lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190214212149.GB5073@hpe.com>
Date:   Thu, 14 Feb 2019 15:21:49 -0600
From:   Dimitri Sivanich <sivanich@....com>
To:     Hedi Berriche <hedi.berriche@....com>
Cc:     linux-kernel@...r.kernel.org,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Bhupesh Sharma <bhsharma@...hat.com>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, linux-efi@...r.kernel.org,
        x86@...nel.org, Russ Anderson <rja@....com>,
        Mike Travis <mike.travis@....com>,
        Steve Wahl <steve.wahl@....com>, stable@...r.kernel.org
Subject: Re: [Patch v3 0/4] Protect against concurrent calls into UV BIOS

For the series:

Reviewed-by: Dimitri Sivanich <sivanich@....com>

On Wed, Feb 13, 2019 at 07:34:09PM +0000, Hedi Berriche wrote:
> - Changes since v2
>   Addressed comments from Ard Biesheuvel:
>  * expose efi_runtime_lock to UV platform only instead of globally
>  * remove unnecessary #ifdef CONFIG_EFI from bios_uv.c
> 
> - Changes since v1:
>   Addressed comments from Bhupesh Sharma, Thomas Gleixner, and Ard Biesheuvel:
>  * made __uv_bios_call() static
>  * moved the efi_enabled() cleanup to its own patchlet
>  * explained the reason for renaming the efi_runtime_lock semaphore
>  * dropped the reviewed-bys as they should be given on the mailing list
>  * Cc'ng stable@...r.kernel.org given the nature of the problem addressed by the patches
> 
> ---
> 
> Calls into UV BIOS were not being serialised which is wrong as it violates EFI
> runtime rules, and bad as it does result in all sorts of potentially hard to
> track down hangs and panics when efi_scratch.prev_mm gets clobbered whenever
> efi_switch_mm() gets called concurrently from two different CPUs.
> 
> Patch #1 removes an unnecessary #ifdef CONFIG_EFI guard from bios_uv.c.
> 
> Patch #2 removes uv_bios_call_reentrant() because it's dead code.
> 
> Patch #3 is a cleanup that drops test_bit() in favour of the ad hoc efi_enabled().
> 
> Patch #4 makes uv_bios_call() variants use the efi_runtime_lock semaphore to
> protect against concurrency.
> 
> Cc: Russ Anderson <rja@....com>
> Cc: Mike Travis <mike.travis@....com>
> Cc: Dimitri Sivanich <sivanich@....com>
> Cc: Steve Wahl <steve.wahl@....com>
> Cc: stable@...r.kernel.org # v4.9+
> 
> Hedi Berriche (4):
>   x86/platform/UV: remove unnecessary #ifdef CONFIG_EFI
>   x86/platform/UV: kill uv_bios_call_reentrant() as it has no callers
>   x86/platform/UV: use efi_enabled() instead of test_bit()
>   x86/platform/UV: use efi_runtime_lock to serialise BIOS calls
> 
>  arch/x86/include/asm/uv/bios.h          | 13 ++++-----
>  arch/x86/platform/uv/bios_uv.c          | 35 ++++++++++++++-----------
>  drivers/firmware/efi/runtime-wrappers.c |  7 +++++
>  3 files changed, 34 insertions(+), 21 deletions(-)
> 
> -- 
> 2.20.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ