From: Kees Cook <keescook@chromium.org>
To: Baoquan He <bhe@redhat.com>
Cc: LKML <linux-kernel@vger.kernel.org>,
"x86@kernel.org" <x86@kernel.org>,
Matt Fleming <matt@codeblueprint.co.uk>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
izumi.taku@jp.fujitsu.com, fanc.fnst@cn.fujitsu.com,
Thomas Garnier <thgarnie@google.com>
Subject: Re: [PATCH v4 2/4] x86/boot/KASLR: Switch to pass struct mem_vector to process_e820_entry()
Date: Sun, 9 Jul 2017 07:02:05 -0700 [thread overview]
Message-ID: <CAGXu5jJA7D1r8L9vBBoaf-=nYvKPp8mY4QPizpFaEjV8ihSwtQ@mail.gmail.com> (raw)
In-Reply-To: <1499603862-11516-3-git-send-email-bhe@redhat.com>
On Sun, Jul 9, 2017 at 5:37 AM, Baoquan He <bhe@redhat.com> wrote:
> This makes process_e820_entry() be able to process any kind of memory
> region.
>
> Signed-off-by: Baoquan He <bhe@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
-Kees
> ---
> arch/x86/boot/compressed/kaslr.c | 25 ++++++++++++++-----------
> 1 file changed, 14 insertions(+), 11 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
> index 1485f48aeda1..36ff9f729c43 100644
> --- a/arch/x86/boot/compressed/kaslr.c
> +++ b/arch/x86/boot/compressed/kaslr.c
> @@ -479,31 +479,31 @@ static unsigned long slots_fetch_random(void)
> return 0;
> }
>
> -static void process_e820_entry(struct boot_e820_entry *entry,
> +static void process_e820_entry(struct mem_vector *entry,
> unsigned long minimum,
> unsigned long image_size)
> {
> struct mem_vector region, overlap;
> struct slot_area slot_area;
> unsigned long start_orig, end;
> - struct boot_e820_entry cur_entry;
> + struct mem_vector cur_entry;
>
> /* On 32-bit, ignore entries entirely above our maximum. */
> - if (IS_ENABLED(CONFIG_X86_32) && entry->addr >= KERNEL_IMAGE_SIZE)
> + if (IS_ENABLED(CONFIG_X86_32) && entry->start >= KERNEL_IMAGE_SIZE)
> return;
>
> /* Ignore entries entirely below our minimum. */
> - if (entry->addr + entry->size < minimum)
> + if (entry->start + entry->size < minimum)
> return;
>
> /* Ignore entries above memory limit */
> - end = min(entry->size + entry->addr, mem_limit);
> - if (entry->addr >= end)
> + end = min(entry->size + entry->start, mem_limit);
> + if (entry->start >= end)
> return;
> - cur_entry.addr = entry->addr;
> - cur_entry.size = end - entry->addr;
> + cur_entry.start = entry->start;
> + cur_entry.size = end - entry->start;
>
> - region.start = cur_entry.addr;
> + region.start = cur_entry.start;
> region.size = cur_entry.size;
>
> /* Give up if slot area array is full. */
> @@ -518,7 +518,7 @@ static void process_e820_entry(struct boot_e820_entry *entry,
> region.start = ALIGN(region.start, CONFIG_PHYSICAL_ALIGN);
>
> /* Did we raise the address above this e820 region? */
> - if (region.start > cur_entry.addr + cur_entry.size)
> + if (region.start > cur_entry.start + cur_entry.size)
> return;
>
> /* Reduce size by any delta from the original address. */
> @@ -562,6 +562,7 @@ static void process_e820_entries(unsigned long minimum,
> unsigned long image_size)
> {
> int i;
> + struct mem_vector region;
> struct boot_e820_entry *entry;
>
> /* Verify potential e820 positions, appending to slots list. */
> @@ -570,7 +571,9 @@ static void process_e820_entries(unsigned long minimum,
> /* Skip non-RAM entries. */
> if (entry->type != E820_TYPE_RAM)
> continue;
> - process_e820_entry(entry, minimum, image_size);
> + region.start = entry->addr;
> + region.size = entry->size;
> + process_e820_entry(®ion, minimum, image_size);
> if (slot_area_index == MAX_SLOT_AREA) {
> debug_putstr("Aborted e820 scan (slot_areas full)!\n");
> break;
> --
> 2.5.5
>
--
Kees Cook
Pixel Security
next prev parent reply other threads:[~2017-07-09 14:02 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-09 12:37 [PATCH v4 0/4] x86/boot/KASLR: Restrict kernel to be randomized in mirror regions Baoquan He
2017-07-09 12:37 ` [PATCH v4 1/4] x86/boot/KASLR: Wrap e820 entries walking code into new function process_e820_entries() Baoquan He
2017-07-09 14:00 ` Kees Cook
2017-07-18 10:45 ` [tip:x86/boot] " tip-bot for Baoquan He
2017-07-09 12:37 ` [PATCH v4 2/4] x86/boot/KASLR: Switch to pass struct mem_vector to process_e820_entry() Baoquan He
2017-07-09 14:02 ` Kees Cook [this message]
2017-07-18 10:45 ` [tip:x86/boot] " tip-bot for Baoquan He
2017-07-09 12:37 ` [PATCH v4 3/4] x86/boot/KASLR: Rename process_e820_entry() into process_mem_region() Baoquan He
2017-07-09 14:02 ` Kees Cook
2017-07-18 10:45 ` [tip:x86/boot] " tip-bot for Baoquan He
2017-07-09 12:37 ` [PATCH v4 4/4] x86/boot/KASLR: Restrict kernel to be randomized in mirror regions Baoquan He
2017-07-09 14:11 ` Kees Cook
2017-07-09 14:28 ` Baoquan He
2017-07-10 1:47 ` Baoquan He
2017-07-10 2:48 ` Chao Fan
2017-07-10 7:50 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGXu5jJA7D1r8L9vBBoaf-=nYvKPp8mY4QPizpFaEjV8ihSwtQ@mail.gmail.com' \
--to=keescook@chromium.org \
--cc=bhe@redhat.com \
--cc=fanc.fnst@cn.fujitsu.com \
--cc=hpa@zytor.com \
--cc=izumi.taku@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
--cc=thgarnie@google.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).