lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230810150706.GA42856@dev-arch.thelio-3990X>
Date:   Thu, 10 Aug 2023 08:07:06 -0700
From:   Nathan Chancellor <nathan@...nel.org>
To:     Borislav Petkov <bp@...en8.de>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org, llvm@...ts.linux.dev
Subject: Re: Hang when booting guest kernels compiled with clang after SRSO
 mitigations

On Thu, Aug 10, 2023 at 04:43:44PM +0200, Borislav Petkov wrote:
> On Thu, Aug 10, 2023 at 06:40:56AM -0700, Nathan Chancellor wrote:
> Linux version 6.5.0-rc5+ (root@vh) (gcc (Debian 10.2.1-3) 10.2.1 20201224, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Thu Aug 10 16:13:54 CEST 2023
> 
> ...
> 
> [    0.083541] Speculative Return Stack Overflow: Mitigation: safe RET

I just tried

  Linux version 6.5.0-rc5-00039-g138bcddb86d8 (nathan@...-arch.thelio-3990X) (x86_64-linux-gcc (GCC) 10.4.0, GNU ld (GNU Binutils) 2.39) #1 SMP PREEMPT_DYNAMIC Thu Aug 10 07:48:28 MST 2023

  [    0.000259] Speculative Return Stack Overflow: Mitigation: safe RET

on the host...

> [    0.000000] Linux version 6.5.0-rc5 (root@vh) (Debian clang version 14.0.6, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Thu Aug 10 13:22:30 CEST 2023

with

  [    0.000000] Linux version 6.5.0-rc5 (nathan@...trobox-6Sw1jticKJ.thelio-3990X) (Debian clang version 14.0.6, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Thu Aug 10 07:58:56 MST 2023

in the guest and I see the same problem.

> Guest and host are up and running.
> 
> There's something else missing.

Configuration difference? Here is the one from the most recent build:

https://gist.github.com/nathanchance/2d7ad0b9440a6a2ec5ba0b88e3e673a9

Is there any other information that could be relevant here? My microcode
version according to dmesg, in case that matters.

  [    2.408527] microcode: microcode updated early to new patch_level=0x0830107a

Is that machine Zen 2? I see this issue on my Ryzen 3 4300G as well,
which is also Zen 2.

> Your host gcc is 13, maybe I should update...

Seems like I can reproduce it with earlier versions of GCC (and I could
reproduce it with clang) so it does not seem like it is toolchain
related on the host side but might be interesting to test.

I just use https://mirrors.edge.kernel.org/pub/tools/crosstool/ for easy
access to multiple versions.

Cheers,
Nathan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ