:29 ` [PATCH v5 16/21] x86, KASLR: Add virtual address choosing function Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 17/21] x86, KASLR: Clarify purpose of each get_random_long Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 18/21] x86, KASLR: Randomize virtual address separately Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 19/21] x86, KASLR: Add physical address randomization >4G Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 20/21] x86, KASLR: Remove unused slot tracking code Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
2016-04-14 22:29 ` [PATCH v5 21/21] x86, KASLR: Allow randomization below load address Kees Cook
2016-04-14 22:29 ` [kernel-hardening] " Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1460672954-32567-16-git-send-email-keescook@chromium.org \
--to=keescook@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=bhe@redhat.com \
--cc=bp@alien8.de \
--cc=dyoung@redhat.com \
--cc=hpa@zytor.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=lasse.collin@tukaani.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=matt.redfearn@imgtec.com \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=vgoyal@redhat.com \
--cc=x86@kernel.org \
--cc=yinghai@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.