linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Yinghai Lu <yinghai@kernel.org>
To: Borislav Petkov <bp@suse.de>
Cc: Matt Fleming <matt.fleming@intel.com>,
	"H. Peter Anvin" <hpa@zytor.com>, Ingo Molnar <mingo@redhat.com>,
	Kees Cook <keescook@chromium.org>, Baoquan He <bhe@redhat.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Jiri Kosina <jkosina@suse.cz>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
	Josh Triplett <josh@joshtriplett.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Junjie Mao <eternal.n08@gmail.com>
Subject: Re: [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size
Date: Mon, 9 Mar 2015 12:35:25 -0700	[thread overview]
Message-ID: <CAE9FiQWc+mnepaqr8RvRXkyhyaOY_C=KvE_A0Ojf_jda3KmFBA@mail.gmail.com> (raw)
In-Reply-To: <20150309124935.GA12732@pd.tnic>

On Mon, Mar 9, 2015 at 5:49 AM, Borislav Petkov <bp@suse.de> wrote:
> I ended up committing this. Anything I've missed?
>
> ---
> From: Yinghai Lu <yinghai@kernel.org>
> Date: Sat, 7 Mar 2015 14:07:15 -0800
> Subject: [PATCH] x86/setup: Use init_size instead of run_size
>
> Commit
>
>   e6023367d779 ("x86, kaslr: Prevent .bss from overlaping initrd")
>
> introduced run_size for KASLR to represent the size of kernel proper
> (vmlinux).
>
> However, we should use the actual runtime size (which provides for
> copy/decompress), i.e. init_size, as it includes .bss and .brk.
>
> Why, you ask?
>
> Because init_size is the size needed for safe kernel decompression and
> thus can be higher than run_size in case the decompressor needs a larger
> buffer.
>
> From arch/x86/boot/header.S:
>   #define ZO_INIT_SIZE    (ZO__end - ZO_startup_32 + ZO_z_extract_offset)
>   #define VO_INIT_SIZE    (VO__end - VO__text)
>   #if ZO_INIT_SIZE > VO_INIT_SIZE
>   #define INIT_SIZE ZO_INIT_SIZE
>   #else
>   #define INIT_SIZE VO_INIT_SIZE
>   #endif
>   init_size:              .long INIT_SIZE         # kernel initialization size
>
> The boot loader allocates a buffer of size init_size which it
> reads from the setup header and loads the compressed kernel
> (arch/x86/boot/compressed/vmlinux) in it.
>
> init_size initially comes from the kernel proper's (vmlinux) init size.
> It includes the .bss and .brk area.
>
> When the boot loader hands off to the compressed kernel, the last
> moves itself to z_extract_offset within the buffer to make sure that
> the decompressor output does not overwrite input data before it gets
> consumed.
>
> However, z_extract_offset is the size difference
> between the uncompressed and compressed kernel (see
> arch/x86/boot/compressed/mkpiggy.c) and thus represents the additional
> space needed for decompression but it doesn't factor in a bigger
> ZO_INIT_SIZE.

Can you put back:
"
So need to make sure [z_extra_offset, init_size) will fit ZO, that means
init_size need to be adjusted according to ZO size.
That make init_size is always >= run_size.
"

>
> During ASLR buffer searching, we need to make sure the new buffer is big
> enough for decompression. So use init_size instead, and kill run_size
> related code.

  parent reply	other threads:[~2015-03-09 19:35 UTC|newest]

Thread overview: 54+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-07 22:07 [PATCH v3 0/7] x86, boot: clean up kasl Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 1/7] x86, kaslr: Use init_size instead of run_size Yinghai Lu
2015-03-09 12:49   ` Borislav Petkov
2015-03-09 15:58     ` Ingo Molnar
2015-03-09 15:58       ` Borislav Petkov
2015-03-09 19:35     ` Yinghai Lu [this message]
2015-03-09 20:00       ` Borislav Petkov
2015-03-09 20:06         ` Yinghai Lu
2015-03-09 20:18           ` Borislav Petkov
2015-03-09 21:28             ` Yinghai Lu
2015-03-10  0:42   ` Kees Cook
2015-03-13 12:27   ` Ingo Molnar
2015-03-14  2:47     ` Yinghai Lu
2015-03-14  7:53       ` Ingo Molnar
2015-03-14  9:59         ` Borislav Petkov
2015-03-16 10:06           ` [PATCH] Revert "x86/mm/ASLR: Propagate base load address calculation" Borislav Petkov
2015-03-16 12:11             ` [tip:x86/urgent] " tip-bot for Borislav Petkov
2015-03-16 19:32               ` Yinghai Lu
2015-03-16 13:56             ` [PATCH] " Jiri Kosina
2015-03-16 19:15               ` Yinghai Lu
2015-03-17  8:14                 ` Ingo Molnar
2015-03-07 22:07 ` [PATCH v3 2/7] x86, boot: Move ZO to end of buffer Yinghai Lu
2015-03-10  0:54   ` Kees Cook
2015-03-10  1:04     ` Yinghai Lu
2015-03-10  5:59     ` Borislav Petkov
2015-03-10  8:00   ` Borislav Petkov
2015-03-10  9:34     ` Jiri Kosina
2015-03-10  9:35       ` Borislav Petkov
2015-03-10 15:11     ` Yinghai Lu
2015-03-10 15:13       ` Borislav Petkov
2015-03-10 16:59     ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 3/7] x86, boot: Don't overlap VO with ZO data Yinghai Lu
2015-03-10  9:34   ` Borislav Petkov
2015-03-10 15:05     ` Yinghai Lu
2015-03-10 15:10       ` Borislav Petkov
2015-03-10 15:17         ` Yinghai Lu
2015-03-10 15:21           ` Borislav Petkov
2015-03-10 15:42             ` Yinghai Lu
2015-03-10 15:48               ` Borislav Petkov
2015-03-10 19:29                 ` Yinghai Lu
2015-03-07 22:07 ` [PATCH v3 4/7] x86, kaslr: Access the correct kaslr_enabled variable Yinghai Lu
2015-03-10  0:55   ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 5/7] x86, kaslr: Consolidate mem_avoid array filling Yinghai Lu
2015-03-10  1:00   ` Kees Cook
2015-03-10  1:10     ` Yinghai Lu
2015-03-10  1:26       ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 6/7] x86, boot: Split kernel_ident_mapping_init to another file Yinghai Lu
2015-03-10  1:03   ` Kees Cook
2015-03-07 22:07 ` [PATCH v3 7/7] x86, kaslr, 64bit: Set new or extra ident_mapping Yinghai Lu
2015-03-10  1:09   ` Kees Cook
2015-03-10  1:14     ` Yinghai Lu
2015-03-10  6:54       ` Yinghai Lu
2015-03-10  0:39 ` [PATCH v3 0/7] x86, boot: clean up kasl Kees Cook
2015-03-10  0:54   ` Yinghai Lu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAE9FiQWc+mnepaqr8RvRXkyhyaOY_C=KvE_A0Ojf_jda3KmFBA@mail.gmail.com' \
    --to=yinghai@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=ard.biesheuvel@linaro.org \
    --cc=bhe@redhat.com \
    --cc=bp@suse.de \
    --cc=eternal.n08@gmail.com \
    --cc=hpa@zytor.com \
    --cc=jkosina@suse.cz \
    --cc=josh@joshtriplett.org \
    --cc=keescook@chromium.org \
    --cc=linux-efi@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=matt.fleming@intel.com \
    --cc=mingo@redhat.com \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).