Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp135951imu;
        Tue, 8 Jan 2019 16:17:46 -0800 (PST)
X-Google-Smtp-Source: ALg8bN4Jxc4M2b6pX+hCL534555QsIdYk6RuMGRyM8oLUL1guDJw8tIhiKT41iTnjocp9k27AVg8
X-Received: by 2002:a17:902:f64:: with SMTP id 91mr3873273ply.132.1546993066459;
        Tue, 08 Jan 2019 16:17:46 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1546993066; cv=none;
        d=google.com; s=arc-20160816;
        b=iAFKtt8T1sTG11/dCbE2v5EaiSU9iwUw8W3KGhbh8jpj3EYWuV9ayPlQSdtA2LsxII
         3GqZ4B8Ms78HYhrdsIJNPNuH8tCU2vWCcvFcOASgJD4EGIXWZR6sr6lXhUo3jhNkG+SQ
         325EvcQssCRg8jhY84/FKeA1eQF3SYVL/UqpFuTOrLCczYbLzULqYFwtB9lUO61VOsz6
         LqNPCX5DqunvNgrLvjvSEpJUEdG7u0omXXYFqUK5MvYgWfW57lCc7EqLJZiZ+A2jSaue
         Xhokdp9DrNl4Xnqwda+VPlc3m5GD6pcsTRO0FxwEHhPqEaKvGF8D2M2RLC7zWGUhl3EA
         SY+Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=h1d7kvfyQjpYlDnRDcTNxvOWfIXsTE/6Wx43wfl7W3g=;
        b=PM6+owSDIkLNHoQaaf5KbbsrL5voqWxSXFe67olKdAVxbLJsTUtyaQAoLyBSHhBC7X
         zichSAOtn8PVdwVq1WYgcvHkVcAFLXE1YOf6YCuLiECrjWN+4WaQaqTbGGzKWh7Y95qu
         o69TvPp0vpJzuPycANcSpVi40BfZjzIZe/u9Wa7AHoW3j7sYUr3Pir7x7xPufX150AcY
         U4dqhWD9R6Bn7QD+v5Z7IPCanNaqxMPTpOqAVmBJ4TFpEWTUB4NMQZOMEy4XdgYrEXqG
         91WSW1Diz7B2Ush8ZXy+Ck5iQa9cSrFPnCmCe0iiO4I20QWKi7CMVAD7yVAU7F7XPm4k
         ohaQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b="J/OKHInW";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o32si28649711pld.407.2019.01.08.16.17.30;
        Tue, 08 Jan 2019 16:17:46 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@chromium.org header.s=google header.b="J/OKHInW";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729191AbfAHXz6 (ORCPT <rfc822;arandomawesomegeek@gmail.com>
        + 99 others); Tue, 8 Jan 2019 18:55:58 -0500
Received: from mail-vk1-f195.google.com ([209.85.221.195]:39524 "EHLO
        mail-vk1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728569AbfAHXz5 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 8 Jan 2019 18:55:57 -0500
Received: by mail-vk1-f195.google.com with SMTP id s184so1286138vkd.6
        for <linux-kernel@vger.kernel.org>; Tue, 08 Jan 2019 15:55:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=h1d7kvfyQjpYlDnRDcTNxvOWfIXsTE/6Wx43wfl7W3g=;
        b=J/OKHInWaowlLNK667YQYNdPnWnowa2zjcfLn42grgsD2x0BoGU2A1g+oaCymVBG9t
         I5Djr84efZ+6jAD0cUuDIbHSkf/deF5a1G5PgmUvgHjAcn/jWiLH5QBIPwaVX/Ig0UUW
         2ojcnt7E2ENbcbi3h1jfKLvAYr7JMrLEqiUzc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=h1d7kvfyQjpYlDnRDcTNxvOWfIXsTE/6Wx43wfl7W3g=;
        b=Gg4SdXzQ0h9MddK806aFDBP33c9ih5h74/i9C83wA9OY7y6l2JO8644fq3cGqixmGk
         kIyLqDQduiCnxwvx30YUGBQQ8YfEUI7yE9EcVm/mR75PSBHrcQkaCtFpvpwX7UYhwOeD
         az0vM08r4cI1wbG4Wmmgxx5FyMxSc9ZHAhuyN1zZFGdvPPhF0H9UnyxjLON44YR9Nj/k
         5di33FrPrfSird/Ck3YUlqudd+EegDnfwBxEAosK1hWua5GulbmSV2k/0NuFjPqoNGzB
         8NioOz1EyVJZouzNg4qysrqnmTWUQD0Mo/YSDk4J6RBlGhwvFTbJe/LpKX/yfKxQyId2
         8eXA==
X-Gm-Message-State: AJcUukdDWLH2lDFIXbnRA7h+7GA6ZMAqMavtGzaNe48Bk87bL5qu8EYu
        1dgi8TzhqjKLjECJOpjF1YudQjiuNtk=
X-Received: by 2002:a1f:490:: with SMTP id 138mr1402210vke.48.1546991756255;
        Tue, 08 Jan 2019 15:55:56 -0800 (PST)
Received: from mail-vk1-f177.google.com (mail-vk1-f177.google.com. [209.85.221.177])
        by smtp.gmail.com with ESMTPSA id l197sm16677349vke.18.2019.01.08.15.55.55
        for <linux-kernel@vger.kernel.org>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 08 Jan 2019 15:55:55 -0800 (PST)
Received: by mail-vk1-f177.google.com with SMTP id y14so1295735vkd.1
        for <linux-kernel@vger.kernel.org>; Tue, 08 Jan 2019 15:55:55 -0800 (PST)
X-Received: by 2002:a1f:e7c5:: with SMTP id e188mr1313566vkh.92.1546991754708;
 Tue, 08 Jan 2019 15:55:54 -0800 (PST)
MIME-Version: 1.0
References: <CAGXu5jKUP9o-ZgW5Wa5-9DHeQNZ5VA3cLBCJ0P7AVkTQ5tqHtQ@mail.gmail.com>
 <CAPcyv4iZZEM3D8vta_sge7a4iMgPZ5a1AnunXa4DKUaWauZk1g@mail.gmail.com>
 <CAGXu5j+z_yRPgE0HO=Sjo_VwwDDPJ+VLxbxwKgbb2cUAB5jmwg@mail.gmail.com> <CAPcyv4jhFGMzBrWHS_9q0Fe2MersRXz31VG3H2dJfujx1CJGhQ@mail.gmail.com>
In-Reply-To: <CAPcyv4jhFGMzBrWHS_9q0Fe2MersRXz31VG3H2dJfujx1CJGhQ@mail.gmail.com>
From:   Kees Cook <keescook@chromium.org>
Date:   Tue, 8 Jan 2019 15:55:42 -0800
X-Gmail-Original-Message-ID: <CAGXu5jKrhvUduv_XUYF94YM=bBfPGNkPrZ_EkvRKB0pDY_6uOw@mail.gmail.com>
Message-ID: <CAGXu5jKrhvUduv_XUYF94YM=bBfPGNkPrZ_EkvRKB0pDY_6uOw@mail.gmail.com>
Subject: Re: nvdimm crash at boot
To:     Dan Williams <dan.j.williams@intel.com>
Cc:     Dave Jiang <dave.jiang@intel.com>,
        linux-nvdimm <linux-nvdimm@lists.01.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jan 8, 2019 at 3:54 PM Dan Williams <dan.j.williams@intel.com> wrote:
>
> On Tue, Jan 8, 2019 at 3:34 PM Kees Cook <keescook@chromium.org> wrote:
> >
> > On Tue, Jan 8, 2019 at 3:28 PM Dan Williams <dan.j.williams@intel.com> wrote:
> > > Ah, thanks for the report! The key difference is that you don't define
> > > a "label area", so the driver bails out early and never initializes
> > > the security state.
> > >
> > > This should fix it up.
> > >
> > > diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c
> > > index 4890310df874..636cdb06ee17 100644
> > > --- a/drivers/nvdimm/dimm_devs.c
> > > +++ b/drivers/nvdimm/dimm_devs.c
> > > @@ -514,7 +514,7 @@ static umode_t nvdimm_visible(struct kobject
> > > *kobj, struct attribute *a, int n)
> > >
> > >         if (a != &dev_attr_security.attr)
> > >                 return a->mode;
> > > -       if (nvdimm->sec.state < 0)
> > > +       if (!nvdimm->sec.ops || nvdimm->sec.state < 0)
> > >                 return 0;
> > >         /* Are there any state mutation ops? */
> > >         if (nvdimm->sec.ops->freeze || nvdimm->sec.ops->disable
> >
> > Okay, cool. I wasn't sure if that test needed a deeper check. :)
> >
> > Fixes: 37833fb7989a9 ("acpi/nfit, libnvdimm: Add freeze security
> > support to Intel nvdimm")
> > Tested-by: Kees Cook <keescook@chromium.org>
> >
>
> Actually, looking closer this should have been avoided by the fact
> that __nvdimm_create() initializes the security state early and that
> nvdimm->sec.state should have saved us.
>
> I'll dig a bit deeper with your qemu config.

Maybe something goes weird with pstore stealing the region?

-- 
Kees Cook