Re: [PATCH v2 7/9] get the random phy addr according to slot_area info
From: Kees Cook
Date: Wed Mar 04 2015 - 16:28:39 EST
On Mon, Mar 2, 2015 at 6:58 AM, Baoquan He <bhe@xxxxxxxxxx> wrote:
> Now random value can be used to get related slot info stored in
> slot_area, mainly use slot_area.num to position which slot is target.
> With this slot its starting address is returned as the physical
> address where kernel will put.
>
> Signed-off-by: Baoquan He <bhe@xxxxxxxxxx>
> ---
> arch/x86/boot/compressed/aslr.c | 34 +++++++++++++++++++---------------
> 1 file changed, 19 insertions(+), 15 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/aslr.c b/arch/x86/boot/compressed/aslr.c
> index 1c6fb31..55adee2 100644
> --- a/arch/x86/boot/compressed/aslr.c
> +++ b/arch/x86/boot/compressed/aslr.c
> @@ -245,9 +245,6 @@ static unsigned long mem_min_overlap(struct mem_vector *img, struct mem_vector *
> return min;
> }
>
> -static unsigned long slots[CONFIG_RANDOMIZE_BASE_MAX_OFFSET /
> - CONFIG_PHYSICAL_ALIGN];
> -
> struct slot_area {
> unsigned long addr;
> int num;
> @@ -261,23 +258,28 @@ static unsigned long slot_max;
>
> static unsigned long slot_area_index;
>
> -static void slots_append(unsigned long addr)
> -{
> - /* Overflowing the slots list should be impossible. */
> - if (slot_max >= CONFIG_RANDOMIZE_BASE_MAX_OFFSET /
> - CONFIG_PHYSICAL_ALIGN)
> - return;
> -
> - slots[slot_max++] = addr;
> -}
> -
> static unsigned long slots_fetch_random(void)
> {
> + unsigned long random;
> + int i;
> +
> /* Handle case of no slots stored. */
> if (slot_max == 0)
> return 0;
>
> - return slots[get_random_long() % slot_max];
> + random = get_random_long() % slot_max;
> +
> + for (i=0; i< slot_area_index; i++) {
> + if (random > slot_areas[i].num) {
> + random -= slot_areas[i].num;
> + continue;
> + }
> + return slot_areas[i].addr + random * CONFIG_PHYSICAL_ALIGN;
> + }
> +
> + if (i == slot_area_index )
> + debug_putstr("something wrong happened in slots_fetch_random()...\n");
> + return 0;
> }
>
> static int process_e820_entry(struct e820entry *entry,
> @@ -362,7 +364,7 @@ repeat:
> goto repeat;
> }
>
> -static unsigned long find_random_addr(unsigned long minimum,
> +static unsigned long find_random_phy_addr(unsigned long minimum,
> unsigned long size)
> {
> int i;
> @@ -374,6 +376,8 @@ static unsigned long find_random_addr(unsigned long minimum,
> /* Verify potential e820 positions, appending to slots list. */
> for (i = 0; i < real_mode->e820_entries; i++) {
> process_e820_entry(&real_mode->e820_map[i], minimum, size);
> + if ( slot_area_index == MAX_SLOT_AREA )
> + break;
I wonder if this should emit a printk warning?
-Kees
> }
>
> return slots_fetch_random();
> --
> 1.9.3
>
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/