lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALu+AoSnA4323QbQG7wrNptosz7tfEfztsE1=o6G=FaLbQ_tKQ@mail.gmail.com>
Date: Tue, 4 Jun 2024 09:23:58 +0800
From: Dave Young <dyoung@...hat.com>
To: Mike Rapoport <rppt@...nel.org>
Cc: Borislav Petkov <bp@...en8.de>, "Kalra, Ashish" <ashish.kalra@....com>, tglx@...utronix.de, 
	mingo@...hat.com, dave.hansen@...ux.intel.com, x86@...nel.org, 
	rafael@...nel.org, hpa@...or.com, peterz@...radead.org, 
	adrian.hunter@...el.com, sathyanarayanan.kuppuswamy@...ux.intel.com, 
	jun.nakajima@...el.com, rick.p.edgecombe@...el.com, thomas.lendacky@....com, 
	michael.roth@....com, seanjc@...gle.com, kai.huang@...el.com, bhe@...hat.com, 
	kirill.shutemov@...ux.intel.com, bdas@...hat.com, vkuznets@...hat.com, 
	dionnaglaze@...gle.com, anisinha@...hat.com, jroedel@...e.de, ardb@...nel.org, 
	kexec@...ts.infradead.org, linux-coco@...ts.linux.dev, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec

On Mon, 3 Jun 2024 at 23:33, Mike Rapoport <rppt@...nel.org> wrote:
>
> On Mon, Jun 03, 2024 at 04:46:39PM +0200, Borislav Petkov wrote:
> > On Mon, Jun 03, 2024 at 09:01:49AM -0500, Kalra, Ashish wrote:
> > > If we skip efi_arch_mem_reserve() (which should probably be anyway skipped
> > > for kexec case), then for kexec boot, EFI memmap is memremapped in the same
> > > virtual address as the first kernel and not the allocated memblock address.
> >
> > Are you saying that we should simply do
> >
> > diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
> > index fdf07dd6f459..410cb0743289 100644
> > --- a/drivers/firmware/efi/efi.c
> > +++ b/drivers/firmware/efi/efi.c
> > @@ -577,6 +577,9 @@ void __init efi_mem_reserve(phys_addr_t addr, u64 size)
> >       if (WARN_ON_ONCE(efi_enabled(EFI_PARAVIRT)))
> >               return;
> >
> > +     if (kexec_in_progress)
> > +             return;
> > +

kexec_in_progress is only for checking if this is in a reboot (kexec) code path.
But eif_mem_reserve is only called during the boot time so checking
kexec_in_progress is meaningless here.
current_kernel_is_booted_via_kexec != is_rebooting_with_kexec

The code change below in the patch looks good to me, but I'm not sure
what caused the memory corruption, it indeed worth some more digging,
maybe SEV/SNP related.
+       if (md.attribute & EFI_MEMORY_RUNTIME)
+               return;

Thanks
Dave


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ