lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <169806575453.3135.14265994538914502918.tip-bot2@tip-bot2>
Date:   Mon, 23 Oct 2023 12:55:54 -0000
From:   "tip-bot2 for Zhiquan Li" <tip-bot2@...utronix.de>
To:     linux-tip-commits@...r.kernel.org
Cc:     Youquan Song <youquan.song@...el.com>,
        Zhiquan Li <zhiquan1.li@...el.com>,
        "Borislav Petkov (AMD)" <bp@...en8.de>,
        Naoya Horiguchi <naoya.horiguchi@....com>, x86@...nel.org,
        linux-kernel@...r.kernel.org
Subject: [tip: ras/core] x86/mce: Mark fatal MCE's page as poison to avoid
 panic in the kdump kernel

The following commit has been merged into the ras/core branch of tip:

Commit-ID:     1d11b153d23b5fd131d4ea125ff23c9e8ebc98ab
Gitweb:        https://git.kernel.org/tip/1d11b153d23b5fd131d4ea125ff23c9e8ebc98ab
Author:        Zhiquan Li <zhiquan1.li@...el.com>
AuthorDate:    Mon, 23 Oct 2023 12:22:37 +08:00
Committer:     Borislav Petkov (AMD) <bp@...en8.de>
CommitterDate: Mon, 23 Oct 2023 14:53:13 +02:00

x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel

Memory errors don't happen very often, especially fatal ones. However,
in large-scale scenarios such as data centers, that probability
increases with the amount of machines present.

When a fatal machine check happens, mce_panic() is called based on the
severity grading of that error. The page containing the error is not
marked as poison.

However, when kexec is enabled, tools like makedumpfile understand when
pages are marked as poison and do not touch them so as not to cause
a fatal machine check exception again while dumping the previous
kernel's memory.

Therefore, mark the page containing the error as poisoned so that the
kexec'ed kernel can avoid accessing the page.

  [ bp: Rewrite commit message and comment. ]

Co-developed-by: Youquan Song <youquan.song@...el.com>
Signed-off-by: Youquan Song <youquan.song@...el.com>
Signed-off-by: Zhiquan Li <zhiquan1.li@...el.com>
Signed-off-by: Borislav Petkov (AMD) <bp@...en8.de>
Reviewed-by: Naoya Horiguchi <naoya.horiguchi@....com>
Link: https://lore.kernel.org/r/20231014051754.3759099-1-zhiquan1.li@intel.com
---
 arch/x86/kernel/cpu/mce/core.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/arch/x86/kernel/cpu/mce/core.c b/arch/x86/kernel/cpu/mce/core.c
index 0214d42..a25e692 100644
--- a/arch/x86/kernel/cpu/mce/core.c
+++ b/arch/x86/kernel/cpu/mce/core.c
@@ -44,6 +44,7 @@
 #include <linux/sync_core.h>
 #include <linux/task_work.h>
 #include <linux/hardirq.h>
+#include <linux/kexec.h>
 
 #include <asm/intel-family.h>
 #include <asm/processor.h>
@@ -233,6 +234,7 @@ static noinstr void mce_panic(const char *msg, struct mce *final, char *exp)
 	struct llist_node *pending;
 	struct mce_evt_llist *l;
 	int apei_err = 0;
+	struct page *p;
 
 	/*
 	 * Allow instrumentation around external facilities usage. Not that it
@@ -286,6 +288,18 @@ static noinstr void mce_panic(const char *msg, struct mce *final, char *exp)
 	if (!fake_panic) {
 		if (panic_timeout == 0)
 			panic_timeout = mca_cfg.panic_timeout;
+
+		/*
+		 * Kdump skips the poisoned page in order to avoid
+		 * touching the error bits again. Poison the page even
+		 * if the error is fatal and the machine is about to
+		 * panic.
+		 */
+		if (kexec_crash_loaded()) {
+			p = pfn_to_online_page(final->addr >> PAGE_SHIFT);
+			if (final && (final->status & MCI_STATUS_ADDRV) && p)
+				SetPageHWPoison(p);
+		}
 		panic(msg);
 	} else
 		pr_emerg(HW_ERR "Fake kernel panic: %s\n", msg);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ