From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wi0-f174.google.com (mail-wi0-f174.google.com [209.85.212.174]) by kanga.kvack.org (Postfix) with ESMTP id A79F06B0032 for ; Mon, 16 Feb 2015 06:56:05 -0500 (EST) Received: by mail-wi0-f174.google.com with SMTP id em10so25543285wid.1 for ; Mon, 16 Feb 2015 03:56:05 -0800 (PST) Received: from mail.skyhub.de (mail.skyhub.de. [2a01:4f8:120:8448::d00d]) by mx.google.com with ESMTP id fm6si21521168wjc.133.2015.02.16.03.56.03 for ; Mon, 16 Feb 2015 03:56:03 -0800 (PST) Date: Mon, 16 Feb 2015 12:55:17 +0100 From: Borislav Petkov Subject: Re: [PATCH v2] x86, kaslr: propagate base load address calculation Message-ID: <20150216115517.GB9500@pd.tnic> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Sender: owner-linux-mm@kvack.org List-ID: To: Kees Cook Cc: Jiri Kosina , "H. Peter Anvin" , LKML , live-patching@vger.kernel.org, Linux-MM , "x86@kernel.org" On Fri, Feb 13, 2015 at 03:25:26PM -0800, Kees Cook wrote: > No, no; I agree: a malicious boot loader is a lost cause. I mean > mostly from a misbehavior perspective. Like, someone sees "kaslr" in > the setup args and thinks they can set it to 1 and boot a kernel, etc. > Or they set it to 0, but they lack HIBERNATION and "1" gets appended, > but the setup_data parser sees the boot-loader one set to 0, etc. I'm > just curious if we should avoid getting some poor system into a > confusing state. Well, we can apply the rule of the last setting sticks and since the kernel is always going to be adding the last setup_data element of type SETUP_KASLR (the boot loader ones will be somewhere on the list in-between and we add to the end), we're fine, no? -- Regards/Gruss, Boris. ECO tip #101: Trim your mails when you reply. -- -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org