Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp135951imu; Tue, 8 Jan 2019 16:17:46 -0800 (PST) X-Google-Smtp-Source: ALg8bN4Jxc4M2b6pX+hCL534555QsIdYk6RuMGRyM8oLUL1guDJw8tIhiKT41iTnjocp9k27AVg8 X-Received: by 2002:a17:902:f64:: with SMTP id 91mr3873273ply.132.1546993066459; Tue, 08 Jan 2019 16:17:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546993066; cv=none; d=google.com; s=arc-20160816; b=iAFKtt8T1sTG11/dCbE2v5EaiSU9iwUw8W3KGhbh8jpj3EYWuV9ayPlQSdtA2LsxII 3GqZ4B8Ms78HYhrdsIJNPNuH8tCU2vWCcvFcOASgJD4EGIXWZR6sr6lXhUo3jhNkG+SQ 325EvcQssCRg8jhY84/FKeA1eQF3SYVL/UqpFuTOrLCczYbLzULqYFwtB9lUO61VOsz6 LqNPCX5DqunvNgrLvjvSEpJUEdG7u0omXXYFqUK5MvYgWfW57lCc7EqLJZiZ+A2jSaue Xhokdp9DrNl4Xnqwda+VPlc3m5GD6pcsTRO0FxwEHhPqEaKvGF8D2M2RLC7zWGUhl3EA SY+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=h1d7kvfyQjpYlDnRDcTNxvOWfIXsTE/6Wx43wfl7W3g=; b=PM6+owSDIkLNHoQaaf5KbbsrL5voqWxSXFe67olKdAVxbLJsTUtyaQAoLyBSHhBC7X zichSAOtn8PVdwVq1WYgcvHkVcAFLXE1YOf6YCuLiECrjWN+4WaQaqTbGGzKWh7Y95qu o69TvPp0vpJzuPycANcSpVi40BfZjzIZe/u9Wa7AHoW3j7sYUr3Pir7x7xPufX150AcY U4dqhWD9R6Bn7QD+v5Z7IPCanNaqxMPTpOqAVmBJ4TFpEWTUB4NMQZOMEy4XdgYrEXqG 91WSW1Diz7B2Ush8ZXy+Ck5iQa9cSrFPnCmCe0iiO4I20QWKi7CMVAD7yVAU7F7XPm4k ohaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="J/OKHInW"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o32si28649711pld.407.2019.01.08.16.17.30; Tue, 08 Jan 2019 16:17:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="J/OKHInW"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729191AbfAHXz6 (ORCPT + 99 others); Tue, 8 Jan 2019 18:55:58 -0500 Received: from mail-vk1-f195.google.com ([209.85.221.195]:39524 "EHLO mail-vk1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728569AbfAHXz5 (ORCPT ); Tue, 8 Jan 2019 18:55:57 -0500 Received: by mail-vk1-f195.google.com with SMTP id s184so1286138vkd.6 for ; Tue, 08 Jan 2019 15:55:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=h1d7kvfyQjpYlDnRDcTNxvOWfIXsTE/6Wx43wfl7W3g=; b=J/OKHInWaowlLNK667YQYNdPnWnowa2zjcfLn42grgsD2x0BoGU2A1g+oaCymVBG9t I5Djr84efZ+6jAD0cUuDIbHSkf/deF5a1G5PgmUvgHjAcn/jWiLH5QBIPwaVX/Ig0UUW 2ojcnt7E2ENbcbi3h1jfKLvAYr7JMrLEqiUzc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=h1d7kvfyQjpYlDnRDcTNxvOWfIXsTE/6Wx43wfl7W3g=; b=Gg4SdXzQ0h9MddK806aFDBP33c9ih5h74/i9C83wA9OY7y6l2JO8644fq3cGqixmGk kIyLqDQduiCnxwvx30YUGBQQ8YfEUI7yE9EcVm/mR75PSBHrcQkaCtFpvpwX7UYhwOeD az0vM08r4cI1wbG4Wmmgxx5FyMxSc9ZHAhuyN1zZFGdvPPhF0H9UnyxjLON44YR9Nj/k 5di33FrPrfSird/Ck3YUlqudd+EegDnfwBxEAosK1hWua5GulbmSV2k/0NuFjPqoNGzB 8NioOz1EyVJZouzNg4qysrqnmTWUQD0Mo/YSDk4J6RBlGhwvFTbJe/LpKX/yfKxQyId2 8eXA== X-Gm-Message-State: AJcUukdDWLH2lDFIXbnRA7h+7GA6ZMAqMavtGzaNe48Bk87bL5qu8EYu 1dgi8TzhqjKLjECJOpjF1YudQjiuNtk= X-Received: by 2002:a1f:490:: with SMTP id 138mr1402210vke.48.1546991756255; Tue, 08 Jan 2019 15:55:56 -0800 (PST) Received: from mail-vk1-f177.google.com (mail-vk1-f177.google.com. [209.85.221.177]) by smtp.gmail.com with ESMTPSA id l197sm16677349vke.18.2019.01.08.15.55.55 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 08 Jan 2019 15:55:55 -0800 (PST) Received: by mail-vk1-f177.google.com with SMTP id y14so1295735vkd.1 for ; Tue, 08 Jan 2019 15:55:55 -0800 (PST) X-Received: by 2002:a1f:e7c5:: with SMTP id e188mr1313566vkh.92.1546991754708; Tue, 08 Jan 2019 15:55:54 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Kees Cook Date: Tue, 8 Jan 2019 15:55:42 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: nvdimm crash at boot To: Dan Williams Cc: Dave Jiang , linux-nvdimm , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 8, 2019 at 3:54 PM Dan Williams wrote: > > On Tue, Jan 8, 2019 at 3:34 PM Kees Cook wrote: > > > > On Tue, Jan 8, 2019 at 3:28 PM Dan Williams wrote: > > > Ah, thanks for the report! The key difference is that you don't define > > > a "label area", so the driver bails out early and never initializes > > > the security state. > > > > > > This should fix it up. > > > > > > diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c > > > index 4890310df874..636cdb06ee17 100644 > > > --- a/drivers/nvdimm/dimm_devs.c > > > +++ b/drivers/nvdimm/dimm_devs.c > > > @@ -514,7 +514,7 @@ static umode_t nvdimm_visible(struct kobject > > > *kobj, struct attribute *a, int n) > > > > > > if (a != &dev_attr_security.attr) > > > return a->mode; > > > - if (nvdimm->sec.state < 0) > > > + if (!nvdimm->sec.ops || nvdimm->sec.state < 0) > > > return 0; > > > /* Are there any state mutation ops? */ > > > if (nvdimm->sec.ops->freeze || nvdimm->sec.ops->disable > > > > Okay, cool. I wasn't sure if that test needed a deeper check. :) > > > > Fixes: 37833fb7989a9 ("acpi/nfit, libnvdimm: Add freeze security > > support to Intel nvdimm") > > Tested-by: Kees Cook > > > > Actually, looking closer this should have been avoided by the fact > that __nvdimm_create() initializes the security state early and that > nvdimm->sec.state should have saved us. > > I'll dig a bit deeper with your qemu config. Maybe something goes weird with pstore stealing the region? -- Kees Cook