lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <mhng-cb081342-c17d-40ed-8ecb-b58fe259af2c@palmerdabbelt-glaptop1>
Date:   Fri, 24 Jul 2020 22:12:41 -0700 (PDT)
From:   Palmer Dabbelt <palmer@...belt.com>
To:     Atish Patra <Atish.Patra@....com>
CC:     linux-kernel@...r.kernel.org, Atish Patra <Atish.Patra@....com>,
        aou@...s.berkeley.edu, Anup Patel <Anup.Patel@....com>,
        greentime.hu@...ive.com, linux-riscv@...ts.infradead.org,
        Paul Walmsley <paul.walmsley@...ive.com>, sudeep.holla@....com,
        vincent.chen@...ive.com, zong.li@...ive.com
Subject:     Re: [PATCH 3/4] RISC-V: Do not rely on initrd_start/end computed during early dt parsing

On Wed, 15 Jul 2020 16:30:08 PDT (-0700), Atish Patra wrote:
> Currently, initrd_start/end are computed during early_init_dt_scan
> but used during arch_setup. We will get the following panic if initrd is used
> and CONFIG_DEBUG_VIRTUAL is turned on.
>
> [    0.000000] ------------[ cut here ]------------
> [    0.000000] kernel BUG at arch/riscv/mm/physaddr.c:33!
> [    0.000000] Kernel BUG [#1]
> [    0.000000] Modules linked in:
> [    0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.8.0-rc4-00015-ged0b226fed02 #886
> [    0.000000] epc: ffffffe0002058d2 ra : ffffffe0000053f0 sp : ffffffe001001f40
> [    0.000000]  gp : ffffffe00106e250 tp : ffffffe001009d40 t0 : ffffffe00107ee28
> [    0.000000]  t1 : 0000000000000000 t2 : ffffffe000a2e880 s0 : ffffffe001001f50
> [    0.000000]  s1 : ffffffe0001383e8 a0 : ffffffe00c087e00 a1 : 0000000080200000
> [    0.000000]  a2 : 00000000010bf000 a3 : ffffffe00106f3c8 a4 : ffffffe0010bf000
> [    0.000000]  a5 : ffffffe000000000 a6 : 0000000000000006 a7 : 0000000000000001
> [    0.000000]  s2 : ffffffe00106f068 s3 : ffffffe00106f070 s4 : 0000000080200000
> [    0.000000]  s5 : 0000000082200000 s6 : 0000000000000000 s7 : 0000000000000000
> [    0.000000]  s8 : 0000000080011010 s9 : 0000000080012700 s10: 0000000000000000
> [    0.000000]  s11: 0000000000000000 t3 : 000000000001fe30 t4 : 000000000001fe30
> [    0.000000]  t5 : 0000000000000000 t6 : ffffffe00107c471
> [    0.000000] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003
> [    0.000000] random: get_random_bytes called from print_oops_end_marker+0x22/0x46 with crng_init=0
>
> To avoid the error, initrd_start/end can be computed from phys_initrd_start/size
> in setup itself. It also improves the initrd placement by aligning the start
> and size with the page size.
>
> Fixes: 6435f773d81f (riscv: mm: add support for CONFIG_DEBUG_VIRTUAL)
> Signed-off-by: Atish Patra <atish.patra@....com>
> ---
>  arch/riscv/mm/init.c | 33 +++++++++++++++++++++++++++------
>  1 file changed, 27 insertions(+), 6 deletions(-)
>
> diff --git a/arch/riscv/mm/init.c b/arch/riscv/mm/init.c
> index 8d22973bde40..f818a47a72d1 100644
> --- a/arch/riscv/mm/init.c
> +++ b/arch/riscv/mm/init.c
> @@ -95,19 +95,40 @@ void __init mem_init(void)
>  #ifdef CONFIG_BLK_DEV_INITRD
>  static void __init setup_initrd(void)
>  {
> +	phys_addr_t start;
>  	unsigned long size;
>
> -	if (initrd_start >= initrd_end) {
> -		pr_info("initrd not found or empty");
> +	/* Ignore the virtul address computed during device tree parsing */
> +	initrd_start = initrd_end = 0;
> +
> +	if (!phys_initrd_size)
> +		return;
> +	/*
> +	 * Round the memory region to page boundaries as per free_initrd_mem()
> +	 * This allows us to detect whether the pages overlapping the initrd
> +	 * are in use, but more importantly, reserves the entire set of pages
> +	 * as we don't want these pages allocated for other purposes.
> +	 */
> +	start = round_down(phys_initrd_start, PAGE_SIZE);
> +	size = phys_initrd_size + (phys_initrd_start - start);
> +	size = round_up(size, PAGE_SIZE);
> +
> +	if (!memblock_is_region_memory(start, size)) {
> +		pr_err("INITRD: 0x%08llx+0x%08lx is not a memory region",
> +		       (u64)start, size);
>  		goto disable;
>  	}
> -	if (__pa_symbol(initrd_end) > PFN_PHYS(max_low_pfn)) {
> -		pr_err("initrd extends beyond end of memory");
> +
> +	if (memblock_is_region_reserved(start, size)) {
> +		pr_err("INITRD: 0x%08llx+0x%08lx overlaps in-use memory region\n",
> +		       (u64)start, size);
>  		goto disable;
>  	}
>
> -	size = initrd_end - initrd_start;
> -	memblock_reserve(__pa_symbol(initrd_start), size);
> +	memblock_reserve(start, size);
> +	/* Now convert initrd to virtual addresses */
> +	initrd_start = (unsigned long)__va(phys_initrd_start);
> +	initrd_end = initrd_start + phys_initrd_size;
>  	initrd_below_start_ok = 1;
>
>  	pr_info("Initial ramdisk at: 0x%p (%lu bytes)\n",

I'm going to put this one on fixes, but I don't think that's the right:
DEBUG_VIRTUAL just catches the bug, but as far as I can tell it's been there
since the beginning.  I'm going to replace this with

Fixes: 76d2a0493a17 ("RISC-V: Init and Halt Code")

It's not going to apply back that far, but we can always backport it where it
fails.

Thanks!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ