| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241125100815.2512-1-dwmw2@infradead.org>
Date: Mon, 25 Nov 2024 09:54:30 +0000
From: David Woodhouse <dwmw2@...radead.org>
To: kexec@...ts.infradead.org
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
x86@...nel.org,
"H. Peter Anvin" <hpa@...or.com>,
David Woodhouse <dwmw@...zon.co.uk>,
"Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
Kai Huang <kai.huang@...el.com>,
Nikolay Borisov <nik.borisov@...e.com>,
linux-kernel@...r.kernel.org,
Simon Horman <horms@...nel.org>,
Dave Young <dyoung@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
jpoimboe@...nel.org,
bsz@...zon.de
Subject: [RFC PATCH v3 00/20] x86/kexec: Add exception handling for relocate_kernel and further yak-shaving
Debugging kexec failures is painful, as anything going wrong in execution
of the critical relocate_kernel() function tends to just lead to a triple
fault. Thus leading to *weeks* of my life that I won't get back. Having
hacked something up for my own use, I figured I should share it...
Add a CONFIG_KEXEC_DEBUG option which sets up a trivial exception handler
in that environment, and outputs to the early_printk serial console if
configured. Currently only I/O-based 8250 serial ports are supported, but
that could be extended.
While we're here, clean the code up a little and fix some other problems.
Most notably, load a suitable GDT on the way back into the kernel after a
KEXEC_PRESERVE_CONTEXT invocation instead of trusting the called code to
do so. And explicitly map the control_code_page into the identmap used by
relocate_kernel() instead of depending on it being in the same superpage
as something else that gets mapped.
I should probably bring the i386 version into line with this, although
the lack of rip-based addressing makes all the PIC code a bit harder.
David Woodhouse (20):
x86/kexec: Ensure control_code_page is mapped in kexec page tables
x86/kexec: Restore GDT on return from preserve_context kexec
x86/kexec: Clean up and document register use in relocate_kernel_64.S
x86/kexec: Use named labels in swap_pages in relocate_kernel_64.S
x86/kexec: Only swap pages for preserve_context mode
x86/kexec: Allocate PGD for x86_64 transition page tables separately
x86/kexec: Copy control page into place in machine_kexec_prepare()
x86/kexec: Invoke copy of relocate_kernel() instead of the original
x86/kexec: Move relocate_kernel to kernel .data section
x86/kexec: Add data section to relocate_kernel
x86/kexec: Drop page_list argument from relocate_kernel()
x86/kexec: Eliminate writes through kernel mapping of relocate_kernel page
x86/kexec: Clean up register usage in relocate_kernel()
x86/kexec: Mark relocate_kernel page as ROX instead of RWX
x86/kexec: Add CONFIG_KEXEC_DEBUG option
x86/kexec: Debugging support: load a GDT
x86/kexec: Debugging support: Load an IDT and basic exception entry points
x86/kexec: Debugging support: Dump registers on exception
x86/kexec: Add 8250 serial port output
[DO NOT MERGE] x86/kexec: Add int3 in kexec path for testing
arch/x86/Kconfig.debug | 8 +
arch/x86/include/asm/kexec.h | 34 +++-
arch/x86/include/asm/sections.h | 1 +
arch/x86/kernel/callthunks.c | 6 +
arch/x86/kernel/early_printk.c | 6 +
arch/x86/kernel/machine_kexec_64.c | 127 ++++++++----
arch/x86/kernel/relocate_kernel_64.S | 385 +++++++++++++++++++++++++++--------
arch/x86/kernel/vmlinux.lds.S | 16 +-
Powered by blists - more mailing lists