lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250109-shapeless-maize-clam-895db6@leitao>
Date: Thu, 9 Jan 2025 09:45:08 -0800
From: Breno Leitao <leitao@...ian.org>
To: Ard Biesheuvel <ardb@...nel.org>
Cc: Gregory Price <gourry@...rry.net>, Usama Arif <usamaarif642@...il.com>,
	linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
	kernel-team@...a.com
Subject: Re: [PATCH 3/3] efi/memattr: Include EFI memmap size in corruption
 warnings

On Thu, Jan 09, 2025 at 03:48:56PM +0100, Ard Biesheuvel wrote:
> On Tue, 7 Jan 2025 at 13:05, Breno Leitao <leitao@...ian.org> wrote:
> > On Tue, Jan 07, 2025 at 12:24:03PM +0100, Ard Biesheuvel wrote:


> > We are seeing a bunch of `Corrupted EFI Memory Attributes Table
> > detected!` in the Meta fleet, and this is something we are
> > investigating.
> >
> > We highly think this is related to some kexec overwrites, and when we
> > get here, the EFI table is completely garbage. I haven't seen this
> > problem on cold boot.
> >
> 
> It likely means the memory is not reserved correctly.
> 
> Could you check whether this
> 
> --- a/drivers/firmware/efi/memattr.c
> +++ b/drivers/firmware/efi/memattr.c
> @@ -56,7 +56,7 @@ int __init efi_memattr_init(void)
>         }
> 
>         tbl_size = sizeof(*tbl) + size;
> -       memblock_reserve(efi_mem_attr_table, tbl_size);
> +       efi_mem_reserve(efi_mem_attr_table, tbl_size);
>         set_bit(EFI_MEM_ATTR, &efi.flags);
> 
>  unmap:
> 
> 
> makes any difference?

It doesn't seem so. This is how I tested it.

I've cherry-picked it on top of Linus' master eea6e4b4dfb8 ("Merge tag
'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi"), 
and booted a system with this kernel.

>From cold boot, we never see any firmware bug (as usual). Then I kexec
the same kernel, and then I got the problem twice (I tested it 2 times
and same results):

	[    0.000000] APIC: Static calls initialized
	[    0.000000] e820: update [mem 0x107fff9400-0x107fff940f] usable ==> usable
	[    0.000000] e820: update [mem 0x107fff93e0-0x107fff93ff] usable ==> usable
	[    0.000000] e820: update [mem 0x107fff9370-0x107fff93df] usable ==> usable
	[    0.000000] extended physical RAM map:
	[    0.000000] reserve setup_data: [mem 0x0000000000000000-0x000000000009ffff] usable
	[    0.000000] reserve setup_data: [mem 0x00000000000a0000-0x00000000000fffff] reserved
	[    0.000000] reserve setup_data: [mem 0x0000000000100000-0x0000000069cd5fff] usable
	[    0.000000] reserve setup_data: [mem 0x0000000069cd6000-0x000000006bdd5fff] reserved
	[    0.000000] reserve setup_data: [mem 0x000000006bdd6000-0x000000006be90fff] ACPI data
	[    0.000000] reserve setup_data: [mem 0x000000006be91000-0x000000006c9eafff] ACPI NVS
	[    0.000000] reserve setup_data: [mem 0x000000006c9eb000-0x000000006ebedfff] reserved
	[    0.000000] reserve setup_data: [mem 0x000000006ebee000-0x000000006fffffff] usable
	[    0.000000] reserve setup_data: [mem 0x0000000070000000-0x000000008fffffff] reserved
	[    0.000000] reserve setup_data: [mem 0x00000000fd000000-0x00000000fe7fffff] reserved
	[    0.000000] reserve setup_data: [mem 0x00000000fed20000-0x00000000fed44fff] reserved
	[    0.000000] reserve setup_data: [mem 0x00000000ff000000-0x00000000ffffffff] reserved
	[    0.000000] reserve setup_data: [mem 0x0000000100000000-0x000000107fff936f] usable
	[    0.000000] reserve setup_data: [mem 0x000000107fff9370-0x000000107fff940f] usable
	[    0.000000] reserve setup_data: [mem 0x000000107fff9410-0x000000107fffffff] usable
	[    0.000000] efi: EFI v2.6 by American Megatrends
	[    0.000000] efi: ACPI 2.0=0x6c61e000 ACPI=0x6c61e000 TPMFinalLog=0x6c9b9000 SMBIOS=0x6e69d000 SMBIOS 3.0=0x6e69c000 MEMATTR=0x64ef1018 ESRT=0x67dc9918 TPMEventLog=0x6be8e018
	[    0.000000] efi: memattr: [Firmware Bug]: Corrupted EFI Memory Attributes Table detected! (version == 1, desc_size == 48, num_entries == 50)
	[    0.000000] efi: Remove mem00: MMIO range=[0xff000000-0xffffffff] (16MB) from e820 map
	[    0.000000] e820: remove [mem 0xff000000-0xffffffff] reserved
	[    0.000000] efi: Not removing mem01: MMIO range=[0xfed20000-0xfed44fff] (148KB) from e820 map
	[    0.000000] efi: Remove mem02: MMIO range=[0xfd000000-0xfe7fffff] (24MB) from e820 map
	[    0.000000] e820: remove [mem 0xfd000000-0xfe7fffff] reserved
	[    0.000000] efi: Remove mem03: MMIO range=[0x80000000-0x8fffffff] (256MB) from e820 map
	[    0.000000] e820: remove [mem 0x80000000-0x8fffffff] reserved
	[    0.000000] SMBIOS 3.1.1 present.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ