Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file

From: Linus Torvalds
Date: Wed Apr 06 2016 - 13:54:11 EST

Next message: Grigori Goronzy: "Re: [PATCH v2 10/14] USB: ch341: fix coding style"
Previous message: Toshi Kani: "Re: [PATCH] x86 get_unmapped_area: Add PMD alignment for DAX PMD mmap"
In reply to: Linus Torvalds: "Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file"
Next in thread: ed: "Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 6, 2016 at 8:20 AM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> I'd much rather just not insert the resources in the first place then.

So I'd find a patch like the attached to be perfectly acceptable (in
fact, we should have done this long ago).

That said, for a kernel hardening thing, I think it would be much more
important to just make sure that KASLR is enabled much more. Right now
I think it's disabled in practice if you enable hibernation support,
and I think most distros do that.

So I think that in *practice*, kaslr is much more likely to be
defeated by much more mundane reasons.

Linus
arch/x86/kernel/setup.c | 37 -------------------------------------
1 file changed, 37 deletions(-)

diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
index 2367ae07eb76..319b08a5b6ed 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -146,31 +146,6 @@ int default_check_phys_apicid_present(int phys_apicid)

struct boot_params boot_params;

-/*
- * Machine setup..
- */
-static struct resource data_resource = {
- .name = "Kernel data",
- .start = 0,
- .end = 0,
- .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM
-};
-
-static struct resource code_resource = {
- .name = "Kernel code",
- .start = 0,
- .end = 0,
- .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM
-};
-
-static struct resource bss_resource = {
- .name = "Kernel bss",
- .start = 0,
- .end = 0,
- .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM
-};
-
-
#ifdef CONFIG_X86_32
/* cpu data as detected by the assembly code in head.S */
struct cpuinfo_x86 new_cpu_data = {
@@ -949,13 +924,6 @@ void __init setup_arch(char **cmdline_p)

mpx_mm_init(&init_mm);

- code_resource.start = __pa_symbol(_text);
- code_resource.end = __pa_symbol(_etext)-1;
- data_resource.start = __pa_symbol(_etext);
- data_resource.end = __pa_symbol(_edata)-1;
- bss_resource.start = __pa_symbol(__bss_start);
- bss_resource.end = __pa_symbol(__bss_stop)-1;
-
#ifdef CONFIG_CMDLINE_BOOL
#ifdef CONFIG_CMDLINE_OVERRIDE
strlcpy(boot_command_line, builtin_cmdline, COMMAND_LINE_SIZE);
@@ -1019,11 +987,6 @@ void __init setup_arch(char **cmdline_p)

x86_init.resources.probe_roms();

- /* after parse_early_param, so could debug it */
- insert_resource(&iomem_resource, &code_resource);
- insert_resource(&iomem_resource, &data_resource);
- insert_resource(&iomem_resource, &bss_resource);
-
e820_add_kernel_range();
trim_bios_range();
#ifdef CONFIG_X86_32

Next message: Grigori Goronzy: "Re: [PATCH v2 10/14] USB: ch341: fix coding style"
Previous message: Toshi Kani: "Re: [PATCH] x86 get_unmapped_area: Add PMD alignment for DAX PMD mmap"
In reply to: Linus Torvalds: "Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file"
Next in thread: ed: "Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]