lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Feb 2018 20:58:15 +0000
From:   "Ghannam, Yazen" <Yazen.Ghannam@....com>
To:     Borislav Petkov <bp@...e.de>
CC:     Tony Luck <tony.luck@...el.com>,
        "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "ard.biesheuvel@...aro.org" <ard.biesheuvel@...aro.org>,
        "x86@...nel.org" <x86@...nel.org>
Subject: RE: [PATCH v2 0/8] Decode IA32/X64 CPER

> -----Original Message-----
> From: Borislav Petkov [mailto:bp@...e.de]
> Sent: Wednesday, February 28, 2018 11:36 AM
> To: Ghannam, Yazen <Yazen.Ghannam@....com>
> Cc: Tony Luck <tony.luck@...el.com>; linux-efi@...r.kernel.org; linux-
> kernel@...r.kernel.org; ard.biesheuvel@...aro.org; x86@...nel.org
> Subject: Re: [PATCH v2 0/8] Decode IA32/X64 CPER
> 
> On Wed, Feb 28, 2018 at 03:12:09PM +0000, Ghannam, Yazen wrote:
> > CPER is the format used for BERT, etc. We'll only ever see a CPER if the
> > firmware creates it. And it's up to firmware policy what is shared with
> > the OS.
> 
> Yap, but we should still tie it into our infra.
> 

Okay, so how about this?

1) We keep this set mostly as-is. This would be our fallback if we don't have
anything better.

2) I add the MCA decoding to this set. I was thinking to do this in a separate
set but maybe it's better to do it all together.

Number 2 would mean we do a quick check on the CPER to see if it contains
MCA info. There's no spec-defined way to do this, but we can make a good
guess by seeing if we have an "MSR register" context and that context has
an "MSR address" that is an MCA register.

If we think we have MCA info, then we pull as much out of the CPER as we
can and put it in a struct mce which we then pass to the notifier chain.

If we don't think we have MCA info, then we fallback to number 1.

At the moment, it seems we'll be using x86 CPER to represent MCA errors
in BERT since there's no other option in BERT. So I think having number 2
would catch most, if not all, errors reported with x86 CPER.

Thanks,
Yazen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ