lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <234133bc-e90a-e4e7-b128-017d61005603@amd.com>
Date:   Mon, 25 Oct 2021 12:09:16 -0500
From:   "Koralahalli Channabasappa, Smita" <skoralah@....com>
To:     Borislav Petkov <bp@...en8.de>,
        Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
Cc:     x86@...nel.org, linux-edac@...r.kernel.org,
        linux-kernel@...r.kernel.org, Tony Luck <tony.luck@...el.com>,
        "H . Peter Anvin" <hpa@...or.com>, yazen.ghannam@....com
Subject: Re: [PATCH v2 1/5] x86/mce/inject: Check if a bank is unpopulated
 before error injection

On 10/25/21 8:56 AM, Borislav Petkov wrote:
> On Tue, Oct 19, 2021 at 06:36:37PM -0500, Smita Koralahalli wrote:
>> The MCA_IPID register uniquely identifies a bank's type on Scalable MCA
>> (SMCA) systems. When an MCA bank is not populated, the MCA_IPID register
>> will read as zero and writes to it will be ignored.
>>
>> On a "hw" error injection check the value of this register before trying
>> to inject the error.
>>
>> Do not impose any limitation on a "sw" injection and allow the user to
>> test out all the decoding paths without relying on the available hardware,
>> as its purpose is to just test the code.
>>
>> Signed-off-by: Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
>> ---
>> v2:
>> 	simulate -> inject.
>> 	Corrected according to kernel commenting style.
>> 	boot_cpu_has() -> cpu_feature_enabled().
>> 	Error simulation not possible: Bank %llu unpopulated ->
>> 	Cannot set IPID - bank %llu unpopulated.
>> 	Used user provided IPID value on sw injection without checking
>> 	underlying hardware and defined it under inj_ipid_set().
>> ---
>>   arch/x86/kernel/cpu/mce/inject.c | 39 +++++++++++++++++++++++++++++---
>>   1 file changed, 36 insertions(+), 3 deletions(-)
> So I gave it a critical look and did some modifications, see below.
> Looking at those IPID MSRs - they're all read-only, which means for !sw
> injection, all the module can do is check whether they're 0 - and fail
> injection in that case - and do the injection otherwise.
>
> Ok?

Yes, this looks more clearer. Thank you.

>
> ---
> From: Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
> Date: Tue, 19 Oct 2021 18:36:37 -0500
> Subject: [PATCH] x86/mce/inject: Check if a bank is populated before error
>   injection
>
> The MCA_IPID register uniquely identifies a bank's type on Scalable MCA
> (SMCA) systems. When an MCA bank is not populated, the MCA_IPID register
> will read as zero and writes to it will be ignored.
>
> On a hw-type error injection (injection which writes the actual MCA
> registers in an attempt to cause a real MCE) check the value of this
> register before trying to inject the error.
>
> Do not impose any limitation on a sw-type injection (software-only
> injection) and allow the user to test out all the decoding paths without
> relying on the available hardware, as its purpose is to just test the
> code.
>
>   [ bp: Heavily massage. ]
>
> Signed-off-by: Smita Koralahalli <Smita.KoralahalliChannabasappa@....com>
> Signed-off-by: Borislav Petkov <bp@...e.de>
> Link: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Flkml.kernel.org%2Fr%2F20211019233641.140275-2-Smita.KoralahalliChannabasappa%40amd.com&amp;data=04%7C01%7CSmita.KoralahalliChannabasappa%40amd.com%7C6da4cbaab660413d27a208d997bf48f1%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637707670099990329%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=Jpecn9lg2XxdqhbLpMIxuSh%2BRA3eafMReXmdLI3SkfM%3D&amp;reserved=0
> ---
>   arch/x86/kernel/cpu/mce/inject.c | 42 +++++++++++++++++++++++++++++++-
>   1 file changed, 41 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/mce/inject.c b/arch/x86/kernel/cpu/mce/inject.c
> index 0bfc14041bbb..3333ae7886bd 100644
> --- a/arch/x86/kernel/cpu/mce/inject.c
> +++ b/arch/x86/kernel/cpu/mce/inject.c
> @@ -74,7 +74,6 @@ MCE_INJECT_SET(status);
>   MCE_INJECT_SET(misc);
>   MCE_INJECT_SET(addr);
>   MCE_INJECT_SET(synd);
> -MCE_INJECT_SET(ipid);
>   
>   #define MCE_INJECT_GET(reg)						\
>   static int inj_##reg##_get(void *data, u64 *val)			\
> @@ -95,6 +94,20 @@ DEFINE_SIMPLE_ATTRIBUTE(status_fops, inj_status_get, inj_status_set, "%llx\n");
>   DEFINE_SIMPLE_ATTRIBUTE(misc_fops, inj_misc_get, inj_misc_set, "%llx\n");
>   DEFINE_SIMPLE_ATTRIBUTE(addr_fops, inj_addr_get, inj_addr_set, "%llx\n");
>   DEFINE_SIMPLE_ATTRIBUTE(synd_fops, inj_synd_get, inj_synd_set, "%llx\n");
> +
> +/* Use the user provided IPID value on a sw injection. */
> +static int inj_ipid_set(void *data, u64 val)
> +{
> +	struct mce *m = (struct mce *)data;
> +
> +	if (cpu_feature_enabled(X86_FEATURE_SMCA)) {
> +		if (inj_type == SW_INJ)
> +			m->ipid = val;
> +	}
> +
> +	return 0;
> +}
> +
>   DEFINE_SIMPLE_ATTRIBUTE(ipid_fops, inj_ipid_get, inj_ipid_set, "%llx\n");
>   
>   static void setup_inj_struct(struct mce *m)
> @@ -577,6 +590,33 @@ static int inj_bank_set(void *data, u64 val)
>   	}
>   
>   	m->bank = val;
> +
> +	/*
> +	 * sw-only injection allows to write arbitrary values into the MCA registers
> +	 * because it tests only the decoding paths.
> +	 */
> +	if (inj_type == SW_INJ)
> +		goto inject;
> +
> +	/*
> +	 * Read IPID value to determine if a bank is populated on the target
> +	 * CPU.
> +	 */
> +	if (cpu_feature_enabled(X86_FEATURE_SMCA)) {
> +		u64 ipid;
> +
> +		if (rdmsrl_on_cpu(m->extcpu, MSR_AMD64_SMCA_MCx_IPID(val), &ipid)) {
> +			pr_err("Error reading IPID on CPU%d\n", m->extcpu);
> +			return -EINVAL;
> +		}
> +
> +		if (!ipid) {
> +			pr_err("Cannot inject into bank %llu - it is unpopulated\n", val);
> +			return -ENODEV;
> +		}
> +	}
> +
> +inject:
>   	do_inject();
>   
>   	/* Reset injection struct */


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ