lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080829063012.GA19459@elte.hu>
Date:	Fri, 29 Aug 2008 08:30:12 +0200
From:	Ingo Molnar <mingo@...e.hu>
To:	Yinghai Lu <yhlu.kernel@...il.com>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	"H. Peter Anvin" <hpa@...or.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Jesse Barnes <jbarnes@...tuousgeek.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86: split e820 reserved entries record to late v4


* Yinghai Lu <yhlu.kernel@...il.com> wrote:

> Linus said we should register some entries in e820 later,
> so could let BAR res register at first, or even pnp?
> 
> this one replace
> | commit a2bd7274b47124d2fc4dfdb8c0591f545ba749dd
> | Author: Yinghai Lu <yhlu.kernel@...il.com>
> | Date:   Mon Aug 25 00:56:08 2008 -0700
> |
> |    x86: fix HPET regression in 2.6.26 versus 2.6.25, check hpet against BAR, v3
> 
> v2: insert e820 reserve resources before pnp_system_init
> v3: fix merging problem in tip/x86/core
>     please drop the one in tip/x86/core use this one instead
> v4: address Linus's review about comments and condition in _late()
> 
> Signed-off-by: Yinghai Lu <yhlu.kernel@...il.com>

applied to tip/x86/core, thanks.

Let me outline the issue that i raised before:

> +               if (!res->parent && res->end)
> +                       insert_resource(&iomem_resource, res);

what if this insertion fails due to partial overlap? Right now we drop 
it silently - which might be fine for most systems, but have a look on 
the specific system that had the hpet regression, there we have these 
reserved e820 entries:

 BIOS-e820: 0000000077ff0000 - 0000000078000000 (reserved)
 BIOS-e820: 00000000e0000000 - 00000000f0000000 (reserved)
 BIOS-e820: 00000000fec00000 - 0000000100000000 (reserved)

which overlaps with the chipset PCI BAR (hpet) resource:

   pci 0000:00:14.0: BAR has HPET at fed00000-fed003ff

so due to this 1K conflict we take the full e820-reserved entry out and 
give the range 0xfec00000-0x100000000 as 'free'.

And that failure to register can cause problems. In this case that 
'reserved' e820 entry definitely has real meaning, both the local APIC 
and the IO-APIC is in that range:

   ACPI: Local APIC address 0xfee00000
   IOAPIC[0]: apic_id 2, version 0, address 0xfec00000, GSI 0-23

Which might still be OK for all memory resources we happen to enumerate 
- but we dont necessarily enumerate all of them when we have e.g. an UP 
kernel, and we will definitely not enumerate any 'hidden' state a system 
might have there. (SMM, etc.) If we then allocate a dynamic PCI resource 
into that range later on (thinking it's "free" but in reality it's 
claimed) we get a crash or worse.

So my worry, which i outlined before and which Peter agreed with, was 
that we should not mark areas 'free' that the BIOS thinks are 
'reserved'. According to the map above, the BIOS declared non-RAM 'free' 
range in the first 4GB is 0x78000000..0xe0000000 - 1664 MB, plenty of 
space.

The solution would be to insert such conflicting (even if partially 
overlapping)

Also, a small code structure comment:

> +		if (e820.map[i].type != E820_RESERVED || res->start < (1ULL<<20))
> +			insert_resource(&iomem_resource, res);

this still needs a comment that we deal with resources that start below 
1MB in a special way and insert them early.

Perhaps split it out into a e820_entry_trusted() function and use that 
as a condition in both the early and the late logic. [plus the check for 
->end in the late logic - that should be outside of the 'trust' 
definition]

So whenever we tweak the definition of 'trust', we only have to do it in 
a single place. Agreed?

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ