| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Oct 2021 12:09:16 -0500
From: "Koralahalli Channabasappa, Smita" <skoralah@....com>
To: Borislav Petkov <bp@...en8.de>,
Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
Cc: x86@...nel.org, linux-edac@...r.kernel.org,
linux-kernel@...r.kernel.org, Tony Luck <tony.luck@...el.com>,
"H . Peter Anvin" <hpa@...or.com>, yazen.ghannam@....com
Subject: Re: [PATCH v2 1/5] x86/mce/inject: Check if a bank is unpopulated
before error injection
On 10/25/21 8:56 AM, Borislav Petkov wrote:
> On Tue, Oct 19, 2021 at 06:36:37PM -0500, Smita Koralahalli wrote:
>> The MCA_IPID register uniquely identifies a bank's type on Scalable MCA
>> (SMCA) systems. When an MCA bank is not populated, the MCA_IPID register
>> will read as zero and writes to it will be ignored.
>>
>> On a "hw" error injection check the value of this register before trying
>> to inject the error.
>>
>> Do not impose any limitation on a "sw" injection and allow the user to
>> test out all the decoding paths without relying on the available hardware,
>> as its purpose is to just test the code.
>>
>> Signed-off-by: Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
>> ---
>> v2:
>> simulate -> inject.
>> Corrected according to kernel commenting style.
>> boot_cpu_has() -> cpu_feature_enabled().
>> Error simulation not possible: Bank %llu unpopulated ->
>> Cannot set IPID - bank %llu unpopulated.
>> Used user provided IPID value on sw injection without checking
>> underlying hardware and defined it under inj_ipid_set().
>> ---
>> arch/x86/kernel/cpu/mce/inject.c | 39 +++++++++++++++++++++++++++++---
>> 1 file changed, 36 insertions(+), 3 deletions(-)
> So I gave it a critical look and did some modifications, see below.
> Looking at those IPID MSRs - they're all read-only, which means for !sw
> injection, all the module can do is check whether they're 0 - and fail
> injection in that case - and do the injection otherwise.
>
> Ok?
Yes, this looks more clearer. Thank you.
>
> ---
> From: Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
> Date: Tue, 19 Oct 2021 18:36:37 -0500
> Subject: [PATCH] x86/mce/inject: Check if a bank is populated before error
> injection
>
> The MCA_IPID register uniquely identifies a bank's type on Scalable MCA
> (SMCA) systems. When an MCA bank is not populated, the MCA_IPID register
> will read as zero and writes to it will be ignored.
>
> On a hw-type error injection (injection which writes the actual MCA
> registers in an attempt to cause a real MCE) check the value of this
> register before trying to inject the error.
>
> Do not impose any limitation on a sw-type injection (software-only
> injection) and allow the user to test out all the decoding paths without
> relying on the available hardware, as its purpose is to just test the
> code.
>
> [ bp: Heavily massage. ]
>
> Signed-off-by: Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
> Signed-off-by: Borislav Petkov <bp@...e.de>
> Link: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flkml.kernel.org%2Fr%2F20211019233641.140275-2-Smita.KoralahalliChannabasappa%40amd.com&data=04%7C01%7CSmita.KoralahalliChannabasappa%40amd.com%7C6da4cbaab660413d27a208d997bf48f1%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637707670099990329%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Jpecn9lg2XxdqhbLpMIxuSh%2BRA3eafMReXmdLI3SkfM%3D&reserved=0
> ---
> arch/x86/kernel/cpu/mce/inject.c | 42 +++++++++++++++++++++++++++++++-
> 1 file changed, 41 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/mce/inject.c b/arch/x86/kernel/cpu/mce/inject.c
> index 0bfc14041bbb..3333ae7886bd 100644
> --- a/arch/x86/kernel/cpu/mce/inject.c
> +++ b/arch/x86/kernel/cpu/mce/inject.c
> @@ -74,7 +74,6 @@ MCE_INJECT_SET(status);
> MCE_INJECT_SET(misc);
> MCE_INJECT_SET(addr);
> MCE_INJECT_SET(synd);
> -MCE_INJECT_SET(ipid);
>
> #define MCE_INJECT_GET(reg) \
> static int inj_##reg##_get(void *data, u64 *val) \
> @@ -95,6 +94,20 @@ DEFINE_SIMPLE_ATTRIBUTE(status_fops, inj_status_get, inj_status_set, "%llx\n");
> DEFINE_SIMPLE_ATTRIBUTE(misc_fops, inj_misc_get, inj_misc_set, "%llx\n");
> DEFINE_SIMPLE_ATTRIBUTE(addr_fops, inj_addr_get, inj_addr_set, "%llx\n");
> DEFINE_SIMPLE_ATTRIBUTE(synd_fops, inj_synd_get, inj_synd_set, "%llx\n");
> +
> +/* Use the user provided IPID value on a sw injection. */
> +static int inj_ipid_set(void *data, u64 val)
> +{
> + struct mce *m = (struct mce *)data;
> +
> + if (cpu_feature_enabled(X86_FEATURE_SMCA)) {
> + if (inj_type == SW_INJ)
> + m->ipid = val;
> + }
> +
> + return 0;
> +}
> +
> DEFINE_SIMPLE_ATTRIBUTE(ipid_fops, inj_ipid_get, inj_ipid_set, "%llx\n");
>
> static void setup_inj_struct(struct mce *m)
> @@ -577,6 +590,33 @@ static int inj_bank_set(void *data, u64 val)
> }
>
> m->bank = val;
> +
> + /*
> + * sw-only injection allows to write arbitrary values into the MCA registers
> + * because it tests only the decoding paths.
> + */
> + if (inj_type == SW_INJ)
> + goto inject;
> +
> + /*
> + * Read IPID value to determine if a bank is populated on the target
> + * CPU.
> + */
> + if (cpu_feature_enabled(X86_FEATURE_SMCA)) {
> + u64 ipid;
> +
> + if (rdmsrl_on_cpu(m->extcpu, MSR_AMD64_SMCA_MCx_IPID(val), &ipid)) {
> + pr_err("Error reading IPID on CPU%d\n", m->extcpu);
> + return -EINVAL;
> + }
> +
> + if (!ipid) {
> + pr_err("Cannot inject into bank %llu - it is unpopulated\n", val);
> + return -ENODEV;
> + }
> + }
> +
> +inject:
> do_inject();
>
> /* Reset injection struct */
Powered by blists - more mailing lists