tboot-devel Mailing List for Trusted Boot (Page 3)

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

# HG changeset patch
# User Timo Lindfors <tim...@ik...>
# Date 1647554321 -7200
#      Thu Mar 17 23:58:41 2022 +0200
# Node ID 94606b71c3dabaabee813971a223686257d65d52
# Parent  bcdf58c1d076bfe41c58ac93254914dc0f2fd449
Ignore modules that overlap with internal data structures
Without this patch the system can go to an infinite reboot loop as
corrupted module causes the system to reset.

Signed-off-by: Timo Lindfors <tim...@ik...>

diff -r bcdf58c1d076 -r 94606b71c3da include/config.h

--- a/include/config.h	Thu Mar 10 10:28:11 2022 +0200
+++ b/include/config.h	Thu Mar 17 23:58:41 2022 +0200
@@ -52,9 +52,10 @@
 
 /* these addrs must be in low memory so that they are mapped by the */
 /* kernel at startup */
+#define TBOOT_LOWMEM_START           0x60000
 
 /* address/size for memory-resident serial log (when enabled) */
-#define TBOOT_SERIAL_LOG_ADDR        0x60000
+#define TBOOT_SERIAL_LOG_ADDR        TBOOT_LOWMEM_START
 #define TBOOT_SERIAL_LOG_SIZE        0x08000
 
 /* address/size for modified e820 table */
@@ -72,6 +73,8 @@
                                       TBOOT_EFI_MEMMAP_COPY_SIZE)
 #define TBOOT_KERNEL_CMDLINE_SIZE    0x0400
 
+#define TBOOT_LOWMEM_END             (TBOOT_KERNEL_CMDLINE_ADDR + \
+                                      TBOOT_KERNEL_CMDLINE_SIZE)
 
 #ifndef NR_CPUS
 #define NR_CPUS     1024
diff -r bcdf58c1d076 -r 94606b71c3da tboot/common/loader.c
--- a/tboot/common/loader.c	Thu Mar 10 10:28:11 2022 +0200
+++ b/tboot/common/loader.c	Thu Mar 17 23:58:41 2022 +0200
@@ -1807,6 +1807,42 @@
 }
 
 /*
+ * Check if two memory regions overlap
+ */
+static bool
+regions_overlap(const void *base1, size_t size1, const void *base2, size_t size2) {
+    /*
+      11111
+        22222
+    */
+    if (base1 <= base2 && base2 < base1 + size1) {
+        return true;
+    }
+    /*
+        11111
+      22222
+    */
+    if (base2 <= base1 && base1 < base2 + size2) {
+        return true;
+    }
+    /*
+        1
+      22222
+    */
+    if (base2 <= base1 && base1 + size1 < base2 + size2) {
+        return true;
+    }
+    /*
+      11111
+        2
+    */
+    if (base1 <= base2 && base2 + size2 < base1 + size1) {
+        return true;
+    }
+    return false;
+}
+
+/*
  * will go through all modules to find an SINIT that matches the platform
  * (size can be NULL)
  */
@@ -1836,6 +1872,11 @@
 
         void *base2 = (void *)m->mod_start;
         uint32_t size2 = m->mod_end - (unsigned long)(base2);
+        if (regions_overlap(base2, size2,
+                            (void*)TBOOT_LOWMEM_START, TBOOT_LOWMEM_END - TBOOT_LOWMEM_START)) {
+            printk(TBOOT_DETA "Ignoring module as it overlaps with tboot's internal data structures\n");
+            continue;
+        }
         if ( is_sinit_acmod(base2, size2, false) &&
              does_acmod_match_platform((acm_hdr_t *)base2, NULL) ) {
             if ( base != NULL )





2007	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct	Nov (3)	Dec (13)
2008	Jan (19)	Feb (24)	Mar (8)	Apr (14)	May (8)	Jun (10)	Jul (14)	Aug (3)	Sep (13)	Oct (27)	Nov (39)	Dec (24)
2009	Jan (19)	Feb (4)	Mar (2)	Apr (15)	May	Jun (2)	Jul (44)	Aug (21)	Sep (20)	Oct (2)	Nov (1)	Dec (7)
2010	Jan (7)	Feb (10)	Mar (2)	Apr (12)	May (7)	Jun (2)	Jul (18)	Aug (11)	Sep (4)	Oct (25)	Nov (8)	Dec (1)
2011	Jan (27)	Feb (2)	Mar (19)	Apr (8)	May (16)	Jun (11)	Jul (9)	Aug (9)	Sep (35)	Oct (9)	Nov (8)	Dec (32)
2012	Jan (37)	Feb (20)	Mar (2)	Apr (24)	May (4)	Jun (3)	Jul (5)	Aug (21)	Sep (8)	Oct (15)	Nov (1)	Dec (7)
2013	Jan (4)	Feb (8)	Mar (38)	Apr (9)	May (42)	Jun (4)	Jul (21)	Aug (4)	Sep	Oct (7)	Nov (2)	Dec (3)
2014	Jan (8)	Feb (8)	Mar (5)	Apr (9)	May (19)	Jun (1)	Jul (10)	Aug (25)	Sep (6)	Oct (2)	Nov (5)	Dec (1)
2015	Jan	Feb	Mar (5)	Apr	May (12)	Jun	Jul (2)	Aug (5)	Sep (11)	Oct (5)	Nov (3)	Dec (1)
2016	Jan (2)	Feb (24)	Mar	Apr (6)	May (26)	Jun (20)	Jul (8)	Aug (15)	Sep (21)	Oct (1)	Nov (7)	Dec (24)
2017	Jan (12)	Feb (2)	Mar (6)	Apr (8)	May (18)	Jun (13)	Jul (12)	Aug (8)	Sep (5)	Oct (1)	Nov	Dec
2018	Jan (2)	Feb (12)	Mar (8)	Apr (5)	May (7)	Jun (1)	Jul (4)	Aug (8)	Sep (2)	Oct (3)	Nov (4)	Dec (3)
2019	Jan (8)	Feb	Mar (2)	Apr	May (3)	Jun (4)	Jul (1)	Aug	Sep (8)	Oct (6)	Nov (20)	Dec (14)
2020	Jan (25)	Feb (12)	Mar (2)	Apr (13)	May (44)	Jun (9)	Jul	Aug (3)	Sep (5)	Oct (4)	Nov (2)	Dec
2021	Jan (6)	Feb	Mar (7)	Apr (1)	May	Jun (2)	Jul	Aug (16)	Sep (4)	Oct (6)	Nov (1)	Dec (6)
2022	Jan (5)	Feb (4)	Mar (22)	Apr (6)	May (4)	Jun (17)	Jul (2)	Aug	Sep	Oct (2)	Nov (1)	Dec (2)
2023	Jan (1)	Feb (1)	Mar	Apr	May (2)	Jun	Jul	Aug (1)	Sep	Oct	Nov	Dec (1)
2024	Jan (2)	Feb	Mar	Apr	May (1)	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2025	Jan (1)	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec

tboot-devel Mailing List for Trusted Boot (Page 3)

tboot-devel — Developer support