| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 3 Sep 2017 07:46:16 +0000
From: "Prakhya, Sai Praneeth" <sai.praneeth.prakhya@...el.com>
To: Bhupesh Sharma <bhsharma@...hat.com>
CC: "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Matt Fleming <matt@...eblueprint.co.uk>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
"jlee@...e.com" <jlee@...e.com>, Borislav Petkov <bp@...en8.de>,
"Luck, Tony" <tony.luck@...el.com>,
"luto@...nel.org" <luto@...nel.org>,
"mst@...hat.com" <mst@...hat.com>,
"Neri, Ricardo" <ricardo.neri@...el.com>,
"Shankar, Ravi V" <ravi.v.shankar@...el.com>
Subject: RE: [PATCH V2 0/3] Use mm_struct and switch_mm() instead of manually
> >
> > Thanks for this v2.
> > Introducing the 'efi_switch_mm() ' helper instead of manually
> > twiddling with %cr3 seems more cleaner.
> >
> > I have tested this patchset on a x86_64 machine with the following
> > configurations:
> >
> > 1. Primary kernel boot with efi=old_map 2. Primary kernel boot with
> > new efi map
> >
> > While it seems that efi=old_map passes, the new efi map boot fails for
> > me on both the two x86 machine (Dell 3050MT and a SGI - UV300 machine.
> >
> > It seems we are hitting a NULL pointer deference in
> > 'efi_call_phys_prolog' while accessing '&efi_mm'.
> >
> > Please see the log below for details:
> >
> > [ 0.020006] BUG: unable to handle kernel NULL pointer dereference
> > at (null)
> > [ 0.021000] IP: switch_mm_irqs_off+0x44/0x270
> > [ 0.021000] Call Trace:
> > [ 0.021000] switch_mm+0x20/0x30
> > [ 0.021000] efi_switch_mm+0x49/0x60
> > [ 0.021000] efi_call_phys_prolog+0x56/0x1b3
> > [ 0.021000] efi_enter_virtual_mode+0x3a9/0x520
> > [ 0.021000] start_kernel+0x424/0x4c8
> > [ 0.021000] ? set_init_arg+0x5a/0x5a
> > [ 0.021000] ? early_idt_handler_array+0x120/0x120
> > [ 0.021000] x86_64_start_reservations+0x29/0x2b
> > [ 0.021000] x86_64_start_kernel+0x151/0x174
> > [ 0.021000] secondary_startup_64+0x9f/0x9f
> > [ 0.021000] Code: 2d 82 51 d9 4f 65 c7 05 0f 65 da 4f 01 00 00 00
> > 48 39 f7 0f 84 14 01 00 00 65 48 89 35 f6 64 da 4f 48 8b 86 e8 02 00
> > 00 45 89 ed <f0> 4c 0f ab 28 bf 00 00 00 80 48 03 7e 50 48 8b 05 27 b0
> > b9 00
> > [ 0.021000] RIP: switch_mm_irqs_off+0x44/0x270 RSP: ffffffffb0e035d0
> > [ 0.021000] CR2: 0000000000000000
> > [ 0.021000] ---[ end trace fb94349305e1cb8b ]---
> > [ 0.021000] Kernel panic - not syncing: Fatal exception
> > [ 0.021000] ---[ end Kernel panic - not syncing: Fatal exception
> >
>
> And I forgot to mention that I tried the patchset both with the efi/next and
> linus's trees and saw the same result.
>
> I would be happy to help in case you need further details of the test environment
> or need help in testing this crash further.
>
> Regards,
> Bhupesh
Hi Bhupesh,
Thanks for trying the patches and raising the concern.
Could you also please also give a try on qemu? (if reproducible, we will be having a common platform to start debugging)
I have tested this patch set on qemu and real machines (different from one's you tried) in our lab and didn’t notice this issue.
Regards,
Sai
Powered by blists - more mailing lists