Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 430122 - sys-kernel/hardened-sources-3.4.7: x86 kernel panic on IA32 OVMF when EFI=y && ACPI=y
Summary: sys-kernel/hardened-sources-3.4.7: x86 kernel panic on IA32 OVMF when EFI=y &...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: x86 Linux
: Normal major (vote)
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-08-06 03:57 UTC by Maxim Kammerer
Modified: 2012-09-18 12:42 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
minimal x86 hardened-sources-3.4.7 configuration that results in panic (linux-3.4.7-hardened-ia32.config,20.90 KB, text/plain)
2012-08-06 03:59 UTC, Maxim Kammerer 		Details
serial log from QEMU (serial.log,9.01 KB, text/plain)
2012-08-06 04:01 UTC, Maxim Kammerer 		Details
interdiff patch fixing the problem (pax-linux-3.4.7-test28 -> 29) (pax-linux-3.4.7-test28-29-diff.patch,1.62 KB, patch)
2012-08-06 15:13 UTC, Maxim Kammerer 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Maxim Kammerer 2012-08-06 03:57:44 UTC 
1. The problem is present in hardened-sources (with GRSECURITY / PAX on or off), but not in gentoo-sources.
2. The problem is relatively old (at least since 3.2 stabilization), and was tested on hardened-sources-3.4.7 with patch fix from bug #428726 applied.
3. The problem is unrelated to GRUB, and can be tested by enabling EFI_STUB and running the kernel directly from OVMF. For an ISO setup and OVMF download links, see first comment in bug #428726.
4. The minimal kernel configuration was tested both with released OVMF images, and images compiled from git.
5. The problem is present when CONFIG_EFI and CONFIG_ACPI are on (EFI_STUB is unrelated), and is not present on x64 OVMF.

The kernel panic always ends with:

 [<c114b52e>] ? start_kernel+0x198/0x250
 [<c114b16d>] ? repair_env_string+0x4d/0x4d

but calls after start_kernel depend on the specific kernel configuration.

Minimal kernel configuration and kernel panic output follow. The command used was:

qemu-system-x86_64 -cpu kvm64 -L .../ia32 -nodefaults -sdl -monitor vc -m 256M -vga cirrus -hda fat:x -serial file:serial.log

where directory "x" contains bzImage.efi (bzImage needs to be renamed).
Comment 1 Maxim Kammerer 2012-08-06 03:59:56 UTC 
Created attachment 320538 [details]
minimal x86 hardened-sources-3.4.7 configuration that results in panic

CONFIG_EFI_STUB=y is unrelated to the problem, and can be disabled.
Comment 2 Maxim Kammerer 2012-08-06 04:01:13 UTC 
Created attachment 320540 [details]
serial log from QEMU
Comment 3 Maxim Kammerer 2012-08-06 04:07:19 UTC 
The toolchain is latest stable hardened profile one:

sys-devel/gcc-4.5.3-r2 was built with the following:
USE="cxx hardened nls nptl openmp (-altivec) -bootstrap -build -doc (-fixed-point) -fortran -gcj -graphite -gtk (-libssp) -lto -mudflap (-multilib) -multislot -nocxx -nopie -nossp -objc -objc++ -objc-gc -test -vanilla"

sys-devel/binutils-2.21.1-r1 was built with the following:
USE="cxx nls zlib -multislot -multitarget -static-libs -test -vanilla"

CFLAGS="-O2 -march=pentium3 -mtune=core2 -pipe"
CXXFLAGS="-O2 -march=pentium3 -mtune=core2 -pipe"
Comment 4 PaX Team 2012-08-06 11:40:00 UTC 
thanks for the report, i fixed the bug in the latest patches, grsec will follow later today i guess.
Comment 5 Maxim Kammerer 2012-08-06 15:13:39 UTC 
Created attachment 320566 [details, diff]
interdiff patch fixing the problem (pax-linux-3.4.7-test28 -> 29)

I tested on both IA32 and x64 OVMF, with a minimal and a full-blown kernel, and the problem seems to be fixed, thanks!

So it was KERNEXEC again, after all.

By the way, I think that this time you forgot to upload the patches, I took -test29 from ~paxguy1.
Comment 6 PaX Team 2012-09-18 09:24:28 UTC 
i guess this one can be closed now ;).