lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <760c96da-a8da-49be-bc4e-b82a8b2a1623@suse.com>
Date: Wed, 28 May 2025 10:57:59 +0200
From: Jürgen Groß <jgross@...e.com>
To: Xin Li <xin@...or.com>, Zijlstra Peter <peterz@...radead.org>
Cc: Gupta Pawan <pawan.kumar.gupta@...ux.intel.com>,
 linux-kernel@...r.kernel.org, x86@...nel.org,
 Hansen Dave <dave.hansen@...ux.intel.com>, alexandre.chartre@...cle.com,
 Andrew Cooper <andrew.cooper3@...rix.com>, Zhang Tao1 <tao1.zhang@...el.com>
Subject: Re: [Bug Report] Linux v6.15-rc7 boot failure on Xen-4.17

On 28.05.25 10:26, Xin Li wrote:
> On 5/28/2025 12:27 AM, Xin Li wrote:
>> On 5/27/2025 11:49 PM, Juergen Gross wrote:
>>> On 28.05.25 07:11, Jürgen Groß wrote:
>>>> On 27.05.25 21:29, Andrew Cooper wrote:
>>>>> On 27/05/2025 8:21 pm, Xin Li wrote:
>>>>>>> On May 27, 2025, at 11:36 AM, Jürgen Groß <jgross@...e.com> wrote:
>>>>>>>
>>>>>>> On 27.05.25 19:54, Xin Li wrote:
>>>>>>>> On 5/27/2025 10:46 AM, Pawan Gupta wrote:
>>>>>>>>>> Attached is the serial console log and my kernel config.
>>>>>>>>> Serial logs aren't telling much. I do not have a Xen setup to test, 
>>>>>>>>> without
>>>>>>>>> Xen the config that you provided is booting a KVM guest just fine.
>>>>>>>> Yeah, as I replied to Juergen, the same kernel binary boots fine as
>>>>>>>> "native".
>>>>>>>> Unfortunately when booting as dom0 on Xen, it keeps rebooting w/o
>>>>>>>> helpful log.
>>>>>>> What about booting Xen on bare metal, i.e. no KVM being involved?
>>>>>> The same exact problem happens on Intel Simics.  And I got to see it’s a 
>>>>>> NX page fault in dom0 kernel during apply alternatives.
>>>>>
>>>>> In which case it's likely that there's an opencoded PTE update, rather
>>>>> than using the hooks (which are suitably paravirt'd).
>>>>
>>>> I'd suspect a bug when NOT using 2M pages for execmem.
>>>>
>>>> I'll have a look.
>>>
>>> Could you have a try using "nohugevmalloc" dom0 kernel boot parameter?
>>>
>>
>> Tried in a KVM guest, still the same problem, and nothing new in the
>> serial log.
> 
> Attached is a dom0 log with stack traces.
> 
> But I really did NOT change anything to make it happen...

Thanks.

I think this might be related to Xen not advertising X86_FEATURE_PSE.

This will use PAGE_KERNEL page protection for execmem_alloc() page protection,
while with X86_FEATURE_PSE PAGE_KERNEL_ROX is being used.

For the kernel (so not in a module) there is no execmem_restore_rox() call
involved, so the NX bit will be kept for kernel side ITS thunks.

Peter, can you confirm my suspicion?


Juergen

Download attachment "OpenPGP_0xB0DE9DD628BF132F.asc" of type "application/pgp-keys" (3684 bytes)

Download attachment "OpenPGP_signature.asc" of type "application/pgp-signature" (496 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ