[tboot-devel] [PATCH 1 of 3] Ignore modules that overlap with internal data structures

Thu, 17 Mar 2022 15:14:40 -0700 

# HG changeset patch
# User Timo Lindfors <timo.lindf...@iki.fi>
# Date 1647554321 -7200
#      Thu Mar 17 23:58:41 2022 +0200
# Node ID 94606b71c3dabaabee813971a223686257d65d52
# Parent  bcdf58c1d076bfe41c58ac93254914dc0f2fd449
Ignore modules that overlap with internal data structures
Without this patch the system can go to an infinite reboot loop as
corrupted module causes the system to reset.

Signed-off-by: Timo Lindfors <timo.lindf...@iki.fi>

diff -r bcdf58c1d076 -r 94606b71c3da include/config.h
--- a/include/config.h  Thu Mar 10 10:28:11 2022 +0200
+++ b/include/config.h  Thu Mar 17 23:58:41 2022 +0200
@@ -52,9 +52,10 @@
 
 /* these addrs must be in low memory so that they are mapped by the */
 /* kernel at startup */
+#define TBOOT_LOWMEM_START           0x60000
 
 /* address/size for memory-resident serial log (when enabled) */
-#define TBOOT_SERIAL_LOG_ADDR        0x60000
+#define TBOOT_SERIAL_LOG_ADDR        TBOOT_LOWMEM_START
 #define TBOOT_SERIAL_LOG_SIZE        0x08000
 
 /* address/size for modified e820 table */
@@ -72,6 +73,8 @@
                                       TBOOT_EFI_MEMMAP_COPY_SIZE)
 #define TBOOT_KERNEL_CMDLINE_SIZE    0x0400
 
+#define TBOOT_LOWMEM_END             (TBOOT_KERNEL_CMDLINE_ADDR + \
+                                      TBOOT_KERNEL_CMDLINE_SIZE)
 
 #ifndef NR_CPUS
 #define NR_CPUS     1024
diff -r bcdf58c1d076 -r 94606b71c3da tboot/common/loader.c
--- a/tboot/common/loader.c     Thu Mar 10 10:28:11 2022 +0200
+++ b/tboot/common/loader.c     Thu Mar 17 23:58:41 2022 +0200
@@ -1807,6 +1807,42 @@
 }
 
 /*
+ * Check if two memory regions overlap
+ */
+static bool
+regions_overlap(const void *base1, size_t size1, const void *base2, size_t 
size2) {
+    /*
+      11111
+        22222
+    */
+    if (base1 <= base2 && base2 < base1 + size1) {
+        return true;
+    }
+    /*
+        11111
+      22222
+    */
+    if (base2 <= base1 && base1 < base2 + size2) {
+        return true;
+    }
+    /*
+        1
+      22222
+    */
+    if (base2 <= base1 && base1 + size1 < base2 + size2) {
+        return true;
+    }
+    /*
+      11111
+        2
+    */
+    if (base1 <= base2 && base2 + size2 < base1 + size1) {
+        return true;
+    }
+    return false;
+}
+
+/*
  * will go through all modules to find an SINIT that matches the platform
  * (size can be NULL)
  */
@@ -1836,6 +1872,11 @@
 
         void *base2 = (void *)m->mod_start;
         uint32_t size2 = m->mod_end - (unsigned long)(base2);
+        if (regions_overlap(base2, size2,
+                            (void*)TBOOT_LOWMEM_START, TBOOT_LOWMEM_END - 
TBOOT_LOWMEM_START)) {
+            printk(TBOOT_DETA "Ignoring module as it overlaps with tboot's 
internal data structures\n");
+            continue;
+        }
         if ( is_sinit_acmod(base2, size2, false) &&
              does_acmod_match_platform((acm_hdr_t *)base2, NULL) ) {
             if ( base != NULL )



_______________________________________________
tboot-devel mailing list
tboot-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tboot-devel

Reply via email to