lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160708073828.GA3216@gmail.com>
Date:	Fri, 8 Jul 2016 09:38:28 +0200
From:	Ingo Molnar <mingo@...nel.org>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
Cc:	Wei Jiangang <weijg.fnst@...fujitsu.com>,
	linux-kernel@...r.kernel.org, x86@...nel.org,
	kexec@...ts.infradead.org, tglx@...utronix.de, mingo@...hat.com,
	hpa@...or.com, fenghua.yu@...el.com
Subject: Re: [PATCH v2] kexec: Fix kdump failure with notsc


* Eric W. Biederman <ebiederm@...ssion.com> wrote:

> Sigh.  Can we please just do the work to rip out the apic shutdown code from the 
> kexec on panic code path?
> 
> I forgetting details but the only reason we have do any apic shutdown is bugs in 
> older kernels that could not initialize a system properly if we did not shut 
> down the apics.
> 
> I certainly don't see an issue with goofy cases like notsc not working on a 
> crash capture kernel if we are not initializing the hardware properly.
> 
> The strategy really needs to be to only do the absolutely essential hardware 
> shutdown in the crashing kernel, every adintional line of code we execute in the 
> crashing kernel increases our chances of hitting a bug.

Fully agreed.

> Under that policy things like requring we don't pass boot options that inhibit 
> the dump catpure kernel from initializing the hardware from a random state are 
> reasonable requirements.  AKA I don't see any justification in this as to why we 
> would even want to support notsc on the dump capture kernel.  Especially when 
> things clearly work when that option is not specified.

So at least on the surface it appears 'surprising' that the 'notsc' option (which, 
supposedly, disables TSC handling) interferes with being able to fully boot. Even 
if 'notsc' is specified we are still using the local APIC, right?

So it might be a good idea to find the root cause of this bootup fragility even if 
'notsc' is specified. And I fully agree that it should be fixed in the bootup path 
of the dump kernel, not the crash kernel reboot path.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ