| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mhng-cb081342-c17d-40ed-8ecb-b58fe259af2c@palmerdabbelt-glaptop1>
Date: Fri, 24 Jul 2020 22:12:41 -0700 (PDT)
From: Palmer Dabbelt <palmer@...belt.com>
To: Atish Patra <Atish.Patra@....com>
CC: linux-kernel@...r.kernel.org, Atish Patra <Atish.Patra@....com>,
aou@...s.berkeley.edu, Anup Patel <Anup.Patel@....com>,
greentime.hu@...ive.com, linux-riscv@...ts.infradead.org,
Paul Walmsley <paul.walmsley@...ive.com>, sudeep.holla@....com,
vincent.chen@...ive.com, zong.li@...ive.com
Subject: Re: [PATCH 3/4] RISC-V: Do not rely on initrd_start/end computed during early dt parsing
On Wed, 15 Jul 2020 16:30:08 PDT (-0700), Atish Patra wrote:
> Currently, initrd_start/end are computed during early_init_dt_scan
> but used during arch_setup. We will get the following panic if initrd is used
> and CONFIG_DEBUG_VIRTUAL is turned on.
>
> [ 0.000000] ------------[ cut here ]------------
> [ 0.000000] kernel BUG at arch/riscv/mm/physaddr.c:33!
> [ 0.000000] Kernel BUG [#1]
> [ 0.000000] Modules linked in:
> [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.8.0-rc4-00015-ged0b226fed02 #886
> [ 0.000000] epc: ffffffe0002058d2 ra : ffffffe0000053f0 sp : ffffffe001001f40
> [ 0.000000] gp : ffffffe00106e250 tp : ffffffe001009d40 t0 : ffffffe00107ee28
> [ 0.000000] t1 : 0000000000000000 t2 : ffffffe000a2e880 s0 : ffffffe001001f50
> [ 0.000000] s1 : ffffffe0001383e8 a0 : ffffffe00c087e00 a1 : 0000000080200000
> [ 0.000000] a2 : 00000000010bf000 a3 : ffffffe00106f3c8 a4 : ffffffe0010bf000
> [ 0.000000] a5 : ffffffe000000000 a6 : 0000000000000006 a7 : 0000000000000001
> [ 0.000000] s2 : ffffffe00106f068 s3 : ffffffe00106f070 s4 : 0000000080200000
> [ 0.000000] s5 : 0000000082200000 s6 : 0000000000000000 s7 : 0000000000000000
> [ 0.000000] s8 : 0000000080011010 s9 : 0000000080012700 s10: 0000000000000000
> [ 0.000000] s11: 0000000000000000 t3 : 000000000001fe30 t4 : 000000000001fe30
> [ 0.000000] t5 : 0000000000000000 t6 : ffffffe00107c471
> [ 0.000000] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003
> [ 0.000000] random: get_random_bytes called from print_oops_end_marker+0x22/0x46 with crng_init=0
>
> To avoid the error, initrd_start/end can be computed from phys_initrd_start/size
> in setup itself. It also improves the initrd placement by aligning the start
> and size with the page size.
>
> Fixes: 6435f773d81f (riscv: mm: add support for CONFIG_DEBUG_VIRTUAL)
> Signed-off-by: Atish Patra <atish.patra@....com>
> ---
> arch/riscv/mm/init.c | 33 +++++++++++++++++++++++++++------
> 1 file changed, 27 insertions(+), 6 deletions(-)
>
> diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c
> index 8d22973bde40..f818a47a72d1 100644
> --- a/arch/riscv/mm/init.c
> +++ b/arch/riscv/mm/init.c
> @@ -95,19 +95,40 @@ void __init mem_init(void)
> #ifdef CONFIG_BLK_DEV_INITRD
> static void __init setup_initrd(void)
> {
> + phys_addr_t start;
> unsigned long size;
>
> - if (initrd_start >= initrd_end) {
> - pr_info("initrd not found or empty");
> + /* Ignore the virtul address computed during device tree parsing */
> + initrd_start = initrd_end = 0;
> +
> + if (!phys_initrd_size)
> + return;
> + /*
> + * Round the memory region to page boundaries as per free_initrd_mem()
> + * This allows us to detect whether the pages overlapping the initrd
> + * are in use, but more importantly, reserves the entire set of pages
> + * as we don't want these pages allocated for other purposes.
> + */
> + start = round_down(phys_initrd_start, PAGE_SIZE);
> + size = phys_initrd_size + (phys_initrd_start - start);
> + size = round_up(size, PAGE_SIZE);
> +
> + if (!memblock_is_region_memory(start, size)) {
> + pr_err("INITRD: 0x%08llx+0x%08lx is not a memory region",
> + (u64)start, size);
> goto disable;
> }
> - if (__pa_symbol(initrd_end) > PFN_PHYS(max_low_pfn)) {
> - pr_err("initrd extends beyond end of memory");
> +
> + if (memblock_is_region_reserved(start, size)) {
> + pr_err("INITRD: 0x%08llx+0x%08lx overlaps in-use memory region\n",
> + (u64)start, size);
> goto disable;
> }
>
> - size = initrd_end - initrd_start;
> - memblock_reserve(__pa_symbol(initrd_start), size);
> + memblock_reserve(start, size);
> + /* Now convert initrd to virtual addresses */
> + initrd_start = (unsigned long)__va(phys_initrd_start);
> + initrd_end = initrd_start + phys_initrd_size;
> initrd_below_start_ok = 1;
>
> pr_info("Initial ramdisk at: 0x%p (%lu bytes)\n",
I'm going to put this one on fixes, but I don't think that's the right:
DEBUG_VIRTUAL just catches the bug, but as far as I can tell it's been there
since the beginning. I'm going to replace this with
Fixes: 76d2a0493a17 ("RISC-V: Init and Halt Code")
It's not going to apply back that far, but we can always backport it where it
fails.
Thanks!
Powered by blists - more mailing lists