| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <A08760B5-0E1A-4D21-8621-73516D1D67F0@zytor.com>
Date: Mon, 07 Apr 2025 07:38:59 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Kevin Koster <lkml@...ertech.com>, Borislav Petkov <bp@...en8.de>
CC: Thomas Gleixner <tglx@...utronix.de>, Oerg866 <oerg866@...glemail.com>,
linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org
Subject: Re: [PATCH] x86/microcode: Fix crashes on early 486 CPUs due to usage of 'cpuid'.
On April 7, 2025 7:21:50 AM PDT, Kevin Koster <lkml@...ertech.com> wrote:
>On Mon, 7 Apr 2025 12:29:27 +0200
>Borislav Petkov <bp@...en8.de> wrote:
>
>> On Mon, Apr 07, 2025 at 09:58:48AM +1000, Kevin Koster wrote:
>> > But I like to know Linux really works on the hardware it's built
>> > for,
>>
>> I don't know what that means.
>
>To rephrase: I like knowing that "CONFIG_M486=y" works, in the kernel
>configuration. If not, then I know to use other OSs if I want to boot a
>486.
>
>> > and I'm not much better, writing this now on a Pentium 1.
>>
>> Lemme guess: this is your main machine you use for daily work?
>
>For email/news every morning, then a (newer) laptop afterwards.
>
>> > > - if (dis_ucode_ldr || c->x86_vendor != X86_VENDOR_AMD || c->x86 < 0x10)
>> > > + if (microcode_loader_disabled() || c->x86_vendor != X86_VENDOR_AMD || c->x86 < 0x10)
>> > return 0;
>> >
>> > Still fails unless the native_cpuid_eax(1) call is moved under
>> > here. After that change, it boots fine.
>>
>> Please show me with a diff what you're doing because I don't know
>> what you mean.
>
>OK, this is the change I made after applying your patch:
>
>--- a/arch/x86/kernel/cpu/microcode/amd.c
>+++ b/arch/x86/kernel/cpu/microcode/amd.c
>@@ -1093,7 +1093,7 @@
>
> static int __init save_microcode_in_initrd(void)
> {
>- unsigned int cpuid_1_eax = native_cpuid_eax(1);
>+ unsigned int cpuid_1_eax;
> struct cpuinfo_x86 *c = &boot_cpu_data;
> struct cont_desc desc = { 0 };
> enum ucode_state ret;
>@@ -1102,6 +1102,8 @@
> if (microcode_loader_disabled() || c->x86_vendor != X86_VENDOR_AMD || c->x86 < 0x10)
> return 0;
>
>+ cpuid_1_eax = native_cpuid_eax(1);
>+
> if (!find_blobs_in_containers(&cp))
> return -EINVAL;
>
>> I did this:
>>
>> bool have_cpuid_p(void)
>> {
>> return false;
>> }
>>
>> in order to simulate no CPUID support but my 32-bit guest boots fine.
>
>It's detecting no CPUID support on 486 CPUs OK, however
>save_microcode_in_initrd() uses CPUID before checking if it is
>supported.
>
>> Also, send a full dmesg from that machine so that I can try to
>> reproduce here.
>
>This is with your latest patch applied, without my above change:
>
>No EFI environment detected.
>early console in extract_kernel
>input_data: 0x007d1094
>input_len: 0x005aa603
>output: 0x00100000
>output_len: 0x00bb42d8
>kernel_total_size: 0x00c9a000
>needed_size: 0x00c9a000
>
>Decompressing Linux... Parsing ELF... No relocation needed... done.
>Booting the kernel (entry_offset: 0x00751e00).
>Linux version 6.14.0 (cnk2@...ertech) (gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #3 SMP Sun Apr 6 21:54:11 UTC 2025
>BIOS-provided physical RAM map:
>BIOS-e820: [mem 0x0000000000000000-0x0000000000004c1f] usable
>BIOS-e820: [mem 0x0000000000004c20-0x000000000000501f] reserved
>BIOS-e820: [mem 0x0000000000005020-0x000000000009ffff] usable
>BIOS-e820: [mem 0x00000000000f5a3c-0x00000000000fffff] reserved
>BIOS-e820: [mem 0x0000000000100000-0x00000000013fffff] usable
>BIOS-e820: [mem 0x00000000ffff5a3c-0x00000000ffffffff] reserved
>printk: legacy console [earlyser0] enabled
>printk: debug: ignoring loglevel setting.
>Notice: NX (Execute Disable) protection missing in CPU!
>APIC: Static calls initialized
>DMI not present or invalid.
>e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
>e820: remove [mem 0x000a0000-0x000fffff] usable
>last_pfn = 0x1400 max_arch_pfn = 0x100000
>MTRRs disabled (not available)
>x86/PAT: PAT not supported by the CPU.
>x86/PAT: Configuration [0-7]: WB WT UC- UC WB WT UC- UC
>initial memory mapped: [mem 0x00000000-0x00ffffff]
>0MB HIGHMEM available.
>20MB LOWMEM available.
> mapped low ram: 0 - 01400000
> low ram: 0 - 01400000
>Zone ranges:
> DMA [mem 0x0000000000001000-0x0000000000ffffff]
> Normal [mem 0x0000000001000000-0x00000000013fffff]
> HighMem empty
>Movable zone start for each node
>Early memory node ranges
> node 0: [mem 0x0000000000001000-0x0000000000003fff]
> node 0: [mem 0x0000000000006000-0x000000000009ffff]
> node 0: [mem 0x0000000000100000-0x00000000013fffff]
>Initmem setup node 0 [mem 0x0000000000001000-0x00000000013fffff]
>On node 0, zone DMA: 1 pages in unavailable ranges
>On node 0, zone DMA: 2 pages in unavailable ranges
>On node 0, zone DMA: 96 pages in unavailable ranges
>No local APIC present or hardware disabled
>APIC: disable apic facility
>APIC: Switched APIC routing to: noop
>CPU topo: Max. logical packages: 1
>CPU topo: Max. logical dies: 1
>CPU topo: Max. dies per package: 1
>CPU topo: Max. threads per core: 1
>CPU topo: Num. cores per package: 1
>CPU topo: Num. threads per package: 1
>CPU topo: Allowing 1 present CPUs plus 0 hotplug CPUs
>PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
>PM: hibernation: Registered nosave memory: [mem 0x00004000-0x00004fff]
>PM: hibernation: Registered nosave memory: [mem 0x00005000-0x00005fff]
>PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000f5fff]
>PM: hibernation: Registered nosave memory: [mem 0x000f6000-0x000fffff]
>[mem 0x01400000-0xffff5a3b] available for PCI devices
>Booting paravirtualized kernel on bare hardware
>clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 6370452778343963 ns
>setup_percpu: NR_CPUS:8 nr_cpumask_bits:1 nr_cpu_ids:1 nr_node_ids:1
>percpu: Embedded 30 pages/cpu s91852 r0 d31028 u122880
>pcpu-alloc: s91852 r0 d31028 u122880 alloc=30*4096
>pcpu-alloc: [0] 0
>Kernel command line: root=/dev/sda3 rw base udev.children-max=1 acpi=off earlyprintk=ttyS0,115200,keep ignore_loglevel BOOT_IMAGE=614-4864
>Unknown kernel command line parameters "base BOOT_IMAGE=614-4864", will be passed to user space.
>printk: log buffer data + meta data: 131072 + 409600 = 540672 bytes
>Dentry cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
>Inode-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
>Built 1 zonelists, mobility grouping on. Total pages: 5021
>mem auto-init: stack:off, heap alloc:off, heap free:off
>Initializing HighMem for node 0 (00000000:00000000)
>Checking if this processor honours the WP bit even in supervisor mode...Ok.
>SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
>rcu: Hierarchical RCU implementation.
>rcu: RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=1.
> Tracing variant of Tasks RCU enabled.
>rcu: RCU calculated value of scheduler-enlistment delay is 30 jiffies.
>rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
>RCU Tasks Trace: Setting shift to 0 and lim to 1 rcu_task_cb_adjust=1 rcu_task_cpu_ids=1.
>NR_IRQS: 2304, nr_irqs: 32, preallocated irqs: 16
>rcu: srcu_init: Setting srcu_struct sizes based on contention.
>Console: colour VGA+ 80x60
>printk: legacy console [tty0] enabled
>APIC: Keep in PIC mode(8259)
>Calibrating delay loop... 30.96 BogoMIPS (lpj=51136)
>Last level iTLB entries: 4KB 0, 2MB 0, 4MB 0
>Last level dTLB entries: 4KB 0, 2MB 0, 4MB 0, 1GB 0
>x86/fpu: Probing for FPU: FSW=0x0000 FCW=0x037f
>x86/fpu: x87 FPU will use FSAVE
>Freeing SMP alternatives memory: 24K
>pid_max: default: 32768 minimum: 301
>Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
>Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
>smpboot: SMP disabled
>Performance Events: no PMU driver, software events only.
>signal: max sigframe size: 928
>Oops: invalid opcode: 0000 [#1] SMP
>CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.14.0 #3
>EIP: 0xc0b5e1da
>Code: 7d dc 00 74 0b b9 07 00 00 00 89 df b0 01 f3 a5 83 c4 1c 5b 5e 5f 5d c3 55 b8 01 00 00 00 89 e5 57 56 31 f6 53 89 f1 83 ec 30 <0f> a2 b9 04 00 00 00 89 45 c4 8d 7d c8 89 f0 f3 ab e8 3c fb ff ff
>EAX: 00000001 EBX: c0be6b00 ECX: 00000000 EDX: 00000246
>ESI: 00000000 EDI: 00000000 EBP: c1309f08 ESP: c1309ecc
>DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010286
>CR0: 80050033 CR2: ffd38000 CR3: 00c16000 CR4: 00000000
>Call Trace:
> ? 0xc01231af
> ? 0xc01231c8
> ? 0xc0123222
> ? 0xc0123245
> ? 0xc01215ef
> ? 0xc01217f7
> ? 0xc0b5e1da
> ? 0xc0848e09
> ? 0xc012186f
> ? 0xc0b5e1da
> ? 0xc0848e41
> ? 0xc010105d
> ? 0xc01500d8
> ? 0xc0848e09
> ? 0xc0b5e1da
> ? 0xc01500d8
> ? 0xc0848e09
> ? 0xc0b5e1da
> ? 0xc085148a
> ? 0xc0524da8
> ? 0xc0b5e1c8
> 0xc0102100
> ? 0xc08514d5
> ? 0xc085148a
> ? 0xc0171bde
> ? 0xc0175987
> ? 0xc016d672
> 0xc0b4c9e2
> ? 0xc084c9b8
> 0xc084c9ca
> 0xc0127d3a
> ? 0xc084c9b8
> 0xc01027a2
> 0xc0100e3d
>Modules linked in:
>---[ end trace 0000000000000000 ]---
>EIP: 0xc0b5e1da
>Code: 7d dc 00 74 0b b9 07 00 00 00 89 df b0 01 f3 a5 83 c4 1c 5b 5e 5f 5d c3 55 b8 01 00 00 00 89 e5 57 56 31 f6 53 89 f1 83 ec 30 <0f> a2 b9 04 00 00 00 89 45 c4 8d 7d c8 89 f0 f3 ab e8 3c fb ff ff
>EAX: 00000001 EBX: c0be6b00 ECX: 00000000 EDX: 00000246
>ESI: 00000000 EDI: 00000000 EBP: c1309f08 ESP: c1309ecc
>DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010286
>CR0: 80050033 CR2: ffd38000 CR3: 00c16000 CR4: 00000000
>Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
>Rebooting in 60 seconds..
Can you please not post stack traces without any symbol information either internal or external? It is just random hex digits in the absence of a System.map or vmlinux file.
Powered by blists - more mailing lists