lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 19 Jul 2023 05:13:02 +0000
From:   Vasant Hegde <vasant.hegde@....com>
To:     <tglx@...utronix.de>, <linux-kernel@...r.kernel.org>
CC:     <x86@...nel.org>, <dave.hansen@...ux.intel.com>, <bp@...en8.de>,
        <mingo@...hat.com>, Vasant Hegde <vasant.hegde@....com>,
        "Dheeraj Kumar Srivastava" <dheerajkumar.srivastava@....com>
Subject: [PATCH] x86/smp: Validate APIC ID before parking CPU in INIT

Below commit is causing kexec to hang in certain scenarios with >255 CPUs.

Reproduce steps:
  - We are using 2 socket system with 384 CPUs
  - Booting first kernel with kernel command line intremap=off
    This disabled x2apic in kernel and booted with apic mode
  - During kexec it tries to send INIT to all CPUs except boot CPU
    If APIC ID is 0x100 (like in our case) then it will send CPU0
    to INIT mode and system hangs (in APIC mode DEST field is 8bit)

Fix this issue by adding apic->apic_id_valid() check before sending
INIT sequence.

Fixes: 45e34c8af58f ("x86/smp: Put CPUs into INIT on shutdown if possible")
Reported-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@....com>
Tested-by: Dheeraj Kumar Srivastava <dheerajkumar.srivastava@....com>
Signed-off-by: Vasant Hegde <vasant.hegde@....com>
---
 arch/x86/kernel/smpboot.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
index e1aa2cd7734b..e5ca0689c4dd 100644
--- a/arch/x86/kernel/smpboot.c
+++ b/arch/x86/kernel/smpboot.c
@@ -1360,7 +1360,7 @@ bool smp_park_other_cpus_in_init(void)
 		if (cpu == this_cpu)
 			continue;
 		apicid = apic->cpu_present_to_apicid(cpu);
-		if (apicid == BAD_APICID)
+		if (apicid == BAD_APICID || !apic->apic_id_valid(apicid))
 			continue;
 		send_init_sequence(apicid);
 	}
-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ