Ah, it sounds like boot_params.hdr.setup_data contains a series of e820-like entries chained together as a linked list? Which loaders currently populate that? Looks like EFI? Seems like arch/x86/boot/compressed/eboot.c works on setup_data at least.
I won't be in a position to test EFI booting for a while. If someone else took this, that would make it get fixed much faster. Do you have examples where this is actually causing failures? -Kees On Wed, Apr 23, 2014 at 7:50 PM, Dave Young <dyo...@redhat.com> wrote: > On 04/23/14 at 07:43pm, Kees Cook wrote: >> On Wed, Apr 23, 2014 at 7:35 PM, Dave Young <dyo...@redhat.com> wrote: >> > Hello Kees >> > >> > I'm worrying that setup_data regions could be overwitten by randomize >> > kernel base. Would you like to fix it in kaslr code? >> > >> > One problem is there could be a lot of setup_data regions but current >> > mem_avoid is an fixed array. >> >> Sure, can you give me some examples? Seems like it shouldn't be too >> hard to have the mem_avoid logic walk additional areas. > > Great, To walk through the list just like the function parse_setup_data in > arch/x86/kernel/setup.c > > Thanks > Dave -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
