lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAK8P3a2BQQOZS0wbFVWm6HjmZZMKLGn6EruhDuFJi6kvv8UwWA@mail.gmail.com>
Date:   Mon, 15 Mar 2021 12:11:36 +0100
From:   Arnd Bergmann <arnd@...db.de>
To:     John Garry <john.garry@...wei.com>
Cc:     Dmitry Vyukov <dvyukov@...gle.com>,
        Mark Rutland <mark.rutland@....com>,
        Marc Zyngier <maz@...nel.org>, Will Deacon <will@...nel.org>,
        Ard Biesheuvel <ardb@...nel.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        syzkaller <syzkaller@...glegroups.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Peter Maydell <peter.maydell@...aro.org>,
        Alex Bennée <alex.bennee@...aro.org>,
        Jiahui Cen <cenjiahui@...wei.com>
Subject: Re: arm64 syzbot instances

On Mon, Mar 15, 2021 at 11:29 AM John Garry <john.garry@...wei.com> wrote:
> On 15/03/2021 10:01, Dmitry Vyukov wrote:
> > On Mon, Mar 15, 2021 at 10:45 AM John Garry<john.garry@...wei.com>  wrote:
> >>>> It does not happen too often on syzbot so far, so let's try to do the
> >>>> right thing first.
> >>>> I've filed:https://bugs.launchpad.net/qemu/+bug/1918917
> >>>> with a link to this thread. To be fair, I don't fully understand what
> >>>> I am talking about, I hope I proxied your description properly.
> >>> Thanks, looks good. I provided a little more detail in a comment there.
> >>>
> >>>           Arnd
> >>> .
> >>>
> >>   From looking at the bug report, my impression is that this is a qemu
> >> issue, as the logical IO space is mapped to the PCI host bridge IO
> >> space, and qemu does not handle accesses to that CPU addressable region
> >> at all. As Arnd said.
> >>
> >> However, we really should not be accessing logical IO ports 0 or 0x2f8
> >> at all via ttyS3 if not enumerated from PCI device at that logical IO
> >> port. That is what I think anyway, as who knows what device - if any -
> >> really exists at that location. That is why I had this patch to just
> >> stop accesses to legacy IO port regions on arm64:
> >>
> >> https://lore.kernel.org/lkml/1610729929-188490-2-git-send-email-john.garry@huawei.com/
> > Hi John,
> >
> > Thanks for the info.
> >
> > The patch is from January, but it's not merged yet, right?
> > It will fix the crash we see, right?
>
> It's not merged, and it probably would solve this issue. But following
> discussion with Arnd when it was originally posted, I still need to do
> some analysis whether it is the proper thing to do.

Right, it might be something we decide to do in order to intentionally
break legacy ISA devices, but I don't think that patch should be necessary
as a bugfix, given that the same devices on x86 just work.

I think Huawei and some others have a BMC on either a PCI port or
an LPC bridge, with PC style device emulation for things that might
include VGA, serial, keyboard/mouse, RTC, IPMI, or ATAPI CDROM.

In a properly designed system, these should all be described by the
firmware if present, but today they should still work even if the firmware
does not describe them (provided the driver looks at the correct address,
which the 8250 driver did not).

         Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ