[PATCH 3/4] kaslr setup_data handling

From: Baoquan He
Date: Fri Sep 05 2014 - 10:10:20 EST

Next message: Baoquan He: "[PATCH 4/4] export the kernel image size KERNEL_IMAGE_SIZE"
Previous message: Baoquan He: "[PATCH 2/4] kaslr: check if the random addr is available"
In reply to: Baoquan He: "Re: [PATCH 2/4] kaslr: check if the random addr is available"
Next in thread: Kees Cook: "Re: [PATCH 3/4] kaslr setup_data handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Dave Young <dyoung@xxxxxxxxxx>

X86 will pass setup_data region while necessary, these regions could be
overwitten by kernel due to kaslr.

Thus iterate and add setup regions to mem_avoid[] in this patch.
Up to now there isn't a official data to state the maximal entries
setup data could use. So just set max mem avoid entries 32, hopefully
it will be enough. This can be increased later when people report
they are using more setup data entries.

Signed-off-by: Dave Young <dyoung@xxxxxxxxxx>
Signed-off-by: Baoquan He <bhe@xxxxxxxxxx>
---
arch/x86/boot/compressed/aslr.c | 29 +++++++++++++++++++++++++++--
1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
index 975b07b..7e92fc8 100644
--- a/arch/x86/boot/compressed/aslr.c
+++ b/arch/x86/boot/compressed/aslr.c
@@ -110,8 +110,9 @@ struct mem_vector {
unsigned long size;
};

-#define MEM_AVOID_MAX 5
+#define MEM_AVOID_MAX 32
static struct mem_vector mem_avoid[MEM_AVOID_MAX];
+static int mem_avoid_nr;

static bool mem_contains(struct mem_vector *region, struct mem_vector *item)
{
@@ -135,6 +136,27 @@ static bool mem_overlaps(struct mem_vector *one, struct mem_vector *two)
return true;
}

+static void mem_avoid_setup_data(void)
+{
+ struct setup_data *data;
+ u64 pa_data;
+
+ pa_data = real_mode->hdr.setup_data;
+ while (pa_data) {
+ if (mem_avoid_nr >= MEM_AVOID_MAX) {
+ debug_putstr("KASLR: too many setup_data ranges.\n");
+ return;
+ }
+ data = (struct setup_data *)pa_data;
+ if (pa_data < CONFIG_RANDOMIZE_BASE_MAX_OFFSET) {
+ mem_avoid[mem_avoid_nr].start = pa_data;
+ mem_avoid[mem_avoid_nr].size = sizeof(*data) + data->len;
+ mem_avoid_nr++;
+ }
+ pa_data = data->next;
+ }
+}
+
static void mem_avoid_init(unsigned long input, unsigned long input_size,
unsigned long output, unsigned long output_size)
{
@@ -177,6 +199,9 @@ static void mem_avoid_init(unsigned long input, unsigned long input_size,
/* Avoid stack memory. */
mem_avoid[4].start = (unsigned long)free_mem_end_ptr;
mem_avoid[4].size = BOOT_STACK_SIZE;
+ mem_avoid_nr = 5;
+
+ mem_avoid_setup_data();
}

/* Does this memory vector overlap a known avoided area? */
@@ -184,7 +209,7 @@ static bool mem_avoid_overlap(struct mem_vector *img)
{
int i;

- for (i = 0; i < MEM_AVOID_MAX; i++) {
+ for (i = 0; i < mem_avoid_nr; i++) {
if (mem_overlaps(img, &mem_avoid[i]))
return true;
}
--
1.8.5.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Baoquan He: "[PATCH 4/4] export the kernel image size KERNEL_IMAGE_SIZE"
Previous message: Baoquan He: "[PATCH 2/4] kaslr: check if the random addr is available"
In reply to: Baoquan He: "Re: [PATCH 2/4] kaslr: check if the random addr is available"
Next in thread: Kees Cook: "Re: [PATCH 3/4] kaslr setup_data handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]