Re: kaslr should avoid setup_data region

[Kees Cook]

Ah, it sounds like boot_params.hdr.setup_data contains a series of
e820-like entries chained together as a linked list? Which loaders
currently populate that? Looks like EFI? Seems like
arch/x86/boot/compressed/eboot.c works on setup_data at least.

I won't be in a position to test EFI booting for a while. If someone
else took this, that would make it get fixed much faster.

Do you have examples where this is actually causing failures?

-Kees

On Wed, Apr 23, 2014 at 7:50 PM, Dave Young <dyoung@xxxxxxxxxx> wrote:
> On 04/23/14 at 07:43pm, Kees Cook wrote:
>> On Wed, Apr 23, 2014 at 7:35 PM, Dave Young <dyoung@xxxxxxxxxx> wrote:
>> > Hello Kees
>> >
>> > I'm worrying that setup_data regions could be overwitten by randomize
>> > kernel base. Would you like to fix it in kaslr code?
>> >
>> > One problem is there could be a lot of setup_data regions but current
>> > mem_avoid is an fixed array.
>>
>> Sure, can you give me some examples? Seems like it shouldn't be too
>> hard to have the mem_avoid logic walk additional areas.
>
> Great, To walk through the list just like the function parse_setup_data in
> arch/x86/kernel/setup.c
>
> Thanks
> Dave



-- 
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/