lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 14 May 2018 11:52:16 -0700
From:   Fenghua Yu <fenghua.yu@...el.com>
To:     "Thomas Gleixner" <tglx@...utronix.de>,
        "Ingo Molnar" <mingo@...e.hu>,
        "H. Peter Anvin" <hpa@...ux.intel.com>,
        "Ashok Raj" <ashok.raj@...el.com>,
        "Ravi V Shankar" <ravi.v.shankar@...el.com>,
        "Tony Luck" <tony.luck@...el.com>,
        "Dave Hansen" <dave.hansen@...el.com>,
        "Rafael Wysocki" <rafael.j.wysocki@...el.com>,
        "Arjan van de Ven" <arjan@...radead.org>,
        "Alan Cox" <alan@...ux.intel.com>
Cc:     "x86" <x86@...nel.org>,
        "linux-kernel" <linux-kernel@...r.kernel.org>,
        Fenghua Yu <fenghua.yu@...el.com>
Subject: [PATCH 06/15] x86/split_lock: Save #AC setting for split lock in BIOS in boot time and restore the setting in reboot

BIOS may contain split locked instructions. #AC handler in BIOS may
treat split lock as fatal fault and stop execution. If kernel enables
#AC exception for split locked accesses and then kernel returns to BIOS,
the BIOS reboot code may hit #AC exception and block the reboot.

Instead of debugging the buggy BIOS, #AC setting for split lock is
restored to original BIOS setting to hide the potential BIOS issue and
allow kernel reboot succeed.

Signed-off-by: Fenghua Yu <fenghua.yu@...el.com>
---
 arch/x86/include/asm/cpu.h       |  2 ++
 arch/x86/kernel/cpu/split_lock.c | 56 ++++++++++++++++++++++++++++++++++++++--
 2 files changed, 56 insertions(+), 2 deletions(-)

diff --git a/arch/x86/include/asm/cpu.h b/arch/x86/include/asm/cpu.h
index 80dc27d73e81..0b00033b6fa8 100644
--- a/arch/x86/include/asm/cpu.h
+++ b/arch/x86/include/asm/cpu.h
@@ -44,10 +44,12 @@ unsigned int x86_stepping(unsigned int sig);
 int __init enumerate_split_lock(void);
 void setup_split_lock(void);
 bool do_split_lock_exception(struct pt_regs *regs, unsigned long error_code);
+bool restore_split_lock_ac_bios(int *enable);
 #else /* CONFIG_SPLIT_LOCK_AC */
 static inline int enumerate_split_lock(void) { return 0; }
 static inline void setup_split_lock(void) {}
 static inline bool
 do_split_lock_exception(struct pt_regs *regs, unsigned long error_code) {}
+static inline bool restore_split_lock_ac_bios(int *enable) { return true; }
 #endif /* CONFIG_SPLIT_LOCK_AC */
 #endif /* _ASM_X86_CPU_H */
diff --git a/arch/x86/kernel/cpu/split_lock.c b/arch/x86/kernel/cpu/split_lock.c
index efe6f39353d1..d2735259800b 100644
--- a/arch/x86/kernel/cpu/split_lock.c
+++ b/arch/x86/kernel/cpu/split_lock.c
@@ -13,6 +13,7 @@
 #include <linux/printk.h>
 #include <linux/workqueue.h>
 #include <linux/cpu.h>
+#include <linux/reboot.h>
 #include <asm/msr.h>
 
 static bool split_lock_ac_supported;
@@ -21,6 +22,7 @@ static bool split_lock_ac_supported;
 #define	ENABLE_SPLIT_LOCK_AC		1
 
 static int split_lock_ac = DISABLE_SPLIT_LOCK_AC;
+static int split_lock_ac_bios = DISABLE_SPLIT_LOCK_AC;
 
 static DEFINE_SPINLOCK(sl_lock);
 
@@ -71,10 +73,13 @@ void __init enumerate_split_lock(void)
 	wrmsr(MSR_TEST_CTL, l_orig, h);
 
 	/* Initialize split lock setting from previous BIOS setting. */
-	if (l_orig & MSR_TEST_CTL_ENABLE_AC_SPLIT_LOCK)
+	if (l_orig & MSR_TEST_CTL_ENABLE_AC_SPLIT_LOCK) {
+		split_lock_ac_bios = ENABLE_SPLIT_LOCK_AC;
 		split_lock_ac = ENABLE_SPLIT_LOCK_AC;
-	else
+	} else {
+		split_lock_ac_bios = DISABLE_SPLIT_LOCK_AC;
 		split_lock_ac = DISABLE_SPLIT_LOCK_AC;
+	}
 
 	pr_info("#AC exception for split locked accesses is supported\n");
 }
@@ -117,6 +122,44 @@ static bool _setup_split_lock(int split_lock_ac_val)
 	return false;
 }
 
+static bool restore_split_lock_ac(int split_lock_ac_val)
+{
+	if (!_setup_split_lock(split_lock_ac_val))
+		return false;
+
+	return true;
+}
+
+/* Restore BIOS setting for #AC exception for split lock. */
+bool restore_split_lock_ac_bios(int *enable)
+{
+	/* Don't restore the BIOS setting if kernel didn't change it. */
+	if (split_lock_ac == split_lock_ac_bios)
+		return false;
+
+	if (enable)
+		*enable = split_lock_ac_bios == ENABLE_SPLIT_LOCK_AC ? 1 : 0;
+
+	return restore_split_lock_ac(split_lock_ac_bios);
+}
+
+static void split_lock_cpu_reboot(void *unused)
+{
+	restore_split_lock_ac_bios(NULL);
+}
+
+static int split_lock_reboot_notify(struct notifier_block *nb,
+				    unsigned long code, void *unused)
+{
+	on_each_cpu_mask(cpu_online_mask, split_lock_cpu_reboot, NULL, 1);
+
+	return NOTIFY_DONE;
+}
+
+static struct notifier_block split_lock_reboot_nb = {
+	.notifier_call = split_lock_reboot_notify,
+};
+
 void setup_split_lock(void)
 {
 	if (!split_lock_ac_supported)
@@ -179,3 +222,12 @@ bool do_split_lock_exception(struct pt_regs *regs, unsigned long error_code)
 
 	return true;
 }
+
+static int __init split_lock_init(void)
+{
+	register_reboot_notifier(&split_lock_reboot_nb);
+
+	return 0;
+}
+
+late_initcall(split_lock_init);
-- 
2.5.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ