| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20191031071345.GA17248@nazgul.tnic>
Date: Thu, 31 Oct 2019 08:13:45 +0100
From: Borislav Petkov <bp@...en8.de>
To: Lianbo Jiang <lijiang@...hat.com>
Cc: linux-kernel@...r.kernel.org, tglx@...utronix.de, mingo@...hat.com,
hpa@...or.com, x86@...nel.org, bhe@...hat.com, dyoung@...hat.com,
jgross@...e.com, dhowells@...hat.com, Thomas.Lendacky@....com,
ebiederm@...ssion.com, vgoyal@...hat.com, d.hatayama@...itsu.com,
horms@...ge.net.au, kexec@...ts.infradead.org
Subject: Re: [PATCH 1/2 RESEND v8] x86/kdump: always reserve the low 1M when
the crashkernel option is specified
On Thu, Oct 31, 2019 at 11:35:16AM +0800, Lianbo Jiang wrote:
> Kdump kernel will reuse the first 640k region because the real mode
> trampoline has to work in this area. When the vmcore is dumped, the
> old memory in this area may be accessed, therefore, kernel has to
> copy the contents of the first 640k area to a backup region so that
> kdump kernel can read the old memory from the backup area of the
> first 640k area, which is done in the purgatory().
>
> But, the current handling of copying the first 640k area runs into
> problems when SME is enabled, kernel does not properly copy these
> old memory to the backup area in the purgatory(), thereby, kdump
> kernel reads out the encrypted contents, because the kdump kernel
> must access the first kernel's memory with the encryption bit set
> when SME is enabled in the first kernel. Please refer to this link:
>
> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=204793
>
> Finally, it causes the following errors, and the crash tool gets
> invalid pointers when parsing the vmcore.
>
> crash> kmem -s|grep -i invalid
> kmem: dma-kmalloc-512: slab:ffffd77680001c00 invalid freepointer:a6086ac099f0c5a4
> kmem: dma-kmalloc-512: slab:ffffd77680001c00 invalid freepointer:a6086ac099f0c5a4
> crash>
>
> To avoid the above errors, when the crashkernel option is specified,
> lets reserve the remaining low 1M memory(after reserving real mode
> memory) so that the allocated memory does not fall into the low 1M
> area, which makes us not to copy the first 640k content to a backup
> region in purgatory(). This indicates that it does not need to be
> included in crash dumps or used for anything except the processor
> trampolines that must live in the low 1M.
>
> Signed-off-by: Lianbo Jiang <lijiang@...hat.com>
> Reported-by: kbuild test robot <lkp@...el.com>
Please do not merge a 0day bot fix with another patch of yours which
does not cause it in the first place. When you look at this patch alone,
what do you think the Reported-by tag means, if anything at all?
Also, it is not a "RESEND" if you change them. You can call them v8.1 or
whatever to denote that the change is small.
Also, do not send v9 or v8.1 or whatever, immediately but wait for other
reviews. You have sent these patches 4(!) times in this week alone. How
would you feel if I hammer your inbox with patches on a daily basis?
You can read
https://www.kernel.org/doc/html/latest/process/submitting-patches.html
in the meantime, especially section
"9) Don't get discouraged - or impatient"
while waiting.
Thx.
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
Powered by blists - more mailing lists