From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752091AbbCJBEM (ORCPT ); Mon, 9 Mar 2015 21:04:12 -0400 Received: from mail-ig0-f177.google.com ([209.85.213.177]:45063 "EHLO mail-ig0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751426AbbCJBEJ (ORCPT ); Mon, 9 Mar 2015 21:04:09 -0400 MIME-Version: 1.0 In-Reply-To: References: <1425766041-6551-1-git-send-email-yinghai@kernel.org> <1425766041-6551-3-git-send-email-yinghai@kernel.org> Date: Mon, 9 Mar 2015 18:04:08 -0700 X-Google-Sender-Auth: S2JgMJFAVXGIMi0187AZ3Km3s_g Message-ID: Subject: Re: [PATCH v3 2/7] x86, boot: Move ZO to end of buffer From: Yinghai Lu To: Kees Cook Cc: Matt Fleming , "H. Peter Anvin" , Ingo Molnar , Borislav Petkov , Baoquan He , Thomas Gleixner , Jiri Kosina , LKML , "linux-efi@vger.kernel.org" Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 9, 2015 at 5:54 PM, Kees Cook wrote: > On Sat, Mar 7, 2015 at 2:07 PM, Yinghai Lu wrote: >> Boris found data from boot stage can not be used kernel stage. > > "... be used during kernel stage." > > Also, can you give a specific example of this problem? (Which data, used how?) > >> Bootloader allocate buffer according to init_size in hdr, and load the >> ZO (arch/x86/boot/compressed/vmlinux) from start of that buffer. >> During running of ZO, ZO move itself to the middle of buffer at >> z_extract_offset to make sure that decompressor would not have output >> overwrite input data before input data get consumed. >> After decompressor is called, VO (vmlinux) use whole buffer from start, >> and ZO code and data section is overlapped with VO bss section. >> And later VO/clear_bss() clear them before code in arch/x86/kernel/setup.c >> access them. >> >> To make the data survive that later, we should avoid the overlapping. >> At first move ZO close the end of buffer instead of middle of the buffer, >> that will move out ZO data out of VO bss area. >> >> Also after that we can find out where is data section of copied ZO >> instead of guessing. That will aslr mem_avoid array filling for > > "That will make aslr mem_avoid array ..." > >> new buffer seaching much simple. >> >> And rename z_extract_offset to z_min_extract_offset, as it is >> actually the minimum offset for extracting now. >> >> To keep the final real extract_offset to be page aligned like >> min_extract_offset, we need make VO _end and ZO _end both >> page aligned to make sure init_size always page aligned. >> >> Next patch will add ZO data size to init_size, so it will make sure >> ZO data is even out of VO brk area. > > This seems like a reasonable idea, but I think the changes should be > noted/updated in misc.c since a lot of effort was made to make the > in-memory foot print as small as possible. Yes, that explanation in misc.c is very good about extra bytes, and it should still stand. Also need to make mkpiggy.c to point to it. We need to add more info about in head_32/64.c actually we need move to end of the buffer. > These changes do expand the > size of the loaded kernel, IIUC. If not in this patch, maybe in 5/7? It extend about 256k for init_size. should be 3/7. but that is only for decompress time. Final VO (vmlinux) run size is not changed. Thanks Yinghai