| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Jun 2021 19:10:07 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Lukasz Majczak <lma@...ihalf.com>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>, x86@...nel.org,
jgross@...e.com, mbenes@...e.com, linux-kernel@...r.kernel.org,
upstream@...ihalf.com,
Radosław Biernacki <rad@...ihalf.com>,
Łukasz Bartosik <lb@...ihalf.com>,
Guenter Roeck <groeck@...gle.com>
Subject: Re: [PATCH v3 16/16] objtool,x86: Rewrite retpoline thunk calls
On Wed, Jun 02, 2021 at 06:56:51PM +0200, Peter Zijlstra wrote:
> On Wed, Jun 02, 2021 at 05:51:01PM +0200, Lukasz Majczak wrote:
> > Hi Peter,
> >
> > This patch seems to crash on Tigerlake platform (Chromebook delbin), I
> > got the following error:
> >
> > [ 2.103054] pcieport 0000:00:1c.0: PME: Signaling with IRQ 122
> > [ 2.110148] pcieport 0000:00:1c.0: pciehp: Slot #7 AttnBtn-
> > PwrCtrl- MRL- AttnInd- PwrInd- HotPlug+ Surprise+ Interlock- NoCompl+
> > IbPresDis- LLActRep+
> > [ 2.126754] pcieport 0000:00:1d.0: PME: Signaling with IRQ 123
> > [ 2.133946] ACPI: \_SB_.CP00: Found 3 idle states
> > [ 2.139708] BUG: kernel NULL pointer dereference, address: 000000000000012b
> > [ 2.140704] #PF: supervisor read access in kernel mode
> > [ 2.140704] #PF: error_code(0x0000) - not-present page
> > [ 2.140704] PGD 0 P4D 0
> > [ 2.140704] Oops: 0000 [#1] PREEMPT SMP NOPTI
> > [ 2.140704] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G U
> > 5.13.0-rc1 #31
> > [ 2.140704] Hardware name: Google Delbin/Delbin, BIOS
> > Google_Delbin.13672.156.3 05/14/2021
> > [ 2.140704] RIP: 0010:cpuidle_poll_time+0x9/0x6a
> > [ 2.140704] Code: 44 00 00 85 f6 78 19 55 48 89 e5 48 8b 05 16 44
> > 44 01 4c 8b 58 40 4d 85 db 5d 41 ff d3 66 90 00 c3 0f 1f 44 00 00 55
> > 48 89 e5 <48> 8b 46 20 48 85 c0 75 56 4c 63 87 28 04 00 00 b8 24 f49
>
> All code
> ========
> 0: 44 00 00 add %r8b,(%rax)
> 3: 85 f6 test %esi,%esi
> 5: 78 19 js 0x20
> 7: 55 push %rbp
> 8: 48 89 e5 mov %rsp,%rbp
> b: 48 8b 05 16 44 44 01 mov 0x1444416(%rip),%rax # 0x1444428
> 12: 4c 8b 58 40 mov 0x40(%rax),%r11
> 16: 4d 85 db test %r11,%r11
> 19: 5d pop %rbp
> 1a: 41 ff d3 callq *%r11
> 1d: 66 90 xchg %ax,%ax
> 1f: 00 c3 add %al,%bl
> 21: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
> 26: 55 push %rbp
> 27: 48 89 e5 mov %rsp,%rbp
> 2a:* 48 8b 46 20 mov 0x20(%rsi),%rax <-- trapping instruction
> 2e: 48 85 c0 test %rax,%rax
> 31: 75 56 jne 0x89
> 33: 4c 63 87 28 04 00 00 movslq 0x428(%rdi),%r8
> 3a: b8 .byte 0xb8
> 3b: 24 49 and $0x49,%al
>
> What does something like:
>
> OBJ=vmlinux.o FUNC=0010:cpuidle_poll_time objdump -wdr $@ $OBJ | awk "/^\$/ { P=0; } /$FUNC[^>]*>:\$/ { P=1; O=strtonum(\"0x\" \$1); } { if (P) { o=strtonum(\"0x\" \$1); printf(\"%04x \", o-O); print \$0; } }"
>
> look like for that build?
I'm being daft; we build debug stuff for this.
Can you please do something like:
$ touch drivers/cpuidle/cpuidle.c
$ OBJTOOL_ARGS="--backup" make drivers/cpuidle/cpuidle.o
and send me both: drivers/cpuidle/cpuidle.o{,.orig}
Powered by blists - more mailing lists