lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Thu, 15 Mar 2012 09:43:45 +0900
From:	Simon Horman <horms@...ge.net.au>
To:	Don Zickus <dzickus@...hat.com>
Cc:	Fernando Luis Vázquez Cao 
	<fernando@....ntt.co.jp>, akpm@...ux-foundation.org,
	linux-tip-commits@...r.kernel.org, Yinghai Lu <yinghai@...nel.org>,
	kexec@...ts.infradead.org, linux-kernel@...r.kernel.org,
	mingo@...hat.com, "Eric W. Biederman" <ebiederm@...ssion.com>,
	"H. Peter Anvin" <hpa@...or.com>, tglx@...utronix.de,
	torvalds@...ux-foundation.org, mingo@...e.hu, vgoyal@...hat.com
Subject: Re: [PATCH 1/2] boot: ignore early NMIs

On Tue, Mar 13, 2012 at 09:33:50AM -0400, Don Zickus wrote:
> On Tue, Mar 13, 2012 at 11:11:49AM +0900, Fernando Luis Vázquez Cao wrote:
> > On 03/13/2012 05:16 AM, H. Peter Anvin wrote:
> > >On 03/12/2012 01:04 PM, H. Peter Anvin wrote:
> > >>On 03/12/2012 01:01 PM, Eric W. Biederman wrote:
> > >>>The basic problem is which source do we block this at?  How many
> > >>>sources are their?  And architecturally last I looked x86 no longer
> > >>>has a NMI disable EFI and similar systems want to get away without
> > >>>a CMOS legacy clock because designers so often get them wrong.
> > >>>
> > >>On all processors which have an LAPIC you can block all NMI sources at
> > >>the LAPIC.  I think it's safe to assume that if you don't have an LAPIC
> > >>-- an ancient system by now -- you have port 70h.
> > >>
> > >One thing: *disabling* the LAPIC will allow external NMIs coming in on
> > >LINT1 through, since the LAPIC in the disabled state tries to mimic the
> > >no-LAPIC configuration.  So I don't think you want to disable LAPIC as
> > >much as disable the interrupt vectors within.
> > 
> > Does this sound like a plan to get the ball rolling?:
> > 
> > 1.- Merge Don's patch to disable the LAPIC in kdump reboot path (this
> >   fixes a real issue seen in the field, is a net win and certainly not a
> >   regression - indeed it makes the code simpler because the I/O
> >   APICs are left untouched).
> 
> I think you mean my patch to stop disabling the I/O APIC.  That patch
> hasn't seen any new issues.  It was the piece that stopped disabling the
> LAPIC that opened the doors for NMIs to fault the system.
> 
> > 
> > 2.- Merge my patch set to ignore early NMIs (this brings the behavior
> >   of the boot code in line with what we do in the rest of the kernel
> >   a we can avoid situations were a spurious NMI causes the kernel
> >   to halt). The early NMI handler is temporary and the final NMI
> >   handler installed shortly afterwards will take care of subsequent
> >   NMIs.
> > 
> > 3.- Make sure that spurious NMIs (i.e. NMIs that for whatever reason
> >   could not be stopped at the source) received during the reboot
> >   path to the kdump kernel do not cause a triple fault or a system
> >   lockup. This is under testing.
> 
> This will require changes in kexec-tools as the purgatory code zaps the
> GDT I believe.  This is going to make a 'complete solution' dependent on
> a version of kexec-tools.  Not sure what we want to do there.

Ouch. I guess that in the event that purgatory needs to be modified
some backwards-compatibility will need to be provided, possibly
by allowing purgatory to switch between two behaviours based on
e.g. a command line parameter.

> > 4.- Identify all the NMI sources and keep them from reaching the CPU
> >   when it can be done in a race-free way.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists