On 31/07/15 14:44, Boris Ostrovsky wrote: > On 07/31/2015 05:10 AM, Andrew Cooper wrote: >> On 30/07/15 22:31, Andy Lutomirski wrote: >>> This is intended for x86/urgent. Sorry for taking so long, but it >>> seemed nice to avoid breaking Xen. >> Very much appreciated. Thanks! >> >>> This fixes the "dazed and confused" issue which was exposed by the >>> CVE-2015-5157 fix. It's also probably a good general attack surface >>> reduction, and it replaces some scary code with IMO less scary code. >>> >>> Also, servers and embedded systems should probably turn off modify_ldt. >>> This makes that possible. >>> >>> Xen people, can you test patch 1? It works for me on my evil 32-bit >>> Xen virtio setup. >> So the LDT issue seems to have gone away, which is good. >> >> However, I did get this from my single vcpu guest test >> >> [OK] LDT entry 0 is invalid >> [SKIP] Cannot set affinity to CPU 1 >> [RUN] Test exec >> [ 3.638967] CPU 0 set the LDT >> [OK] LDT entry 0 has AR 0x0040FA00 and limit 0x0000002A >> [ 3.639380] ------------[ cut here ]------------ >> [ 3.639389] WARNING: CPU: 0 PID: 383 at >> /local/linux-mainline.git/arch/x86/include/asm/mmu_context.h:96 >> flush_old_exec+0x7fd/0xb70() >> [ 3.639397] DEBUG_LOCKS_WARN_ON(!irqs_disabled()) > > You must be running v5 (or earlier). This is fixed in v6 --- it is now > 'DEBUG_LOCKS_WARN_ON(preemptible());'
Hmm - I definitely have the correct code, but did a complete clean and rebuild, and the issue went away. I presume I had something stale in the build. I am still seeing [ 5.496264] WARNING: CPU: 0 PID: 389 at /local/linux-mainline.git/kernel/locking/lockdep.c:2639 trace_hardirqs_off_caller+0xa9/0xb0() [ 5.496272] DEBUG_LOCKS_WARN_ON(!irqs_disabled()) [ 5.496276] CPU: 0 PID: 389 Comm: ldt_gdt_32 Not tainted 4.2.0-rc4+ #21 But that looks incidental, and unrelated to these fixes. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
