lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 25 May 2020 13:40:45 +0300
From:   Mike Rapoport <rppt@...ux.ibm.com>
To:     kernel test robot <lkp@...el.com>,
        Andrew Morton <akpm@...ux-foundation.org>
Cc:     LKP <lkp@...ts.01.org>, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        x86@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: 379706875d ("x86/mm: simplify init_trampoline() and .."): BUG:
 kernel reboot-without-warning in boot stage

On Mon, May 25, 2020 at 08:21:58AM +0800, kernel test robot wrote:
> Greetings,
> 
> 0day kernel testing robot got the below dmesg and the first bad commit is
> 
> https://github.com/0day-ci/linux/commits/Mike-Rapoport/mm-consolidate-definitions-of-page-table-accessors/20200513-025551
> 
> commit 379706875d28bf7fc90b067355981de242b7bff1
> Author:     Mike Rapoport <rppt@...ux.ibm.com>
> AuthorDate: Tue May 12 21:44:17 2020 +0300
> Commit:     0day robot <lkp@...el.com>
> CommitDate: Wed May 13 02:55:59 2020 +0800
> 
>     x86/mm: simplify init_trampoline() and surrounding logic
>     
>     There are three cases for the trampoline initialization:
>     * 32-bit does nothing
>     * 64-bit with kaslr disabled simply copies a PGD entry from the direct map
>       to the trampoline PGD
>     * 64-bit with kaslr enabled maps the real mode trampoline at PUD level
>     
>     These cases are currently differentiated by a bunch of ifdefs inside
>     asm/include/pgtable.h and the case of 64-bits with kaslr on uses
>     pgd_index() helper.
>     
>     Replacing the ifdefs with a static function in arch/x86/mm/init.c gives
>     clearer code and allows moving pgd_index() to the generic implementation in
>     include/linux/pgtable.h
>     
>     Signed-off-by: Mike Rapoport <rppt@...ux.ibm.com>
> 
> 7cc33e59db  m68k/mm: move {cache,nocahe}_page() definitions close to their user
> 379706875d  x86/mm: simplify init_trampoline() and surrounding logic
> 6498f3f0af  mm: consolidate pgd_index() and pgd_offset{_k}() definitions
> +----------------------------------------------------------------------------+------------+------------+------------+
> |                                                                            | 7cc33e59db | 379706875d | 6498f3f0af |
> +----------------------------------------------------------------------------+------------+------------+------------+
> | boot_successes                                                             | 0          | 0          | 0          |
> | boot_failures                                                              | 50         | 17         | 21         |

The patch below fixes this. Its generated vs v5.7-rc6-mmots-2020-05-22-22-39.

>From e8877945b2a0b56861e9a263df9d1bc84f792210 Mon Sep 17 00:00:00 2001
From: Mike Rapoport <rppt@...ux.ibm.com>
Date: Mon, 25 May 2020 12:18:21 +0300
Subject: [PATCH] x86/kaslr: take CONFIG_RANDOMIZE_MEMORY into account in kaslr_enabled()

Until refactoring of the init_trampoline(), kaslr_enabled() was used only
inside '#ifdef CONFIG_RANDOMIZE_MEMORY' and reported only the state of the
command line override.

The simplification of init_trampoline() made kaslr_enabled() visible for
builds with CONFIG_RANDOMIZE_MEMORY=n and in this case it will return true
if the randomization was not disabled on the command line.

This in turn will call a dummy init_trampoline_kaslr() instead of setting
trampline_pgd_entry directly.

As the result, the kernel reboots while starting the secondary CPUs, e.g.
kernel test bot reported:

...
[    0.244628] Performance Events: unsupported p6 CPU model 60 no PMU driver, software events only.
[    0.244993] rcu: Hierarchical SRCU implementation.
[    0.245617] smp: Bringing up secondary CPUs ...
[    0.247388] x86: Booting SMP configuration:
BUG: kernel reboot-without-warning in boot stage

Adding a check for IS_ENABLED(CONFIG_RANDOMIZE_MEMORY) to kaslr_enabled()
resolves the issue.

Signed-off-by: Mike Rapoport <rppt@...ux.ibm.com>
Reported-by: kbuild test robot <lkp@...el.com>
---
 arch/x86/include/asm/setup.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/setup.h b/arch/x86/include/asm/setup.h
index d95cacf210bb..84b645cc8bc9 100644
--- a/arch/x86/include/asm/setup.h
+++ b/arch/x86/include/asm/setup.h
@@ -75,7 +75,8 @@ extern char _text[];
 
 static inline bool kaslr_enabled(void)
 {
-	return !!(boot_params.hdr.loadflags & KASLR_FLAG);
+	return IS_ENABLED(CONFIG_RANDOMIZE_MEMORY) &&
+		!!(boot_params.hdr.loadflags & KASLR_FLAG);
 }
 
 /*
-- 
2.26.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ