| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tip-1c27f646b18fb56308dff82784ca61951bad0b48@git.kernel.org>
Date: Fri, 28 Oct 2016 01:37:49 -0700
From: tip-bot for Borislav Petkov <tipbot@...or.com>
To: linux-tip-commits@...r.kernel.org
Cc: bp@...e.de, luto@...capital.net, hpa@...or.com,
dvlasenk@...hat.com, jpoimboe@...hat.com, agruenba@...hat.com,
torvalds@...ux-foundation.org, linux-mm@...ck.org,
mingo@...nel.org, rpeterso@...hat.com, peterz@...radead.org,
brgerst@...il.com, bp@...en8.de, mgorman@...hsingularity.net,
swhiteho@...hat.com, luto@...nel.org, linux-kernel@...r.kernel.org,
tglx@...utronix.de
Subject: [tip:x86/urgent] x86/microcode/AMD: Fix more fallout from
CONFIG_RANDOMIZE_MEMORY=y
Commit-ID: 1c27f646b18fb56308dff82784ca61951bad0b48
Gitweb: http://git.kernel.org/tip/1c27f646b18fb56308dff82784ca61951bad0b48
Author: Borislav Petkov <bp@...e.de>
AuthorDate: Thu, 27 Oct 2016 14:36:23 +0200
Committer: Ingo Molnar <mingo@...nel.org>
CommitDate: Fri, 28 Oct 2016 10:29:59 +0200
x86/microcode/AMD: Fix more fallout from CONFIG_RANDOMIZE_MEMORY=y
We needed the physical address of the container in order to compute the
offset within the relocated ramdisk. And we did this by doing __pa() on
the virtual address.
However, __pa() does checks whether the physical address is within
PAGE_OFFSET and __START_KERNEL_map - see __phys_addr() - which fail
if we have CONFIG_RANDOMIZE_MEMORY enabled: we feed a virtual address
which *doesn't* have the randomization offset into a function which uses
PAGE_OFFSET which *does* have that offset.
This makes this check fire:
VIRTUAL_BUG_ON((x > y) || !phys_addr_valid(x));
^^^^^^
due to the randomization offset.
The fix is as simple as using __pa_nodebug() because we do that
randomization offset accounting later in that function ourselves.
Reported-by: Bob Peterson <rpeterso@...hat.com>
Tested-by: Bob Peterson <rpeterso@...hat.com>
Signed-off-by: Borislav Petkov <bp@...e.de>
Cc: Andreas Gruenbacher <agruenba@...hat.com>
Cc: Andy Lutomirski <luto@...capital.net>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Borislav Petkov <bp@...en8.de>
Cc: Brian Gerst <brgerst@...il.com>
Cc: Denys Vlasenko <dvlasenk@...hat.com>
Cc: H. Peter Anvin <hpa@...or.com>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Mel Gorman <mgorman@...hsingularity.net>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Steven Whitehouse <swhiteho@...hat.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: linux-mm <linux-mm@...ck.org>
Cc: stable@...r.kernel.org # 4.9
Link: http://lkml.kernel.org/r/20161027123623.j2jri5bandimboff@pd.tnic
Signed-off-by: Ingo Molnar <mingo@...nel.org>
---
arch/x86/kernel/cpu/microcode/amd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c
index 620ab06..017bda1 100644
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -429,7 +429,7 @@ int __init save_microcode_in_initrd_amd(void)
* We need the physical address of the container for both bitness since
* boot_params.hdr.ramdisk_image is a physical address.
*/
- cont = __pa(container);
+ cont = __pa_nodebug(container);
cont_va = container;
#endif
Powered by blists - more mailing lists