From: Yinghai Lu <yinghai@kernel.org>
To: Borislav Petkov <bp@suse.de>
Cc: Matt Fleming <matt.fleming@intel.com>,
"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
Kees Cook <keescook@chromium.org>, Baoquan He <bhe@redhat.com>,
Thomas Gleixner <tglx@linutronix.de>,
Jiri Kosina <jkosina@suse.cz>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
Josh Triplett <josh@joshtriplett.org>,
Andrew Morton <akpm@linux-foundation.org>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Junjie Mao <eternal.n08@gmail.com>
Subject: Re: [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size
Date: Mon, 9 Mar 2015 12:35:25 -0700 [thread overview]
Message-ID: <CAE9FiQWc+mnepaqr8RvRXkyhyaOY_C=KvE_A0Ojf_jda3KmFBA@mail.gmail.com> (raw)
In-Reply-To: <20150309124935.GA12732@pd.tnic>
On Mon, Mar 9, 2015 at 5:49 AM, Borislav Petkov <bp@suse.de> wrote:
> I ended up committing this. Anything I've missed?
>
> ---
> From: Yinghai Lu <yinghai@kernel.org>
> Date: Sat, 7 Mar 2015 14:07:15 -0800
> Subject: [PATCH] x86/setup: Use init_size instead of run_size
>
> Commit
>
> e6023367d779 ("x86, kaslr: Prevent .bss from overlaping initrd")
>
> introduced run_size for KASLR to represent the size of kernel proper
> (vmlinux).
>
> However, we should use the actual runtime size (which provides for
> copy/decompress), i.e. init_size, as it includes .bss and .brk.
>
> Why, you ask?
>
> Because init_size is the size needed for safe kernel decompression and
> thus can be higher than run_size in case the decompressor needs a larger
> buffer.
>
> From arch/x86/boot/header.S:
> #define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_extract_offset)
> #define VO_INIT_SIZE (VO__end - VO__text)
> #if ZO_INIT_SIZE > VO_INIT_SIZE
> #define INIT_SIZE ZO_INIT_SIZE
> #else
> #define INIT_SIZE VO_INIT_SIZE
> #endif
> init_size: .long INIT_SIZE # kernel initialization size
>
> The boot loader allocates a buffer of size init_size which it
> reads from the setup header and loads the compressed kernel
> (arch/x86/boot/compressed/vmlinux) in it.
>
> init_size initially comes from the kernel proper's (vmlinux) init size.
> It includes the .bss and .brk area.
>
> When the boot loader hands off to the compressed kernel, the last
> moves itself to z_extract_offset within the buffer to make sure that
> the decompressor output does not overwrite input data before it gets
> consumed.
>
> However, z_extract_offset is the size difference
> between the uncompressed and compressed kernel (see
> arch/x86/boot/compressed/mkpiggy.c) and thus represents the additional
> space needed for decompression but it doesn't factor in a bigger
> ZO_INIT_SIZE.
Can you put back:
"
So need to make sure [z_extra_offset, init_size) will fit ZO, that means
init_size need to be adjusted according to ZO size.
That make init_size is always >= run_size.
"
>
> During ASLR buffer searching, we need to make sure the new buffer is big
> enough for decompression. So use init_size instead, and kill run_size
> related code.
next prev parent reply other threads:[~2015-03-09 19:35 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-07 22:07 [PATCH v3 0/7] x86, boot: clean up kasl Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size Yinghai Lu
2015-03-09 12:49 ` Borislav Petkov
2015-03-09 15:58 ` Ingo Molnar
2015-03-09 15:58 ` Borislav Petkov
2015-03-09 19:35 ` Yinghai Lu [this message]
2015-03-09 20:00 ` Borislav Petkov
2015-03-09 20:06 ` Yinghai Lu
2015-03-09 20:18 ` Borislav Petkov
2015-03-09 21:28 ` Yinghai Lu
2015-03-10 0:42 ` Kees Cook
2015-03-13 12:27 ` Ingo Molnar
2015-03-14 2:47 ` Yinghai Lu
2015-03-14 7:53 ` Ingo Molnar
2015-03-14 9:59 ` Borislav Petkov
2015-03-16 10:06 ` [PATCH] Revert "x86/mm/ASLR: Propagate base load address calculation" Borislav Petkov
2015-03-16 12:11 ` [tip:x86/urgent] " tip-bot for Borislav Petkov
2015-03-16 19:32 ` Yinghai Lu
2015-03-16 13:56 ` [PATCH] " Jiri Kosina
2015-03-16 19:15 ` Yinghai Lu
2015-03-17 8:14 ` Ingo Molnar
2015-03-07 22:07 ` [PATCH v3 2/7] x86, boot: Move ZO to end of buffer Yinghai Lu
2015-03-10 0:54 ` Kees Cook
2015-03-10 1:04 ` Yinghai Lu
2015-03-10 5:59 ` Borislav Petkov
2015-03-10 8:00 ` Borislav Petkov
2015-03-10 9:34 ` Jiri Kosina
2015-03-10 9:35 ` Borislav Petkov
2015-03-10 15:11 ` Yinghai Lu
2015-03-10 15:13 ` Borislav Petkov
2015-03-10 16:59 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 3/7] x86, boot: Don't overlap VO with ZO data Yinghai Lu
2015-03-10 9:34 ` Borislav Petkov
2015-03-10 15:05 ` Yinghai Lu
2015-03-10 15:10 ` Borislav Petkov
2015-03-10 15:17 ` Yinghai Lu
2015-03-10 15:21 ` Borislav Petkov
2015-03-10 15:42 ` Yinghai Lu
2015-03-10 15:48 ` Borislav Petkov
2015-03-10 19:29 ` Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 4/7] x86, kaslr: Access the correct kaslr_enabled variable Yinghai Lu
2015-03-10 0:55 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 5/7] x86, kaslr: Consolidate mem_avoid array filling Yinghai Lu
2015-03-10 1:00 ` Kees Cook
2015-03-10 1:10 ` Yinghai Lu
2015-03-10 1:26 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 6/7] x86, boot: Split kernel_ident_mapping_init to another file Yinghai Lu
2015-03-10 1:03 ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 7/7] x86, kaslr, 64bit: Set new or extra ident_mapping Yinghai Lu
2015-03-10 1:09 ` Kees Cook
2015-03-10 1:14 ` Yinghai Lu
2015-03-10 6:54 ` Yinghai Lu
2015-03-10 0:39 ` [PATCH v3 0/7] x86, boot: clean up kasl Kees Cook
2015-03-10 0:54 ` Yinghai Lu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAE9FiQWc+mnepaqr8RvRXkyhyaOY_C=KvE_A0Ojf_jda3KmFBA@mail.gmail.com' \
--to=yinghai@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=bhe@redhat.com \
--cc=bp@suse.de \
--cc=eternal.n08@gmail.com \
--cc=hpa@zytor.com \
--cc=jkosina@suse.cz \
--cc=josh@joshtriplett.org \
--cc=keescook@chromium.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matt.fleming@intel.com \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).