lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <5626D97C.1060609@gmail.com>
Date:	Wed, 21 Oct 2015 02:17:00 +0200
From:	John Doe <securef33d@...il.com>
To:	Boris Ostrovsky <boris.ostrovsky@...cle.com>,
	Jan Beulich <JBeulich@...e.com>
Cc:	Ingo Molnar <mingo@...nel.org>, x86@...nel.org,
	xen-devel@...ts.xen.org, linux-kernel@...r.kernel.org
Subject: Re: [Xen-devel] PROBLEM: kernel panic xsave_init

On 20/10/2015 16:27, Boris Ostrovsky wrote:
> On 10/20/2015 09:43 AM, Jan Beulich wrote:
>>>>> On 20.10.15 at 15:22, <boris.ostrovsky@...cle.com> wrote:
>>> The reason I think its this commit is that RAX, RDX and RCX look very
>>> much like arguments to xsetbv (which xstate_enable_boot_cpu() executes)
>>> and RAX value is 0x1f, which has two new bits that this commit defined.
>> That would be the two MPX related bits, yet us (luckily) white listing
>> leaf 7 in pv_cpuid(), it is quite easy to validate that we don't expose
>> this feature to PV(H) guests.
> 
> Oh, so something like
> 
> cpuid=['0x7:ebx=xxxxxxxxxxxxxxxxx0xxxxxxxxxxxxxx']
> 
> (bit 14 as zero) for John to try then.
> 
> 
> -boris
> 
>> Sadly the story is different for HVM
>> guests (where the leaf handling uses black listing), but the register
>> dump here clearly points to a PV guest (or Dom0).
>>
>> Jan
>>
> 
Jan the dump is taken from serial connection to Dom0, it does crash
during boot.

I just tried with xen 4.6.0 and it booted properly without xsave=0.
Running gdb against /proc/kcore, with a x/10x 0xffffffff81d58fad i just
get null bytes, with both xen4.4.3 (xsave=0) and 4.6.0.
Tomorrow i will send you the gdb output and i will try to run it during
the boot process.

J.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ