Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1327385rwb; Fri, 23 Sep 2022 11:01:25 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6L+ZLXqxxmgic2qCWrbBVyqIqx2UAbByL/clBq83o3SmP8IY14BhyV0j99nyTEOlH9A7Qw X-Received: by 2002:a62:a512:0:b0:536:e2bd:e15e with SMTP id v18-20020a62a512000000b00536e2bde15emr10633543pfm.1.1663956085142; Fri, 23 Sep 2022 11:01:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663956085; cv=none; d=google.com; s=arc-20160816; b=CaKBXBSh/l4TFUoIXtwyEd4OIeR5qC4zb6FjWrpf9tuv2UUzfBO3Fq146uFrhwmzHx x8ENj0w7XuagY+pU/2WQ51qiZgRTMwUwTbYverhKK+hEA/Z+HwMF5nc594NBcCDAQMX4 HfJBnkupQMPShQofUi58G2eikWUh+RFsoUFWmGbZyULS7CH1DwfmbvjgTgOcoAdQIFt5 jgSqpvlILdh0sDppmeSzR3Xc81SbNXSJqmGWzh8t66I+OO+r7XXS4+Sac2T2UbrD5kml nk0aRP0t+Dyo8miLKEmaOXJBGJvbotK3Pqd97eiE9KSzaap1Pq/IY/V77inLL79r0Uh5 59Kw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=NX0uxLsETnQjBDMbT8fMjsShz4e7A36/sdTSflSPHMk=; b=Z3ico4XVuOUIcxycnGRflGlHsSilxSemyYk7eDMFElO76HoKl7kdmMEx0uKSUIp5Ym JqqEm+PujfdrX8/zn19lCrwT8wttnv2onN+g9+cna8A3qlsYqs31letbEV8xCwGem+hx RUukkd+McgbicwnSjYhM2BmmmECaDX1B58uPTd/JvqJVYGREuK14Pho2UVpWW0c2suSP eyUjh5IrxnEyBzoJbxiTlBrJsS2jB7duf1fPX88MPPQnDbhU8x5YBqBqd8fJu+pzpkm+ Xi3pcDbYQUZj/dMh7+bRZ0ol0sxw429HzFFtkIGfLwNRVKAoBNWjJhtzdAOhqm/b3gkR VYoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=Qz6+1YcT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q190-20020a632ac7000000b0043bf03d8625si8639604pgq.413.2022.09.23.11.00.48; Fri, 23 Sep 2022 11:01:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=Qz6+1YcT; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232441AbiIWRvs (ORCPT + 99 others); Fri, 23 Sep 2022 13:51:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231340AbiIWRvq (ORCPT ); Fri, 23 Sep 2022 13:51:46 -0400 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2AE5E13A072 for ; Fri, 23 Sep 2022 10:51:43 -0700 (PDT) Received: from zn.tnic (p200300ea9733e795329c23fffea6a903.dip0.t-ipconnect.de [IPv6:2003:ea:9733:e795:329c:23ff:fea6:a903]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 9FCDF1EC0628; Fri, 23 Sep 2022 19:51:37 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1663955497; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=NX0uxLsETnQjBDMbT8fMjsShz4e7A36/sdTSflSPHMk=; b=Qz6+1YcTlhabcvK6hvgl2WvdnbLAEEEu5ONZfRUACRdJ8+1eYfR0LKY/z5tChIMM64E0JB X5vNjpBUjQoTIzhu3UgxcIAbzY7WEhwRCYHr3jJ5xYvX00iXIvM6KQy/HrrPCaxl5eLBQr 6mmdMmEb1cErTFhu2yD0fSk2B1Q1bfU= Date: Fri, 23 Sep 2022 19:51:33 +0200 From: Borislav Petkov To: Daniel Verkamp Cc: x86@kernel.org, linux-kernel@vger.kernel.org, Tony Luck Subject: Re: [PATCH] x86: also disable FSRM if ERMS is disabled Message-ID: References: <20220923005827.1533380-1-dverkamp@chromium.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 23, 2022 at 10:25:05AM -0700, Daniel Verkamp wrote: > Yes, we hit this in crosvm when booting the guest kernel with either > OVMF or u-boot on an Intel 12th Gen CPU. The guest kernel boots fine > when loaded directly (using the crosvm kernel loader and not running > any firmware setup in the guest), but it crashes when booting with > firmware inside the first forward memmove() after alternatives are set > up (which happens to be in printk). I haven't gotten to the bottom of > why exactly using firmware is causing this to be set up in an > inconsistent way, but this is a real-world situation, not just a > hypothetical. Sounds like broken virt firmware or so. And if that is not an issue on baremetal, then the virt stack should be fixed - not the kernel. > Now that I look at it with fresh eyes again, maybe we should instead > directly patch the memmove FSRM alternative so that the flag-set > version just does the same jmp as the ERMS one. I can prepare a patch > for that instead of (or in addition to) this one if that sounds > better. So, if the virt firmware deviates from how the real hardware behaves, then the kernel needs no fixing. So you'd have to figure out why is the virt firmware causing this and not baremetal. Then we can talk about fixes. Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette