Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp125154imu; Tue, 8 Jan 2019 16:03:40 -0800 (PST) X-Google-Smtp-Source: ALg8bN6FDazOp5g5Mx9kOhZfqWL4afq51imygGXcYaU33JvF1bt6kcZvrzvbj5upFaaBNS4VxwRQ X-Received: by 2002:a17:902:9887:: with SMTP id s7mr3727841plp.199.1546992219962; Tue, 08 Jan 2019 16:03:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546992219; cv=none; d=google.com; s=arc-20160816; b=alm//MfOMNygaSyX4yKrAcSJPEAApJIBYneGt8zmhsy3T1joI12tVZLiRGESw7YvRV Zk5rjDdUNaFwljGxatlpXSkhM46HC2HTPxjVdmHjE5Ri5aXk7cc7CnIm/Zsu4zxlGVjb um9lNZ9hXx/s4EZnuCjP5EyDTtngta5+c4VEo+v8jbgRLpiRopSLK6xaxZ6iL0Ch2iCj qLt704Vs/wwEnG5kXPc8olWIpC9eCsd0RSf3rxs3HPTHif7st5CyET64fvuI7Kf2iRum RSqcDNUgqhWp3uzYGRo+9dX+BbF+6ostHRevt2TjL+6PhLQQKRMFDRx7INQjBJCOBVOo CSIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=HtCFKH6WaKZLZfxKQl817UpJfz065Vj+MgIv87PvbVg=; b=B1XvufNA3DdbvF032G1IB2TQvHkUUlzksoMW3z4b7KWD1uHphb6D6EvHoSgyBR6+Mf 2KgbkJTjXwz5M4bbgfqWnvXsOPPgA38d7cm+5JFiBqrXM7FJvk3N6nHkx+yBXfywHrss H2OBKSMT4QF2Ff56P+YI//KdBrau06kReqNYDdP9ZB41ERw6IxyVhYGaM4IXhz0r+gjh Szqt18rhQ2CgzS2BGupXii9nEwS0abutf+D8M2tgxspN1/NIi4SvAn847K/uXAEBO5Ut gDG0Se3uiHrO1t8FRh1wPEITvZXCbl93L7ubbM53jXhR68itDt/oNPEUDENhoJVHy7Qe lt7Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=DJEWjO52; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i5si7230176pgn.243.2019.01.08.16.03.24; Tue, 08 Jan 2019 16:03:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=DJEWjO52; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729386AbfAIACS (ORCPT + 99 others); Tue, 8 Jan 2019 19:02:18 -0500 Received: from mail-oi1-f195.google.com ([209.85.167.195]:42679 "EHLO mail-oi1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728112AbfAIACR (ORCPT ); Tue, 8 Jan 2019 19:02:17 -0500 Received: by mail-oi1-f195.google.com with SMTP id w13so4864316oiw.9 for ; Tue, 08 Jan 2019 16:02:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HtCFKH6WaKZLZfxKQl817UpJfz065Vj+MgIv87PvbVg=; b=DJEWjO52Er7uAWcq5f9yaZGdclO5Coe/lpVRairTZyU8b58uNnjVA+bjFmNSVtOCiX dkDFvjSXa4q6aJsP198azW1ZT84oU7RH8lEhO/2S54zJHSB0W0YKmAm+GN8wjbVbWwFS W0pjsplZPZkCPUYRbKgC084WjvEIaaRUVtkAtVZFUCVKYBFr1WcBNk6eHu5U+/0O4kMo ry7Ja2dwnUEfnVyzh6RnZ9Em9pSav+8RkKuXtEQRuS/yjvvFlovN+O2YgC3acrk0KAH0 V1RoySpjUbgdHjmp0tSVhErOs3y/l6Dbg8BRlFS3xqCWHG9vDRw3UCzAZDUncxWm13La x60A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HtCFKH6WaKZLZfxKQl817UpJfz065Vj+MgIv87PvbVg=; b=jSFzmodc/rmXcXpMGreft3i+JR+cpqWkQqHNL7A0UJjvDhHZdhmwz/d5oIZYdJEWmz eeZro8yPuk7mcrfNyy8BAdo4a/+PKPppAdo5d0wp6IRKojnyhZGbu2mWSE/fY8Tee2Jn esiZlGpw3B3BLZC9u0KB2qMLEK96bd/6NiRBXC44Ios+nkrjsaaitH/H1k9gbydm240g wdCxLA574wfA2xPXgtCBCnhdkjdK0lrw73YYKT31jY1CehivfbfLK+PDzGpVKP6hsSwJ 7pdEo3mXlE0nF0k2nD0bXjpQA7H0J+2D6+BqgyhJJdtb57BskVv0gFX6PLGhdVurOOby NoYQ== X-Gm-Message-State: AJcUukdMfoFYuEeh2wV+eo75APB81WYgOYYhxBkTXltwmw76duuW4e+Z 4kc7PKBB8wIF0qXoVzUDfOMUhQL9rkiuSYEbM/k+/w== X-Received: by 2002:aca:d905:: with SMTP id q5mr2558283oig.0.1546992136616; Tue, 08 Jan 2019 16:02:16 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Dan Williams Date: Tue, 8 Jan 2019 16:02:05 -0800 Message-ID: Subject: Re: nvdimm crash at boot To: Kees Cook Cc: Dave Jiang , linux-nvdimm , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 8, 2019 at 3:55 PM Kees Cook wrote: > > On Tue, Jan 8, 2019 at 3:54 PM Dan Williams wrote: > > > > On Tue, Jan 8, 2019 at 3:34 PM Kees Cook wrote: > > > > > > On Tue, Jan 8, 2019 at 3:28 PM Dan Williams wrote: > > > > Ah, thanks for the report! The key difference is that you don't define > > > > a "label area", so the driver bails out early and never initializes > > > > the security state. > > > > > > > > This should fix it up. > > > > > > > > diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c > > > > index 4890310df874..636cdb06ee17 100644 > > > > --- a/drivers/nvdimm/dimm_devs.c > > > > +++ b/drivers/nvdimm/dimm_devs.c > > > > @@ -514,7 +514,7 @@ static umode_t nvdimm_visible(struct kobject > > > > *kobj, struct attribute *a, int n) > > > > > > > > if (a != &dev_attr_security.attr) > > > > return a->mode; > > > > - if (nvdimm->sec.state < 0) > > > > + if (!nvdimm->sec.ops || nvdimm->sec.state < 0) > > > > return 0; > > > > /* Are there any state mutation ops? */ > > > > if (nvdimm->sec.ops->freeze || nvdimm->sec.ops->disable > > > > > > Okay, cool. I wasn't sure if that test needed a deeper check. :) > > > > > > Fixes: 37833fb7989a9 ("acpi/nfit, libnvdimm: Add freeze security > > > support to Intel nvdimm") > > > Tested-by: Kees Cook > > > > > > > Actually, looking closer this should have been avoided by the fact > > that __nvdimm_create() initializes the security state early and that > > nvdimm->sec.state should have saved us. > > > > I'll dig a bit deeper with your qemu config. > > Maybe something goes weird with pstore stealing the region? No, pstore is off the hook. I was just able to reproduce locally and I'm not doing anything with pstore.