Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp6094635imu; Wed, 30 Jan 2019 08:42:49 -0800 (PST) X-Google-Smtp-Source: ALg8bN4Vn1YAuYz+MK/pnOA9wUe/MQ9Cz+gh93s6o8g8hoZ9tdt7yy/08p9Am9KNw2YHKY/tiDR3 X-Received: by 2002:a17:902:24e7:: with SMTP id l36mr31252556plg.61.1548866569173; Wed, 30 Jan 2019 08:42:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1548866569; cv=none; d=google.com; s=arc-20160816; b=EuqN2TZrmvMf/4M1x6tTsWTZSfsK70C8neDW4GTtsG/+JW4k1O0p3VGYwZ8IReTJma ONiYDktqSL9krDVUoh/iKFjKkSosOh2fiN8093ffKBV0F33xIZ7WxKO1AU6bGimgWF9L W3le3tA6Oy28NFLGX3GaMK7p0MDrvd0iDO7lKmeFLZmck2f7XlAix2MrCiX8WrSd4zpz 3Wnyo9Z5M3bbLNEfkrbU2t3mop+Z75he2QDxt8elnd24pJmqZszmo8Ze9WrPecGIqIRN OCsxsvWlxcvkejSnJsZ2FT0zzQUXXSvdTgwZGCATItelN51cl3RQgAUDDY8y5Tg0P0Ke H6eA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from; bh=EV9FysSipB2pgg/KQhoxX1aGtQu5PtEsVZ8Chq5I9Vo=; b=eqR7jOvNBxKMNvGI9uRV1fOP6m47BA7vc9zO80gInPgjUpgW/QJ6ETKQtFXQW6FQ+2 RGHskydKLVoyrK6bsU09h3ivSBGcOG4B/WA3S8YtAPZ50pR832Kb9FDVr9qoSRzI0cEm Bw+hPt+TIQgsiiEL/8nOotZfTCKoKcX81mbzAXqAG3UtklTbT2sHT1SSRnjrERukmKkl hdWuyBpMjsbTpp5b/hSo8hdPZJF2wMudKK2u7UcQVhKLrayveRWiUbs2yms2fBqdTzJk nchBmeeWI8ie44s27o5y6NmJ5T4wkL71waEs/3QIXwnIq2RWLYDvJaXNFCMRt3uyzFnz /BAg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w11si1682149pgp.161.2019.01.30.08.42.34; Wed, 30 Jan 2019 08:42:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732308AbfA3Qkj (ORCPT + 99 others); Wed, 30 Jan 2019 11:40:39 -0500 Received: from smtp-fw-9102.amazon.com ([207.171.184.29]:26162 "EHLO smtp-fw-9102.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732089AbfA3Qki (ORCPT ); Wed, 30 Jan 2019 11:40:38 -0500 X-IronPort-AV: E=Sophos;i="5.56,541,1539648000"; d="scan'208";a="656543771" Received: from sea3-co-svc-lb6-vlan3.sea.amazon.com (HELO email-inbound-relay-2b-c7131dcf.us-west-2.amazon.com) ([10.47.22.38]) by smtp-border-fw-out-9102.sea19.amazon.com with ESMTP; 30 Jan 2019 16:40:34 +0000 Received: from u54ee758033e858cfa736 (pdx2-ws-svc-lb17-vlan3.amazon.com [10.247.140.70]) by email-inbound-relay-2b-c7131dcf.us-west-2.amazon.com (Postfix) with ESMTPS id A6357A0188; Wed, 30 Jan 2019 16:40:33 +0000 (UTC) Received: from u54ee758033e858cfa736.ant.amazon.com (localhost [127.0.0.1]) by u54ee758033e858cfa736 (8.15.2/8.15.2/Debian-3) with ESMTP id x0UGeUSq013437; Wed, 30 Jan 2019 17:40:31 +0100 Received: (from jsteckli@localhost) by u54ee758033e858cfa736.ant.amazon.com (8.15.2/8.15.2/Submit) id x0UGeT2T013436; Wed, 30 Jan 2019 17:40:29 +0100 From: Julian Stecklina To: x86@kernel.org Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , hpa@zytor.com, linux-kernel@vger.kernel.org, jschoenh@amazon.de, Julian Stecklina Subject: [PATCH 1/2] x86/boot: fix KASL when memmap range manipulation is used Date: Wed, 30 Jan 2019 17:40:02 +0100 Message-Id: <1548866403-13390-1-git-send-email-js@alien8.de> X-Mailer: git-send-email 2.7.4 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Julian Stecklina When the user passes a memmap=%-+ parameter to the kernel to reclassify some memory, this information is ignored during the randomization of the kernel base address. This in turn leads to cases where the kernel is unpacked to memory regions that the user marked as reserved. Fix this situation to avoid any memory region for KASLR that is reclassified. Fixes: ef61f8a340fd6d49df6b367785743febc47320c1 ("x86/boot/e820: Implement a range manipulation operator") Signed-off-by: Julian Stecklina --- arch/x86/boot/compressed/kaslr.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c index 9ed9709..5657e34 100644 --- a/arch/x86/boot/compressed/kaslr.c +++ b/arch/x86/boot/compressed/kaslr.c @@ -155,6 +155,12 @@ parse_memmap(char *p, unsigned long long *start, unsigned long long *size) case '#': case '$': case '!': + /* + * % would need some more complex parsing, because regions might + * actually become usable for KASLR, but the simple way of + * ignoring anything that is mentioned in % works for now. + */ + case '%': *start = memparse(p + 1, &p); return 0; case '@': -- 2.7.4