Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp22177657ybl; Mon, 6 Jan 2020 20:17:39 -0800 (PST) X-Google-Smtp-Source: APXvYqx0Y77RYdQtez80jcgZAhpwZAlIVAQ8qnpADjk/MSEIP6os7UV9dAGAs7DEUrJ6QABa1XQA X-Received: by 2002:a9d:7592:: with SMTP id s18mr124043146otk.130.1578370659062; Mon, 06 Jan 2020 20:17:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1578370659; cv=none; d=google.com; s=arc-20160816; b=RjfJUtEPbkQ0pgWsIzy8tPxjv6WcxiO+zJys6/p3EL6qMVX/syHNtwvteb98cv563j n5wDBUeWvB/r//Rw0TeiYGU75NJkrqo1ZS2Yetmr/gc/6I8xypEQyFAbj0fzyHL3RGzS /tccAZqD8nN+EAxGf71+lXLecDPALBdzgjsy9aJq/daxu5nZDufjvUq9POpyIs3oTeVm g3lCtBuwsNrDCeFLfw1w9MybidkkTTYvcu8aViFadY3K1LjtRxfvzhvYBz+eVSxdjgcQ eJps8t61VwemAvsmCvNREayH3XvtFgYyKxZ2llvV5zxCH78PbCya8VEHkVtVvCZYpu07 1U+Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=7JwBnNcErx/Tqbos3sgmzuiRKwnTayVGEEUrwwVO9+Q=; b=bVDn3PtWJFcvKxvpUuAGQtoZFNt8vJ+SASQRJynmxqXDDAhHvfk5pfwlUy77Toh68Z kVCy0F2AThnEU/i6EQKUwZuuxyKkE6ujskOweJlw2XPMg9YeBqO3I8mueKNy/745bpcO SewJqiswmXs/kqsgTreVhD7sqiXZvwVflpEWKClIAZRGj0dhkkfyd5ybdv9F1Yde9iMf +bLJOC24GoW83ccO1Sny31J8FYgLcDVbIMqaW2brRXITULHFC2EzMXvPFH3dF+YSO4tG rH5rPamnrh84duiZhfuZx+0Z0o9R/JZPqDQ2tJWQCglaSdWLp+gvKR7D4wlREMc2WqtE 5/Ag== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=kTfmCJhh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t20si36589025otr.64.2020.01.06.20.17.27; Mon, 06 Jan 2020 20:17:39 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@intel-com.20150623.gappssmtp.com header.s=20150623 header.b=kTfmCJhh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727585AbgAGEQu (ORCPT + 99 others); Mon, 6 Jan 2020 23:16:50 -0500 Received: from mail-ot1-f66.google.com ([209.85.210.66]:40405 "EHLO mail-ot1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727458AbgAGEQt (ORCPT ); Mon, 6 Jan 2020 23:16:49 -0500 Received: by mail-ot1-f66.google.com with SMTP id w21so66877521otj.7 for ; Mon, 06 Jan 2020 20:16:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7JwBnNcErx/Tqbos3sgmzuiRKwnTayVGEEUrwwVO9+Q=; b=kTfmCJhh1mbBCxqWkk2jJzl/J1kOXKq7lFQJCLEwwH1rEYWJoqgEISnsXnof7DsGKp r22nVFIxpGIaZUR7b8mcJMJxVKZAx1EOQZ8kr7V+DqBj11Lsa7c2bT5Bl5wLx++3CO8M PLsS96c92EcNKS1U47BedxbdFQo3DiJyad6/jcZXUufOff+1OCkXWUnQIlqc0iSB6pIO pliKONMzLNlNdrsXD/hyqtbTjE3AGJxs6w8V1q5W50mTzVUyOGGtrX1j5Yul63jwsK+x 1EANxaD3gSNMM00ePgz+477b4uJ8VGdtRBPKtnNPQAQgCZS4s7GocmWFW6evH+CIEOvR qDfA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7JwBnNcErx/Tqbos3sgmzuiRKwnTayVGEEUrwwVO9+Q=; b=OmG4V6F5tG4VADPP4L3vC2ux6TMNIFoa0SsIPcx7OXQLM0TUq1dXeZuJRCI+kh5OKg Of3Q10RjKx8a6rwn2bP320b4vzW4Hv4R4U7xYtCQNHqIaB/byJpacIjC1LcuSOtXJhlN C/MIv29w0rcxnXRlKACGy9QfeCd1he37CLpSCOhu6yg3F+NR19eYRjk2zAw+PVPsEXwk hqPcetraQN/xIWui9bXN+gREWMgCfk3hEuGfhFiAMBS0T7hfzm2iNUsUE4GLSgDrUiCv tj7QpMRLhNcwG20Hvtw2dEgz0pnycX4xe2wP+crW1Fc8d1tqF/CMg+heVR0ODeX+zQHs B2Gw== X-Gm-Message-State: APjAAAWJ3SVdaEn/7OstNxER3PWy49pDgcp4gSPNv1jHPWFVt8uixS+K sV/NgnCuQVjJ6eaafOeL02qembYNgR/2kitDXp9SFw== X-Received: by 2002:a9d:68d3:: with SMTP id i19mr61571357oto.71.1578370608986; Mon, 06 Jan 2020 20:16:48 -0800 (PST) MIME-Version: 1.0 References: <157835762222.1456824.290100196815539830.stgit@dwillia2-desk3.amr.corp.intel.com> <157835764298.1456824.224151767362114611.stgit@dwillia2-desk3.amr.corp.intel.com> <20200107040415.GA19309@dhcp-128-65.nay.redhat.com> In-Reply-To: <20200107040415.GA19309@dhcp-128-65.nay.redhat.com> From: Dan Williams Date: Mon, 6 Jan 2020 20:16:37 -0800 Message-ID: Subject: Re: [PATCH v4 4/4] efi: Fix handling of multiple efi_fake_mem= entries To: Dave Young Cc: Ingo Molnar , Taku Izumi , Michael Weiser , Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , linux-efi , X86 ML , Linux Kernel Mailing List , Kexec Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 6, 2020 at 8:04 PM Dave Young wrote: > > On 01/06/20 at 04:40pm, Dan Williams wrote: > > Dave noticed that when specifying multiple efi_fake_mem= entries only > > the last entry was successfully being reflected in the efi memory map. > > This is due to the fact that the efi_memmap_insert() is being called > > multiple times, but on successive invocations the insertion should be > > applied to the last new memmap rather than the original map at > > efi_fake_memmap() entry. > > > > Rework efi_fake_memmap() to install the new memory map after each > > efi_fake_mem= entry is parsed. > > > > This also fixes an issue in efi_fake_memmap() that caused it to litter > > emtpy entries into the end of the efi memory map. An empty entry causes > > efi_memmap_insert() to attempt more memmap splits / copies than > > efi_memmap_split_count() accounted for when sizing the new map. When > > that happens efi_memmap_insert() may overrun its allocation, and if you > > are lucky will spill over to an unmapped page leading to crash > > signature like the following rather than silent corruption: > > > > BUG: unable to handle page fault for address: ffffffffff281000 > > [..] > > RIP: 0010:efi_memmap_insert+0x11d/0x191 > > [..] > > Call Trace: > > ? bgrt_init+0xbe/0xbe > > ? efi_arch_mem_reserve+0x1cb/0x228 > > ? acpi_parse_bgrt+0xa/0xd > > ? acpi_table_parse+0x86/0xb8 > > ? acpi_boot_init+0x494/0x4e3 > > ? acpi_parse_x2apic+0x87/0x87 > > ? setup_acpi_sci+0xa2/0xa2 > > ? setup_arch+0x8db/0x9e1 > > ? start_kernel+0x6a/0x547 > > ? secondary_startup_64+0xb6/0xc0 > > > > Commit af1648984828 "x86/efi: Update e820 with reserved EFI boot > > services data to fix kexec breakage" is listed in Fixes: since it > > introduces more occurrences where efi_memmap_insert() is invoked after > > an efi_fake_mem= configuration has been parsed. Previously the side > > effects of vestigial empty entries were benign, but with commit > > af1648984828 that follow-on efi_memmap_insert() invocation triggers > > efi_memmap_insert() overruns. > > > > Fixes: 0f96a99dab36 ("efi: Add 'efi_fake_mem' boot option") > > Fixes: af1648984828 ("x86/efi: Update e820 with reserved EFI boot services...") > > A nitpick for the Fixes flags, as I replied in the thread below: > https://lore.kernel.org/linux-efi/CAPcyv4jLxqPaB22Ao9oV31Gm=b0+Phty+Uz33Snex4QchOUb0Q@mail.gmail.com/T/#m2bb2dd00f7715c9c19ccc48efef0fcd5fdb626e7 > > I reproduced two other panics without the patches applied, so this issue > is not caused by either of the commits, maybe just drop the Fixes. Just the "Fixes: af1648984828", right? No objection from me. I'll let Ingo say if he needs a resend for that. The "Fixes: 0f96a99dab36" is valid because the original implementation failed to handle the multiple argument case from the beginning. > > > Link: https://lore.kernel.org/r/20191231014630.GA24942@dhcp-128-65.nay.redhat.com > > Reported-by: Dave Young > > Cc: Taku Izumi > > Cc: Michael Weiser > > Cc: Ard Biesheuvel > > Cc: Thomas Gleixner > > Cc: Ingo Molnar > > Signed-off-by: Dan Williams > > --- > > drivers/firmware/efi/fake_mem.c | 31 ++++++++++++++++--------------- > > drivers/firmware/efi/memmap.c | 2 +- > > include/linux/efi.h | 2 ++ > > 3 files changed, 19 insertions(+), 16 deletions(-) > > > > diff --git a/drivers/firmware/efi/fake_mem.c b/drivers/firmware/efi/fake_mem.c > > index a8d20568d532..6e0f34a38171 100644 > > --- a/drivers/firmware/efi/fake_mem.c > > +++ b/drivers/firmware/efi/fake_mem.c > > @@ -34,25 +34,16 @@ static int __init cmp_fake_mem(const void *x1, const void *x2) > > return 0; > > } > > > > -void __init efi_fake_memmap(void) > > +static void __init efi_fake_range(struct efi_mem_range *efi_range) > > { > > struct efi_memory_map_data data = { 0 }; > > int new_nr_map = efi.memmap.nr_map; > > efi_memory_desc_t *md; > > void *new_memmap; > > - int i; > > - > > - if (!efi_enabled(EFI_MEMMAP) || !nr_fake_mem) > > - return; > > > > /* count up the number of EFI memory descriptor */ > > - for (i = 0; i < nr_fake_mem; i++) { > > - for_each_efi_memory_desc(md) { > > - struct range *r = &efi_fake_mems[i].range; > > - > > - new_nr_map += efi_memmap_split_count(md, r); > > - } > > - } > > + for_each_efi_memory_desc(md) > > + new_nr_map += efi_memmap_split_count(md, &efi_range->range); > > For this part, although I still have some concerns, but since I'm not > 100% clear about it, maybe just leave it as you do, and see if it is > good to Ard. Absent a specific failure case I didn't see anything to change here.