lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Aug 2016 09:34:10 -0500 From: Alex Thorlton <athorlton@....com> To: Matt Fleming <matt@...eblueprint.co.uk> Cc: Alex Thorlton <athorlton@....com>, linux-kernel@...r.kernel.org, Russ Anderson <rja@....com>, Mike Travis <travis@....com>, Borislav Petkov <bp@...e.de>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org Subject: Re: [RFC PATCH] Fix EFI callbacks on UV during kexec On Mon, Aug 01, 2016 at 02:39:26PM +0100, Matt Fleming wrote: > On Tue, 26 Jul, at 05:38:32PM, Alex Thorlton wrote: > > > > After investigating the problem here and figuring out the proper way to > > get the noefi parameter working again, I noticed that there appears to > > be support for EFI runtime callbacks in a kexec'd kernel now... I > > think we need some more cleanup here to get that all working entirely. > > Without noefi, we hit a bad paging request when we try to do EFI > > callbacks: > > [...] > > > [ 0.341531] BUG: unable to handle kernel paging request at 000000006a1ab938 > > [ 0.349319] IP: [<000000006a1ab938>] 0x6a1ab938 > > [ 0.354386] PGD 354e0063 PUD 0 > > [ 0.357910] Oops: 0010 [#1] SMP > > [ 0.361414] Modules linked in: > > [ 0.364833] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.7.0-runtime-check+ #713 > > [...] > > > This is due to the fact that the efi_map_region_fixed calls in > > kexec_enter_virtual_mode, which map in the EFI runtime memory > > descriptors, only map the virtual address of the descriptor. > > Unfortunately, since we're still relying on the physical address of our > > EFI runtime code being mapped in, we don't have access to that code in > > the kexec scenario. > > > > A potential fix for this would be to map in the physical addresses of > > the descriptors as well as the virtual addresses in > > efi_map_region_fixed, but the more "correct" fix would be to update > > our system table pointer to its new virtual address during > > SetVirtualAddressMap. We intend to get that piece fixed up relatively > > soon, but haven't quite gotten around to it yet. > > I don't think it would be so bad if we did the 1:1 mappings in the > kexec kernel too, we've got our own page tables after all and the VA > space is available. It would be required if people ever want to use > kexec with mixed mode kernels too. Hmm... That's a good point. It certainly would be nice for us to have those mappings in the kexec kernel, at least for the time being. If you're not opposed to it, I can write up the patch. Pretty sure it's a one-liner. - Alex
Powered by blists - more mailing lists