lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20170127162315.GG31613@codeblueprint.co.uk>
Date:   Fri, 27 Jan 2017 16:23:15 +0000
From:   Matt Fleming <matt@...eblueprint.co.uk>
To:     Jiri Kosina <jikos@...nel.org>
Cc:     Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Waiman Long <waiman.long@....com>,
        Borislav Petkov <bp@...e.de>,
        Laura Abbott <labbott@...hat.com>,
        Vojtech Pavlik <vojtech@....cz>,
        Hanka Pavlikova <hanka@....cz>, linux-kernel@...r.kernel.org,
        linux-efi@...r.kernel.org
Subject: Re: [PATCH v2] x86/efi: always map first physical page into EFI
 pagetables

On Fri, 27 Jan, at 04:39:59PM, Jiri Kosina wrote:
> From: Jiri Kosina <jkosina@...e.cz>
> 
> Commit 129766708 ("x86/efi: Only map RAM into EFI page tables if in 
> mixed-mode") stopped creating 1:1 mapping for all RAM in case of running 
> in native 64bit mode.
> 
> It turns out though that there are 64bit EFI implementations in the wild 
> (this particular problem has been reported on Lenovo Yoga 710-11IKB) which 
> still make use of first physical page for their own private use even 
> though they explicitly mark it EFI_CONVENTIONAL_MEMORY in the memory map.
> 
> In case there is no mapping for this particular frame in EFI pagetables, 
> as soon as firmware tries to make use of it, triple fault occurs and the 
> system reboots (in case of Yoga 710-11IKB this is very early during boot).
> 
> Fix that by always mapping the first page of physical memory into EFI 
> pagetables. We're on a safe side, as trim_bios_range() will reserve the 
> first page and isolate it away from memory allocators anyway.
> 
> Note: just reverting 129766708 is not enough on v4.9-rc1+ to fix the 
> regression on affected hardware, as commit ab72a27da ("x86/efi: 
> Consolidate region mapping logic") later made the first physical frame not 
> to be mapped anyway.
> 
> Fixes: 129766708 ("x86/efi: Only map RAM into EFI page tables if in mixed-mode")
> Cc: stable@...nel.org # v4.8+
> Cc: Waiman Long <waiman.long@....com>
> Cc: Borislav Petkov <bp@...e.de>
> Cc: Laura Abbott <labbott@...hat.com>
> Cc: Vojtech Pavlik <vojtech@....cz>
> Reported-by: Hanka Pavlikova <hanka@....cz>
> Signed-off-by: Jiri Kosina <jkosina@...e.cz>
> ---
 
Thanks Jiri. Queued for v4.10-rc6.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ