Re: Curious crash with secure variables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2013-03-18 at 08:01 +0000, James Bottomley wrote:
> The crash is attached below.  The curiosity is that the failing
> "virtual" address is actually a physical address inside the EFI runtime.
> It looks like either SetVirtualAddressMap() failed to relocate
> something, or there are caching effects on pre-relocated addresses.
> 
> The way to trigger this is to run tianocore in kvm and boot to an
> initial ramdisk with the efi tools and a shell.  If I insert a PK in the
> UEFI shell and then try to remove it in the initrd, the crash happens.
> If, however, I try to insert and remove the PK in the initrd without
> touching the secure variables in the UEFI shell, everything works
> 
> James

Crashes like this are typical of firmware that fails to update its
internal pointers when SetVirtualAddressMap() is called. There's no
reason that any of the EFI runtime services regions should be skipped
when establishing virtual kernel mappings, unless those regions are
missing the EFI_MEMORY_RUNTIME attribute, which seems unlikely.

Cc'ing Jordan as he may have some idea where the missing calls to
ConvertPointer() are.

> ---
> 
> [    0.998342] BUG: unable to handle kernel paging request at 000000001e339788
> [    1.000046] IP: [<ffff88001e3e4989>] 0xffff88001e3e4988
> [    1.000046] PGD 18211067 PUD 181e8067 PMD 0 
> [    1.000046] Oops: 0002 [#1] SMP 
> [    1.000046] Modules linked in:
> [    1.000046] CPU 0 
> [    1.000046] Pid: 34, comm: efi-updatevar Not tainted 3.9.0-rc2+ #45  
> [    1.000046] RIP: 0010:[<ffff88001e3e4989>]  [<ffff88001e3e4989>] 0xffff88001e3e4988
> [    1.000046] RSP: 0018:ffff88001821b9f0  EFLAGS: 00010086
> [    1.000046] RAX: 000000001e3396e0 RBX: ffffffff818537c0 RCX: 0000000000000000
> [    1.000046] RDX: ffff88001e36eee0 RSI: ffff88001e36eee0 RDI: 000000001e3396e0
> [    1.000046] RBP: ffff88001821ba30 R08: ffff88001f9dfd72 R09: 00000000000002cc
> [    1.000046] R10: ffff8800181ff800 R11: ffffffff8152573a R12: ffff8800181ff800
> [    1.000046] R13: ffff880018193000 R14: 0000000000000573 R15: ffff88001ed654c0
> [    1.000046] FS:  00007f161a916700(0000) GS:ffff88001d200000(0000) knlGS:0000000000000000
> [    1.000046] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [    1.000046] CR2: 000000001e339788 CR3: 00000000181f4000 CR4: 00000000000006f0
> [    1.000046] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [    1.000046] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> [    1.000046] Process efi-updatevar (pid: 34, threadinfo ffff88001821a000, task ffff880018203870)
> [    1.000046] Stack:
> [    1.000046]  0000000000000000 0000000000000018 ffff88001e36eee0 000000001e3396e0
> [    1.000046]  0000000000000000 0000001800000000 ffff88001e40e670 ffff88001e36eee0
> [    1.000046]  ffff88001821ba80 ffff88001e3ab99d 11d293ca8be4df61 ffff88001e4460a0
> [    1.000046] Call Trace:
> [    1.000046]  [<ffffffff8103a25b>] ? efi_call5+0x4b/0x80
> [    1.000046]  [<ffffffff812aaa2e>] ? efivarfs_file_write+0x1f7/0x351
> [    1.000046]  [<ffffffff8117999d>] ? security_file_permission+0x15/0x2b
> [    1.000046]  [<ffffffff8110dfae>] ? vfs_write+0x96/0xf8
> [    1.000046]  [<ffffffff8110e1d6>] ? sys_write+0x51/0x80
> [    1.000046]  [<ffffffff813937ed>] ? system_call_fastpath+0x1a/0x1f
> [    1.000046] Code: 8b 45 d8 48 89 c7 48 b8 8b 56 3a 1e 00 88 ff ff ff d0 eb 01 90 c9 c3 55 48 89 e5 48 83 ec 40 48 89 7d d8 48 89 75 d0 48 8b 45 d8 <c7> 80 a8 00 00 00 00 00 00 00 48 8b 45 d8 48 8b 48 28 48 8b 45 
> [    1.000046] RIP  [<ffff88001e3e4989>] 0xffff88001e3e4988
> [    1.000046]  RSP <ffff88001821b9f0>
> [    1.000046] CR2: 000000001e339788
> [    1.000046] ---[ end trace ee19301618adf435 ]---

-- 
Matt Fleming, Intel Open Source Technology Center

--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux