Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 4 Sep 2017 14:47:42 -0400 (EDT)
From: Nicolas Pitre <nicolas.pitre@...aro.org>
To: Ard Biesheuvel <ard.biesheuvel@...aro.org>
cc: linux-arm-kernel@...ts.infradead.org, kernel-hardening@...ts.openwall.com, 
    Arnd Bergmann <arnd@...db.de>, Russell King <linux@...linux.org.uk>, 
    Kees Cook <keescook@...omium.org>, Thomas Garnier <thgarnie@...gle.com>, 
    Marc Zyngier <marc.zyngier@....com>, Mark Rutland <mark.rutland@....com>, 
    Tony Lindgren <tony@...mide.com>, Matt Fleming <matt@...eblueprint.co.uk>, 
    Dave Martin <dave.martin@....com>
Subject: Re: [PATCH v2 25/29] ARM: decompressor: explicitly map decompressor
 binary cacheable

On Sun, 3 Sep 2017, Ard Biesheuvel wrote:

> When randomizing the kernel load address, there may be a large
> distance in memory between the decompressor binary and its payload
> and the destination area in memory. Ensure that the decompressor
> itself is mapped cacheable in this case, by tweaking the existing
> routine that takes care of this for XIP decompressors.
> 
> Cc: Russell King <linux@...linux.org.uk>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@...aro.org>

Acked-by: Nicolas Pitre <nico@...aro.org>

> ---
>  arch/arm/boot/compressed/head.S | 16 ++++++++++------
>  1 file changed, 10 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S
> index 5884e8151376..583cc6899d98 100644
> --- a/arch/arm/boot/compressed/head.S
> +++ b/arch/arm/boot/compressed/head.S
> @@ -706,20 +706,24 @@ __setup_mmu:	sub	r3, r4, #16384		@ Page directory size
>  		teq	r0, r2
>  		bne	1b
>  /*
> - * If ever we are running from Flash, then we surely want the cache
> - * to be enabled also for our execution instance...  We map 2MB of it
> - * so there is no map overlap problem for up to 1 MB compressed kernel.
> - * If the execution is in RAM then we would only be duplicating the above.
> + * Make sure our entire executable image (including payload) is mapped
> + * cacheable, in case it is located outside the region we covered above.
> + * (This may be the case if running from flash or with randomization enabled)
> + * If the regions happen to overlap, we just duplicate some of the above.
>   */
>  		orr	r1, r6, #0x04		@ ensure B is set for this
>  		orr	r1, r1, #3 << 10
>  		mov	r2, pc
> +		adr_l	r9, _end
>  		mov	r2, r2, lsr #20
> +		mov	r9, r9, lsr #20
>  		orr	r1, r1, r2, lsl #20
>  		add	r0, r3, r2, lsl #2
> -		str	r1, [r0], #4
> +		add	r9, r3, r9, lsl #2
> +0:		str	r1, [r0], #4
>  		add	r1, r1, #1048576
> -		str	r1, [r0]
> +		cmp	r0, r9
> +		bls	0b
>  		mov	pc, lr
>  ENDPROC(__setup_mmu)
>  
> -- 
> 2.11.0
> 
> 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.