| Message ID | 20211013175742.1197608-1-keescook@chromium.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | x86: Various clean-ups in support of FGKASLR | expand |
From: Kees Cook <keescook@chromium.org> Date: Wed, 13 Oct 2021 10:57:38 -0700 > Hi, > > These are a small set of patches that clean up various things that are > each stand-alone improvements, but they're also needed for the coming > FGKASLR series[1]. I thought it best to just get these landed instead > of having them continue to tag along with FGKASLR, especially the > early malloc() fix, which is a foot-gun waiting to happen. :) Thanks for picking this! Those really are standalone guys. > Thanks! > > -Kees > > [1] https://lore.kernel.org/lkml/20210831144114.154-1-alexandr.lobakin@intel.com/ > > Kees Cook (2): > x86/boot: Allow a "silent" kaslr random byte fetch > x86/boot/compressed: Avoid duplicate malloc() implementations > > Kristen Carlson Accardi (2): > x86/tools/relocs: Support >64K section headers > vmlinux.lds.h: Have ORC lookup cover entire _etext - _stext > > arch/x86/boot/compressed/kaslr.c | 4 -- > arch/x86/boot/compressed/misc.c | 3 + > arch/x86/boot/compressed/misc.h | 2 + > arch/x86/lib/kaslr.c | 18 ++++-- > arch/x86/tools/relocs.c | 103 ++++++++++++++++++++++-------- > include/asm-generic/vmlinux.lds.h | 3 +- > include/linux/decompress/mm.h | 12 +++- > 7 files changed, 107 insertions(+), 38 deletions(-) > > -- > 2.30.2 Thanks, Al
On Wed, Oct 13, 2021 at 10:57:38AM -0700, Kees Cook wrote: > Hi, > > These are a small set of patches that clean up various things that are > each stand-alone improvements, but they're also needed for the coming > FGKASLR series[1]. I thought it best to just get these landed instead > of having them continue to tag along with FGKASLR, especially the > early malloc() fix, which is a foot-gun waiting to happen. :) > > Thanks! > > -Kees > > [1] https://lore.kernel.org/lkml/20210831144114.154-1-alexandr.lobakin@intel.com/ Peter, Josh, Boris, can someone please take these through -tip? They're each stand-alone correctness improvements, and while FGKASLR depends on them, there is no reason to keep them tied to that series, especially since anyone using the early-boot malloc or making changes to text sections is going to trip over one or several of the issues fixed here. They've got a bunch of reviews and acks already: https://patchwork.kernel.org/project/linux-hardening/list/?series=562929 Thanks! -Kees > > Kees Cook (2): > x86/boot: Allow a "silent" kaslr random byte fetch > x86/boot/compressed: Avoid duplicate malloc() implementations > > Kristen Carlson Accardi (2): > x86/tools/relocs: Support >64K section headers > vmlinux.lds.h: Have ORC lookup cover entire _etext - _stext > > arch/x86/boot/compressed/kaslr.c | 4 -- > arch/x86/boot/compressed/misc.c | 3 + > arch/x86/boot/compressed/misc.h | 2 + > arch/x86/lib/kaslr.c | 18 ++++-- > arch/x86/tools/relocs.c | 103 ++++++++++++++++++++++-------- > include/asm-generic/vmlinux.lds.h | 3 +- > include/linux/decompress/mm.h | 12 +++- > 7 files changed, 107 insertions(+), 38 deletions(-) > > -- > 2.30.2 >
On Wed, Oct 13, 2021 at 10:57:38AM -0700, Kees Cook wrote: > Kees Cook (2): > x86/boot: Allow a "silent" kaslr random byte fetch > x86/boot/compressed: Avoid duplicate malloc() implementations > > Kristen Carlson Accardi (2): > x86/tools/relocs: Support >64K section headers > vmlinux.lds.h: Have ORC lookup cover entire _etext - _stext > > arch/x86/boot/compressed/kaslr.c | 4 -- > arch/x86/boot/compressed/misc.c | 3 + > arch/x86/boot/compressed/misc.h | 2 + > arch/x86/lib/kaslr.c | 18 ++++-- > arch/x86/tools/relocs.c | 103 ++++++++++++++++++++++-------- > include/asm-generic/vmlinux.lds.h | 3 +- > include/linux/decompress/mm.h | 12 +++- > 7 files changed, 107 insertions(+), 38 deletions(-) Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Boris, these are indeed all improvements to the status quo, irrespective of future FGKASLR work. Do you want to take them, or should I stick them in x86/core ?