Commit-ID: 0f8ede1b8c4cb845c53072d7e49d71ca24a61ced
Gitweb: http://git.kernel.org/tip/0f8ede1b8c4cb845c53072d7e49d71ca24a61ced
Author: Kees Cook <keescook@xxxxxxxxxxxx>
AuthorDate: Wed, 20 Apr 2016 13:55:46 -0700
Committer: Ingo Molnar <mingo@xxxxxxxxxx>
CommitDate: Fri, 22 Apr 2016 10:00:51 +0200
x86/KASLR: Warn when KASLR is disabled
If KASLR is built in but not available at run-time (either due to the
current conflict with hibernation, command-line request, or e820 parsing
failures), announce the state explicitly. To support this, a new "warn"
function is created, based on the existing "error" function.
Suggested-by: Ingo Molnar <mingo@xxxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Baoquan He <bhe@xxxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxxxx>
Cc: Borislav Petkov <bp@xxxxxxx>
Cc: Brian Gerst <brgerst@xxxxxxxxx>
Cc: Denys Vlasenko <dvlasenk@xxxxxxxxxx>
Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Cc: H. Peter Anvin <hpa@xxxxxxxxx>
Cc: H.J. Lu <hjl.tools@xxxxxxxxx>
Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Yinghai Lu <yinghai@xxxxxxxxxx>
Link: http://lkml.kernel.org/r/1461185746-8017-6-git-send-email-keescook@xxxxxxxxxxxx
Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx>
---
arch/x86/boot/compressed/kaslr.c | 6 +++---
arch/x86/boot/compressed/misc.c | 12 +++++++++---
arch/x86/boot/compressed/misc.h | 1 +
3 files changed, 13 insertions(+), 6 deletions(-)
diff --git a/arch/x86/boot/compressed/kaslr.c b/arch/x86/boot/compressed/kaslr.c
index 3ad71a0..8741a6d 100644
--- a/arch/x86/boot/compressed/kaslr.c
+++ b/arch/x86/boot/compressed/kaslr.c
@@ -314,12 +314,12 @@ unsigned char *choose_random_location(unsigned char *input,
#ifdef CONFIG_HIBERNATION
if (!cmdline_find_option_bool("kaslr")) {
- debug_putstr("KASLR disabled by default...\n");
+ warn("KASLR disabled: 'kaslr' not on cmdline (hibernation selected).");
goto out;
}
#else
if (cmdline_find_option_bool("nokaslr")) {
- debug_putstr("KASLR disabled by cmdline...\n");
+ warn("KASLR disabled: 'nokaslr' on cmdline.");
goto out;
}
#endif
@@ -333,7 +333,7 @@ unsigned char *choose_random_location(unsigned char *input,
/* Walk e820 and find a random address. */
random_addr = find_random_addr(choice, output_size);
if (!random_addr) {
- debug_putstr("KASLR could not find suitable E820 region...\n");
+ warn("KASLR disabled: could not find suitable E820 region!");
goto out;
}
diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/misc.c
index eacc855..c57d785 100644
--- a/arch/x86/boot/compressed/misc.c
+++ b/arch/x86/boot/compressed/misc.c
@@ -166,11 +166,17 @@ void __puthex(unsigned long value)
}
}
-static void error(char *x)
+void warn(char *m)
{
error_putstr("\n\n");
- error_putstr(x);
- error_putstr("\n\n -- System halted");
+ error_putstr(m);
+ error_putstr("\n\n");
+}
+
+static void error(char *m)
+{
+ warn(m);
+ error_putstr(" -- System halted");
while (1)
asm("hlt");
diff --git a/arch/x86/boot/compressed/misc.h b/arch/x86/boot/compressed/misc.h
index 9887e0d..e75f6cf 100644
--- a/arch/x86/boot/compressed/misc.h
+++ b/arch/x86/boot/compressed/misc.h
@@ -35,6 +35,7 @@ extern memptr free_mem_end_ptr;
extern struct boot_params *boot_params;
void __putstr(const char *s);
void __puthex(unsigned long value);
+void warn(char *m);
#define error_putstr(__x) __putstr(__x)
#define error_puthex(__x) __puthex(__x)
--
To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|