lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Feb 2019 13:31:48 -0800
From:   Mike Travis <mike.travis@....com>
To:     Dimitri Sivanich <sivanich@....com>,
        Hedi Berriche <hedi.berriche@....com>
Cc:     linux-kernel@...r.kernel.org,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Bhupesh Sharma <bhsharma@...hat.com>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        "H. Peter Anvin" <hpa@...or.com>, linux-efi@...r.kernel.org,
        x86@...nel.org, Russ Anderson <rja@....com>,
        Steve Wahl <steve.wahl@....com>, stable@...r.kernel.org
Subject: Re: [Patch v3 0/4] Protect against concurrent calls into UV BIOS



On 2/14/2019 1:21 PM, Dimitri Sivanich wrote:
> For the series:
> 
> Reviewed-by: Dimitri Sivanich <sivanich@....com>

As well as I:

Reviewed-by: Mike Travis <mike.travis@....com>

> 
> On Wed, Feb 13, 2019 at 07:34:09PM +0000, Hedi Berriche wrote:
>> - Changes since v2
>>    Addressed comments from Ard Biesheuvel:
>>   * expose efi_runtime_lock to UV platform only instead of globally
>>   * remove unnecessary #ifdef CONFIG_EFI from bios_uv.c
>>
>> - Changes since v1:
>>    Addressed comments from Bhupesh Sharma, Thomas Gleixner, and Ard Biesheuvel:
>>   * made __uv_bios_call() static
>>   * moved the efi_enabled() cleanup to its own patchlet
>>   * explained the reason for renaming the efi_runtime_lock semaphore
>>   * dropped the reviewed-bys as they should be given on the mailing list
>>   * Cc'ng stable@...r.kernel.org given the nature of the problem addressed by the patches
>>
>> ---
>>
>> Calls into UV BIOS were not being serialised which is wrong as it violates EFI
>> runtime rules, and bad as it does result in all sorts of potentially hard to
>> track down hangs and panics when efi_scratch.prev_mm gets clobbered whenever
>> efi_switch_mm() gets called concurrently from two different CPUs.
>>
>> Patch #1 removes an unnecessary #ifdef CONFIG_EFI guard from bios_uv.c.
>>
>> Patch #2 removes uv_bios_call_reentrant() because it's dead code.
>>
>> Patch #3 is a cleanup that drops test_bit() in favour of the ad hoc efi_enabled().
>>
>> Patch #4 makes uv_bios_call() variants use the efi_runtime_lock semaphore to
>> protect against concurrency.
>>
>> Cc: Russ Anderson <rja@....com>
>> Cc: Mike Travis <mike.travis@....com>
>> Cc: Dimitri Sivanich <sivanich@....com>
>> Cc: Steve Wahl <steve.wahl@....com>
>> Cc: stable@...r.kernel.org # v4.9+
>>
>> Hedi Berriche (4):
>>    x86/platform/UV: remove unnecessary #ifdef CONFIG_EFI
>>    x86/platform/UV: kill uv_bios_call_reentrant() as it has no callers
>>    x86/platform/UV: use efi_enabled() instead of test_bit()
>>    x86/platform/UV: use efi_runtime_lock to serialise BIOS calls
>>
>>   arch/x86/include/asm/uv/bios.h          | 13 ++++-----
>>   arch/x86/platform/uv/bios_uv.c          | 35 ++++++++++++++-----------
>>   drivers/firmware/efi/runtime-wrappers.c |  7 +++++
>>   3 files changed, 34 insertions(+), 21 deletions(-)
>>
>> -- 
>> 2.20.1
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ