lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <YwD+rZ/7zDPCmlRI@zn.tnic>
Date:   Sat, 20 Aug 2022 17:33:01 +0200
From:   Borislav Petkov <bp@...en8.de>
To:     Russ Dill <russ.dill@...il.com>
Cc:     linux-kernel@...r.kernel.org,
        Tom Lendacky <thomas.lendacky@....com>,
        Ingo Molnar <mingo@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Yinghai Lu <yinghai@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        "H . Peter Anvin" <hpa@...or.com>, x86@...nel.org
Subject: Re: [PATCH] x86/boot: Fail gracefully if SMP MP-table early_memremap
 fails

On Fri, Aug 19, 2022 at 03:44:00PM -0700, Russ Dill wrote:
> At least one older motherboard (Micronics W6-LI Pentium Pro) has been
> observed to fill in the physptr but not actually populate the mpc when
> only one CPU is present. In this specific case, this leads to the size
> field being zero which causes early_memremap to fail. This then
> causes a NULL pointer exception in smp_read_mpc.
> 
> Add a simple return check. Returning -1 here will cause the MP-table to
> be ignored and the system to boot in nosmp mode.
> 
> Signed-off-by: Russ Dill <Russ.Dill@...il.com>
> Cc: Tom Lendacky <thomas.lendacky@....com>
> Cc: Ingo Molnar <mingo@...nel.org>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Yinghai Lu <yinghai@...nel.org>
> Cc: Dave Hansen <dave.hansen@...ux.intel.com>
> Cc: H. Peter Anvin <hpa@...or.com>
> Cc: x86@...nel.org
> ---
>  arch/x86/kernel/mpparse.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/kernel/mpparse.c b/arch/x86/kernel/mpparse.c
> index fed721f90116..ca2af4f42cb8 100644
> --- a/arch/x86/kernel/mpparse.c
> +++ b/arch/x86/kernel/mpparse.c
> @@ -438,6 +438,10 @@ static int __init check_physptr(struct mpf_intel *mpf, unsigned int early)
>  
>  	size = get_mpc_size(mpf->physptr);

If the size is 0, why aren't you checking size and returning early here
instead of the early_memremap() result which gets called with size=0?

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ