All of lore.kernel.org
 help / color / mirror / Atom feed
* [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
@ 2021-10-04 17:47 Ser Olmy
  2021-10-04 17:59 ` Borislav Petkov
  0 siblings, 1 reply; 10+ messages in thread
From: Ser Olmy @ 2021-10-04 17:47 UTC (permalink / raw)
  To: linux-kernel

Booting any 5.14 kernel on certain Celeron-based 32-bit machines results in a panic:

[   22.546247] Run /init as init process
[   22.610556] init[1] bad frame in sigreturn frame:(ptrval) ip:b7d46be6 sp:bff3af30 orax:ffffffff in libc-2.33.so[b7c94000+156000]
[   22.749531] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[   22.750240] CPU: 0 PID: 1 Comm: init Not tainted 5.14.9 #1
[   22.750240] Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
[   22.750240] Call Trace:
[   22.750240]  ? dump_stack_lvl+0x32/0x41
[   22.750240]  ? dump_stack+0xa/0xc
[   22.750240]  ? panic+0xa2/0x23f
[   22.750240]  ? do_exit.cold+0x94/0x94
[   22.750240]  ? do_group_exit+0x2a/0x80
[   22.750240]  ? get_signal+0x142/0x7a0
[   22.750240]  ? arch_do_signal_or_restart+0xb1/0x570
[   22.750240]  ? force_sig_info_to_task+0x65/0xf0
[   22.750240]  ? vprintk_emit+0x150/0x190
[   22.750240]  ? exit_to_user_mode_prepare+0x145/0x1e0
[   22.750240]  ? syscall_exit_to_user_mode+0x18/0x40
[   22.750240]  ? do_int80_syscall_32+0x3d/0x80
[   22.750240]  ? entry_INT80_32+0xf0/0xf0

I've bisected it to this commit:

6f9866a166cd1ad3ebb2dcdb3874aa8fee8dea2f [x86/fpu/signal: Let xrstor handle the features to init]

Reverting it results in a working system.

Regards,

Olmy

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
  2021-10-04 17:47 [x86] Kernel v5.14 series panic on Celeron Mendocino CPU Ser Olmy
@ 2021-10-04 17:59 ` Borislav Petkov
  2021-10-04 18:17   ` Ser Olmy
                     ` (2 more replies)
  0 siblings, 3 replies; 10+ messages in thread
From: Borislav Petkov @ 2021-10-04 17:59 UTC (permalink / raw)
  To: Ser Olmy; +Cc: linux-kernel, x86-ml

On Mon, Oct 04, 2021 at 05:47:37PM +0000, Ser Olmy wrote:
> Booting any 5.14 kernel on certain Celeron-based 32-bit machines results in a panic:
> 
> [   22.546247] Run /init as init process
> [   22.610556] init[1] bad frame in sigreturn frame:(ptrval) ip:b7d46be6 sp:bff3af30 orax:ffffffff in libc-2.33.so[b7c94000+156000]
> [   22.749531] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
> [   22.750240] CPU: 0 PID: 1 Comm: init Not tainted 5.14.9 #1
> [   22.750240] Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
> [   22.750240] Call Trace:
> [   22.750240]  ? dump_stack_lvl+0x32/0x41
> [   22.750240]  ? dump_stack+0xa/0xc
> [   22.750240]  ? panic+0xa2/0x23f
> [   22.750240]  ? do_exit.cold+0x94/0x94
> [   22.750240]  ? do_group_exit+0x2a/0x80
> [   22.750240]  ? get_signal+0x142/0x7a0
> [   22.750240]  ? arch_do_signal_or_restart+0xb1/0x570
> [   22.750240]  ? force_sig_info_to_task+0x65/0xf0
> [   22.750240]  ? vprintk_emit+0x150/0x190
> [   22.750240]  ? exit_to_user_mode_prepare+0x145/0x1e0
> [   22.750240]  ? syscall_exit_to_user_mode+0x18/0x40
> [   22.750240]  ? do_int80_syscall_32+0x3d/0x80
> [   22.750240]  ? entry_INT80_32+0xf0/0xf0
> 
> I've bisected it to this commit:
> 
> 6f9866a166cd1ad3ebb2dcdb3874aa8fee8dea2f [x86/fpu/signal: Let xrstor handle the features to init]

I'm assuming your CPU cannot do 64-bit mode?

Can you send .config, /proc/cpuinfo and full dmesg pls?

Privately is fine too.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
  2021-10-04 17:59 ` Borislav Petkov
@ 2021-10-04 18:17   ` Ser Olmy
  2021-10-05 10:05     ` Borislav Petkov
  2021-10-06 17:38   ` [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits tip-bot2 for Borislav Petkov
  2021-10-08  9:58   ` tip-bot2 for Borislav Petkov
  2 siblings, 1 reply; 10+ messages in thread
From: Ser Olmy @ 2021-10-04 18:17 UTC (permalink / raw)
  To: linux-kernel

On Monday, October 4th, 2021 at 7:59 PM, Borislav Petkov <bp@alien8.de> wrote:
>
> I'm assuming your CPU cannot do 64-bit mode?

Correct, it's an old Socket 370 Celeron

> Can you send .config, /proc/cpuinfo and full dmesg pls?

I'm running a stock Slackware-current kernel. The .config is available here: https://mirrors.dotsrc.org/slackware/slackware-current/kernels/hugesmp.s/config

cpuinfo:

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 6
model name      : Celeron (Mendocino)
stepping        : 5
microcode       : 0x3
cpu MHz         : 531.632
cache size      : 128 KB
physical id     : 0
siblings        : 1
core id         : 0
cpu cores       : 1
apicid          : 0
initial apicid  : 0
fdiv_bug        : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 2
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pse36 mmx fxsr cpuid pti
bugs            : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit
bogomips        : 1063.26
clflush size    : 32
cache_alignment : 32
address sizes   : 36 bits physical, 32 bits virtual
power management:


dmesg:

[    0.000000] Linux version 5.14.9-smp (root@z-mp32.slackware.lan) (gcc (GCC) 11.2.0, GNU ld version 2.37-slack15) #1 SMP Thu Sep 1
[    0.000000] x86/fpu: x87 FPU will use FXSAVE
[    0.000000] signal: max sigframe size: 1440
[    0.000000] BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009f7ff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009f800-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000017eeffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000017ef0000-0x0000000017effbff] ACPI data
[    0.000000] BIOS-e820: [mem 0x0000000017effc00-0x0000000017efffff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000017f00000-0x0000000017ffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fff00000-0x00000000ffffffff] reserved
[    0.000000] Notice: NX (Execute Disable) protection missing in CPU!
[    0.000000] SMBIOS 2.3 present.
[    0.000000] DMI: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
[    0.000000] tsc: Fast TSC calibration using PIT
[    0.000000] tsc: Detected 531.615 MHz processor
[    0.004370] last_pfn = 0x17ef0 max_arch_pfn = 0x1000000
[    0.004645] x86/PAT: PAT not supported by the CPU.
[    0.006326] x86/PAT: Configuration [0-7]: WB  WT  UC- UC  WB  WT  UC- UC
[    0.034440] RAMDISK: [mem 0x174c1000-0x17eeffff]
[    0.034490] ACPI: Early table checksum verification disabled
[    0.034531] ACPI: RSDP 0x00000000000F6510 000014 (v00 PTLTD )
[    0.034574] ACPI: RSDT 0x0000000017EF9B1D 000030 (v01 HP     HPBDD_JD 00001000  LTP 00000000)
[    0.034626] ACPI: FACP 0x0000000017EFFB0B 000074 (v01 HP     HPBDD_JD 00001000 PTL  00001002)
[    0.034683] ACPI: DSDT 0x0000000017EF9B4D 005FBE (v01 HP     HPBDD_IZ 00001000 MSFT 0100000B)
[    0.034726] ACPI: FACS 0x0000000017EFFFC0 000040
[    0.034761] ACPI: APIC 0x0000000017EFFB7F 00005A (v01 HP     HPBDD_JD 00001000  LTP 00000000)
[    0.034804] ACPI: BOOT 0x0000000017EFFBD9 000027 (v01 PTLTD  $SBFTBL$ 00001000  LTP 00000001)
[    0.034840] ACPI: Reserving FACP table memory at [mem 0x17effb0b-0x17effb7e]
[    0.034860] ACPI: Reserving DSDT table memory at [mem 0x17ef9b4d-0x17effb0a]
[    0.034877] ACPI: Reserving FACS table memory at [mem 0x17efffc0-0x17efffff]
[    0.034893] ACPI: Reserving APIC table memory at [mem 0x17effb7f-0x17effbd8]
[    0.034910] ACPI: Reserving BOOT table memory at [mem 0x17effbd9-0x17effbff]
[    0.035043] No NUMA configuration found
[    0.035057] Faking a node at [mem 0x0000000000000000-0x0000000017eeffff]
[    0.035092] NODE_DATA(0) allocated [mem 0x174bf000-0x174c0fff]
[    0.035138] 0MB HIGHMEM available.
[    0.035150] 382MB LOWMEM available.
[    0.035188]   mapped low ram: 0 - 17ef0000
[    0.035200]   low ram: 0 - 17ef0000
[    0.035280] Zone ranges:
[    0.035292]   DMA      [mem 0x0000000000001000-0x0000000000ffffff]
[    0.035315]   Normal   [mem 0x0000000001000000-0x0000000017eeffff]
[    0.035336]   HighMem  empty
[    0.035352] Movable zone start for each node
[    0.035362] Early memory node ranges
[    0.035372]   node   0: [mem 0x0000000000001000-0x000000000009efff]
[    0.035389]   node   0: [mem 0x0000000000100000-0x0000000017eeffff]
[    0.035407] Initmem setup node 0 [mem 0x0000000000001000-0x0000000017eeffff]
[    0.035470] On node 0, zone DMA: 1 pages in unavailable ranges
[    0.036261] On node 0, zone DMA: 97 pages in unavailable ranges
[    0.066898] On node 0, zone Normal: 33040 pages in unavailable ranges
[    0.066942] Using APIC driver default
[    0.067215] ACPI: PM-Timer IO Port: 0x1008
[    0.067292] ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1])
[    0.067353] IOAPIC[0]: apic_id 1, version 32, address 0xfec00000, GSI 0-23
[    0.067388] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 high edge)
[    0.067413] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[    0.067450] ACPI: Using ACPI (MADT) for SMP configuration information
[    0.067474] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
[    0.067594] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
[    0.067623] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[    0.067639] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000dffff]
[    0.067652] PM: hibernation: Registered nosave memory: [mem 0x000e0000-0x000fffff]
[    0.067678] [mem 0x18000000-0xffefffff] available for PCI devices
[    0.067693] Booting paravirtualized kernel on bare hardware
[    0.067718] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
[    0.067790] setup_percpu: NR_CPUS:32 nr_cpumask_bits:32 nr_cpu_ids:1 nr_node_ids:1
[    0.069439] percpu: Embedded 34 pages/cpu s108556 r0 d30708 u139264
[    0.069731] Built 1 zonelists, mobility grouping on.  Total pages: 96976
[    0.069769] Policy zone: Normal
[    0.069784] Kernel command line: auto BOOT_IMAGE=generic ro panic=30 consoleblank=0 gpt vt.default_utf8=1 console=ttyS0,9600n8 ct
[    0.070970] Unknown command line parameters: auto BOOT_IMAGE=generic
[    0.072302] Dentry cache hash table entries: 65536 (order: 6, 262144 bytes, linear)
[    0.073128] Inode-cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.073377] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.073442] Initializing HighMem for node 0 (00000000:00000000)
[    0.102061] Checking if this processor honours the WP bit even in supervisor mode...Ok.
[    0.102160] Memory: 357560K/391736K available (9623K kernel code, 1876K rwdata, 3908K rodata, 924K init, 600K bss, 34176K reserv)
[    0.102205] random: get_random_u32 called from __kmem_cache_create+0x21/0x510 with crng_init=0
[    0.103810] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.103985] Kernel/User page tables isolation: enabled
[    0.104087] ftrace: allocating 40478 entries in 80 pages
[    0.274419] ftrace: allocated 80 pages with 2 groups
[    0.275463] trace event string verifier disabled
[    0.276089] rcu: Hierarchical RCU implementation.
[    0.276125] rcu:     RCU dyntick-idle grace-period acceleration is enabled.
[    0.276137] rcu:     RCU restricting CPUs from NR_CPUS=32 to nr_cpu_ids=1.
[    0.276155]  Rude variant of Tasks RCU enabled.
[    0.276164]  Tracing variant of Tasks RCU enabled.
[    0.276178] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
[    0.276191] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[    0.285133] NR_IRQS: 2304, nr_irqs: 256, preallocated irqs: 16
[    0.285911] rcu:     Offload RCU callbacks from CPUs: (none).
[    0.288971] Console: colour VGA+ 80x25
[    0.296624] printk: console [tty0] enabled
[    7.513807] printk: console [ttyS0] enabled
[    7.564139] ACPI: Core revision 20210604
[    7.611810] APIC: Switch to symmetric I/O mode setup
[    7.671367] Enabling APIC mode:  Flat.  Using 1 I/O APICs
[    7.736728] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[    7.813687] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x7a9b50fc70, max_idle_ns: 440795215981 ns
[    7.938730] Calibrating delay loop (skipped), value calculated using timer frequency.. 1063.23 BogoMIPS (lpj=531615)
[    7.939710] pid_max: default: 32768 minimum: 301
[    7.941012] LSM: Security Framework initializing
[    7.941885] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    7.942735] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    7.947285] Last level iTLB entries: 4KB 32, 2MB 0, 4MB 2
[    7.947724] Last level dTLB entries: 4KB 64, 2MB 0, 4MB 8, 1GB 0
[    7.948735] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[    7.949716] Spectre V2 : Mitigation: Full generic retpoline
[    7.950709] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[    7.951710] Speculative Store Bypass: Vulnerable
[    7.952728] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
[    8.004471] Freeing SMP alternatives memory: 40K
[    8.108411] smpboot: CPU0: Intel Celeron (Mendocino) (family: 0x6, model: 0x6, stepping: 0x5)
[    8.111448] Performance Events: p6 PMU driver.
[    8.111726] ... version:                0
[    8.112713] ... bit width:              32
[    8.113710] ... generic registers:      2
[    8.114710] ... value mask:             00000000ffffffff
[    8.115710] ... max period:             000000007fffffff
[    8.117710] ... fixed-purpose events:   0
[    8.118710] ... event mask:             0000000000000003
[    8.120810] rcu: Hierarchical SRCU implementation.
[    8.123395] smp: Bringing up secondary CPUs ...
[    8.123740] smp: Brought up 1 node, 1 CPU
[    8.124714] smpboot: Max logical packages: 1
[    8.125712] smpboot: Total of 1 processors activated (1063.23 BogoMIPS)
[    8.129260] devtmpfs: initialized
[    8.133280] ACPI: PM: Registering ACPI NVS region [mem 0x17effc00-0x17efffff] (1024 bytes)
[    8.134967] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
[    8.135797] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
[    8.137229] pinctrl core: initialized pinctrl subsystem
[    8.141549] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    8.144051] audit: initializing netlink subsys (disabled)
[    8.146606] thermal_sys: Registered thermal governor 'fair_share'
[    8.146639] thermal_sys: Registered thermal governor 'bang_bang'
[    8.146729] thermal_sys: Registered thermal governor 'step_wise'
[    8.147711] thermal_sys: Registered thermal governor 'user_space'
[    8.148755] audit: type=2000 audit(1633374988.215:1): state=initialized audit_enabled=0 res=1
[    8.150800] cpuidle: using governor ladder
[    8.151719] cpuidle: using governor menu
[    8.153953] Simple Boot Flag at 0x35 set to 0x1
[    8.154805] ACPI: bus type PCI registered
[    8.155721] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
[    8.159595] PCI: PCI BIOS revision 2.10 entry at 0xfd9c0, last bus=1
[    8.159722] PCI: Using configuration type 1 for base access
[    8.183790] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[    8.196115] cryptd: max_cpu_qlen set to 1000
[    8.225958] raid6: skip pq benchmark and using algorithm mmxx2
[    8.226730] raid6: using intx1 recovery algorithm
[    8.229133] ACPI: Added _OSI(Module Device)
[    8.229741] ACPI: Added _OSI(Processor Device)
[    8.230714] ACPI: Added _OSI(3.0 _SCP Extensions)
[    8.231718] ACPI: Added _OSI(Processor Aggregator Device)
[    8.232716] ACPI: Added _OSI(Linux-Dell-Video)
[    8.233715] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[    8.234715] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
[    8.266310] ACPI: 1 ACPI AML tables successfully acquired and loaded
[    8.274523] ACPI: Interpreter enabled
[    8.274870] ACPI: PM: (supports S0 S1 S4 S5)
[    8.275717] ACPI: Using IOAPIC for interrupt routing
[    8.276987] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[    8.279128] ACPI: Enabled 2 GPEs in block 00 to 0F
[    8.279701] ACPI: Enabled 2 GPEs in block 10 to 1F
[    8.473864] acpi LNXCPU:00: Invalid PBLK length [5]
[    8.477045] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[    8.477745] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI EDR HPX-Type3]
[    8.478801] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
[    8.481938] PCI host bridge to bus 0000:00
[    8.482726] pci_bus 0000:00: root bus resource [io  0x0000-0x0cf7 window]
[    8.483715] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[    8.484714] pci_bus 0000:00: root bus resource [mem 0x000c0000-0x000cffff window]
[    8.485714] pci_bus 0000:00: root bus resource [mem 0x000d0000-0x000dffff window]
[    8.486715] pci_bus 0000:00: root bus resource [mem 0x18000000-0xfebfffff window]
[    8.487715] pci_bus 0000:00: root bus resource [io  0x0d00-0xffff window]
[    8.488718] pci_bus 0000:00: root bus resource [bus 00-ff]
[    8.489802] pci 0000:00:00.0: [8086:7124] type 00 class 0x060000
[    8.492207] pci 0000:00:01.0: [8086:7125] type 00 class 0x030000
[    8.492757] pci 0000:00:01.0: reg 0x10: [mem 0xf8000000-0xfbffffff pref]
[    8.493724] pci 0000:00:01.0: reg 0x14: [mem 0xf4000000-0xf407ffff]
[    8.496343] pci 0000:00:1e.0: [8086:2418] type 01 class 0x060400
[    8.498331] pci 0000:00:1f.0: [8086:2410] type 00 class 0x060100
[    8.498883] pci 0000:00:1f.0: quirk: [io  0x1000-0x107f] claimed by ICH4 ACPI/GPIO/TCO
[    8.499729] pci 0000:00:1f.0: quirk: [io  0x1180-0x11bf] claimed by ICH4 GPIO
[    8.501841] pci 0000:00:1f.1: [8086:2411] type 00 class 0x010180
[    8.502799] pci 0000:00:1f.1: reg 0x20: [io  0x1800-0x180f]
[    8.503745] pci 0000:00:1f.1: legacy IDE quirk: reg 0x10: [io  0x01f0-0x01f7]
[    8.504714] pci 0000:00:1f.1: legacy IDE quirk: reg 0x14: [io  0x03f6]
[    8.505714] pci 0000:00:1f.1: legacy IDE quirk: reg 0x18: [io  0x0170-0x0177]
[    8.506713] pci 0000:00:1f.1: legacy IDE quirk: reg 0x1c: [io  0x0376]
[    8.509062] pci 0000:00:1f.2: [8086:2412] type 00 class 0x0c0300
[    8.509805] pci 0000:00:1f.2: reg 0x20: [io  0x1820-0x183f]
[    8.511921] pci 0000:00:1f.5: [8086:2415] type 00 class 0x040100
[    8.512761] pci 0000:00:1f.5: reg 0x10: [io  0x2000-0x20ff]
[    8.513728] pci 0000:00:1f.5: reg 0x14: [io  0x1840-0x187f]
[    8.516455] pci_bus 0000:01: extended config space not accessible
[    8.517790] pci 0000:01:0b.0: [1397:2bd0] type 00 class 0x028000
[    8.518741] pci 0000:01:0b.0: reg 0x10: [io  0x3000-0x3007]
[    8.519724] pci 0000:01:0b.0: reg 0x14: [mem 0xf4100000-0xf41000ff]
[    8.520885] pci 0000:01:0b.0: supports D1 D2
[    8.521716] pci 0000:01:0b.0: PME# supported from D0 D1 D2 D3hot
[    8.523106] pci 0000:01:0d.0: [10b7:9200] type 00 class 0x020000
[    8.523755] pci 0000:01:0d.0: reg 0x10: [io  0x3080-0x30ff]
[    8.524727] pci 0000:01:0d.0: reg 0x14: [mem 0xf4100400-0xf410047f]
[    8.525774] pci 0000:01:0d.0: reg 0x30: [mem 0x00000000-0x0001ffff pref]
[    8.526837] pci 0000:01:0d.0: supports D1 D2
[    8.527717] pci 0000:01:0d.0: PME# supported from D0 D1 D2 D3hot D3cold
[    8.529124] pci 0000:01:0e.0: [1033:0035] type 00 class 0x0c0310
[    8.529753] pci 0000:01:0e.0: reg 0x10: [mem 0xf4101000-0xf4101fff]
[    8.531889] pci 0000:01:0e.0: supports D1 D2
[    8.532717] pci 0000:01:0e.0: PME# supported from D0 D1 D2 D3hot
[    8.534149] pci 0000:01:0e.1: [1033:0035] type 00 class 0x0c0310
[    8.534760] pci 0000:01:0e.1: reg 0x10: [mem 0xf4102000-0xf4102fff]
[    8.536899] pci 0000:01:0e.1: supports D1 D2
[    8.537716] pci 0000:01:0e.1: PME# supported from D0 D1 D2 D3hot
[    8.539074] pci 0000:01:0e.2: [1033:00e0] type 00 class 0x0c0320
[    8.539749] pci 0000:01:0e.2: reg 0x10: [mem 0xf4100800-0xf41008ff]
[    8.541876] pci 0000:01:0e.2: supports D1 D2
[    8.542714] pci 0000:01:0e.2: PME# supported from D0 D1 D2 D3hot
[    8.544104] pci 0000:00:1e.0: PCI bridge to [bus 01] (subtractive decode)
[    8.544736] pci 0000:00:1e.0:   bridge window [io  0x3000-0x3fff]
[    8.545718] pci 0000:00:1e.0:   bridge window [mem 0xf4100000-0xf41fffff]
[    8.546721] pci 0000:00:1e.0:   bridge window [io  0x0000-0x0cf7 window] (subtractive decode)
[    8.547716] pci 0000:00:1e.0:   bridge window [mem 0x000a0000-0x000bffff window] (subtractive decode)
[    8.548714] pci 0000:00:1e.0:   bridge window [mem 0x000c0000-0x000cffff window] (subtractive decode)
[    8.549714] pci 0000:00:1e.0:   bridge window [mem 0x000d0000-0x000dffff window] (subtractive decode)
[    8.550715] pci 0000:00:1e.0:   bridge window [mem 0x18000000-0xfebfffff window] (subtractive decode)
[    8.551714] pci 0000:00:1e.0:   bridge window [io  0x0d00-0xffff window] (subtractive decode)
[    8.555135] ACPI: PCI: Interrupt link LNKA configured for IRQ 11
[    8.556777] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
[    8.558194] ACPI: PCI: Interrupt link LNKC configured for IRQ 5
[    8.559788] ACPI: PCI: Interrupt link LNKD configured for IRQ 9
[    8.564008] iommu: Default domain type: Translated
[    8.565979] pci 0000:00:01.0: vgaarb: setting as boot VGA device
[    8.566701] pci 0000:00:01.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
[    8.566741] pci 0000:00:01.0: vgaarb: bridge control possible
[    8.567716] vgaarb: loaded
[    8.571055] SCSI subsystem initialized
[    8.572719] ACPI: bus type USB registered
[    8.573938] usbcore: registered new interface driver usbfs
[    8.574819] usbcore: registered new interface driver hub
[    8.575873] usbcore: registered new device driver usb
[    8.576892] pps_core: LinuxPPS API ver. 1 registered
[    8.577714] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    8.578740] PTP clock support registered
[    8.581015] EDAC MC: Ver: 3.0.0
[    8.584824] PCI: Using ACPI for IRQ routing
[    8.587663] clocksource: Switched to clocksource tsc-early
[    8.715847] VFS: Disk quotas dquot_6.6.0
[    9.054721] clocksource: timekeeping watchdog on CPU0: Marking clocksource 'tsc-early' as unstable because the skew is too large:
[    9.194370] clocksource:                       'refined-jiffies' wd_nsec: 503923392 wd_now: fffb7018 wd_last: fffb6e20 mask: ffff
[    9.338164] clocksource:                       'tsc-early' cs_nsec: 6702584311 cs_now: 83820308a cs_last: 763be2891 mask: fffffff
[    9.487168] clocksource:                       'tsc-early' is current clocksource.
[    9.577842] tsc: Marking TSC unstable due to clocksource watchdog
[   10.998226] clocksource: Switched to clocksource refined-jiffies
[   11.000385] VFS: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
[   11.002569] pnp: PnP ACPI init
[   11.004798] system 00:00: [io  0x1000-0x107f] has been reserved
[   11.005249] system 00:00: [io  0x1180-0x11bf] has been reserved
[   11.006209] system 00:00: [io  0x04d0-0x04d1] has been reserved
[   11.007210] system 00:00: [io  0x0290-0x0297] has been reserved
[   11.008214] system 00:00: [io  0x0400-0x0404] has been reserved
[   11.009210] system 00:00: [io  0xfe00-0xfe0f] has been reserved
[   11.010215] system 00:00: [mem 0xfec00000-0xfec00fff] could not be reserved
[   11.011207] system 00:00: [mem 0xfee00000-0xfee00fff] has been reserved
[   11.012210] system 00:00: [mem 0xff800000-0xffffffff] could not be reserved
[   11.093727] pnp: PnP ACPI: found 9 devices
[   11.148306] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[   11.149268] clocksource: Switched to clocksource acpi_pm
[   11.213931] NET: Registered PF_INET protocol family
[   11.273001] IP idents hash table entries: 8192 (order: 4, 65536 bytes, linear)
[   11.361862] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 6144 bytes, linear)
[   11.462333] TCP established hash table entries: 4096 (order: 2, 16384 bytes, linear)
[   11.555390] TCP bind hash table entries: 4096 (order: 3, 32768 bytes, linear)
[   11.641144] TCP: Hash tables configured (established 4096 bind 4096)
[   11.718098] MPTCP token hash table entries: 512 (order: 1, 8192 bytes, linear)
[   11.805027] UDP hash table entries: 256 (order: 1, 8192 bytes, linear)
[   11.883430] UDP-Lite hash table entries: 256 (order: 1, 8192 bytes, linear)
[   11.967335] NET: Registered PF_UNIX/PF_LOCAL protocol family
[   12.037010] RPC: Registered named UNIX socket transport module.
[   12.108079] RPC: Registered udp transport module.
[   12.164507] RPC: Registered tcp transport module.
[   12.220864] RPC: Registered tcp NFSv4.1 backchannel transport module.
[   12.298131] NET: Registered PF_XDP protocol family
[   12.355794] pci 0000:00:1e.0: BAR 15: assigned [mem 0x18000000-0x180fffff pref]
[   12.443493] pci 0000:01:0d.0: BAR 6: assigned [mem 0x18000000-0x1801ffff pref]
[   12.530129] pci 0000:00:1e.0: PCI bridge to [bus 01]
[   12.589721] pci 0000:00:1e.0:   bridge window [io  0x3000-0x3fff]
[   12.662804] pci 0000:00:1e.0:   bridge window [mem 0xf4100000-0xf41fffff]
[   12.744241] pci 0000:00:1e.0:   bridge window [mem 0x18000000-0x180fffff pref]
[   12.830851] pci_bus 0000:00: resource 4 [io  0x0000-0x0cf7 window]
[   12.904989] pci_bus 0000:00: resource 5 [mem 0x000a0000-0x000bffff window]
[   12.987438] pci_bus 0000:00: resource 6 [mem 0x000c0000-0x000cffff window]
[   13.069885] pci_bus 0000:00: resource 7 [mem 0x000d0000-0x000dffff window]
[   13.152241] pci_bus 0000:00: resource 8 [mem 0x18000000-0xfebfffff window]
[   13.234594] pci_bus 0000:00: resource 9 [io  0x0d00-0xffff window]
[   13.308633] pci_bus 0000:01: resource 0 [io  0x3000-0x3fff]
[   13.375387] pci_bus 0000:01: resource 1 [mem 0xf4100000-0xf41fffff]
[   13.450462] pci_bus 0000:01: resource 2 [mem 0x18000000-0x180fffff pref]
[   13.530737] pci_bus 0000:01: resource 4 [io  0x0000-0x0cf7 window]
[   13.604775] pci_bus 0000:01: resource 5 [mem 0x000a0000-0x000bffff window]
[   13.687127] pci_bus 0000:01: resource 6 [mem 0x000c0000-0x000cffff window]
[   13.769482] pci_bus 0000:01: resource 7 [mem 0x000d0000-0x000dffff window]
[   13.851835] pci_bus 0000:01: resource 8 [mem 0x18000000-0xfebfffff window]
[   13.934191] pci_bus 0000:01: resource 9 [io  0x0d00-0xffff window]
[   14.008919] pci 0000:00:01.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[   14.110462] pci 0000:00:01.0: pci_fixup_video+0x0/0xd0 took 99181 usecs
[   14.191046] pci 0000:01:0e.0: enabling device (0114 -> 0116)
[   14.260910] pci 0000:01:0e.0: quirk_usb_early_handoff+0x0/0x710 took 68258 usecs
[   14.349848] pci 0000:01:0e.1: enabling device (0114 -> 0116)
[   14.419488] pci 0000:01:0e.1: quirk_usb_early_handoff+0x0/0x710 took 68019 usecs
[   14.508445] pci 0000:01:0e.2: enabling device (0114 -> 0116)
[   14.578240] pci 0000:01:0e.2: quirk_usb_early_handoff+0x0/0x710 took 68167 usecs
[   14.667046] PCI: CLS 32 bytes, default 32
[   14.715676] Trying to unpack rootfs image as initramfs...
[   14.785663] Initialise system trusted keyrings
[   14.839272] Key type blacklist registered
[   14.935927] workingset: timestamp_bits=11 max_order=17 bucket_order=6
[   15.122699] zbud: loaded
[   15.189206] NFS: Registering the id_resolver key type
[   15.310457] Key type id_resolver registered
[   15.410863] Key type id_legacy registered
[   15.515683] nfs4filelayout_init: NFSv4 File Layout Driver Registering...
[   15.687016] nfs4flexfilelayout_init: NFSv4 Flexfile Layout Driver Registering...
[   15.880313] romfs: ROMFS MTD (C) 2007 Red Hat, Inc.
[   16.266779] xor: measuring software checksum speed
[   16.331119]    pII_mmx         :  1442 MB/sec
[   16.389952]    p5_mmx          :  1505 MB/sec
[   16.442146] xor: using function: p5_mmx (1505 MB/sec)
[   16.502673] async_tx: api initialized (async)
[   16.868099] Key type asymmetric registered
[   16.965546] Asymmetric key parser 'x509' registered
[   17.085586] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 244)
[   17.269789] io scheduler mq-deadline registered
[   17.380919] atomic64_test: passed for i586+ platform with CX8 and without SSE
[   17.555189] isapnp: Scanning for PnP cards...
[   18.350887] isapnp: No Plug & Play device found
[   18.553433] Freeing initrd memory: 10428K
[   18.617914] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[   18.693644] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[   18.791886] Floppy drive(s): fd0 is 1.44M
[   18.880314] brd: module loaded
[   18.930209] scsi host0: ata_piix
[   18.970835] FDC 0 is a post-1991 82077
[   19.017559] scsi host1: ata_piix
[   19.057405] ata1: PATA max UDMA/66 cmd 0x1f0 ctl 0x3f6 bmdma 0x1800 irq 14
[   19.139912] ata2: PATA max UDMA/66 cmd 0x170 ctl 0x376 bmdma 0x1808 irq 15
[   19.232257] i8042: PNP: PS/2 Controller [PNP0303:KBC0,PNP0f13:MSE0] at 0x60,0x64 irq 1,12
[   19.334899] serio: i8042 KBD port at 0x60,0x64 irq 1
[   19.395192] serio: i8042 AUX port at 0x60,0x64 irq 12
[   19.458568] ata1.00: ATA-5: WDC WD200EB-00CSF0, 04.01B04, max UDMA/100
[   19.536966] ata1.00: 39102336 sectors, multi 16: LBA
[   19.597750] ata2.00: HPA detected: current 39062500, native 39102336
[   19.673951] ata2.00: ATA-5: WDC WD200BB-18DEA0, 05.03E05, max UDMA/100
[   19.752228] ata2.00: 39062500 sectors, multi 16: LBA
[   19.813509] mousedev: PS/2 mouse device common for all mice
[   19.881090] rtc_cmos 00:01: RTC can wake from S4
[   19.938077] rtc_cmos 00:01: registered as rtc0
[   19.992016] rtc_cmos 00:01: alarms up to one month, y3k, 114 bytes nvram
[   20.074799] scsi 0:0:0:0: Direct-Access     ATA      WDC WD200EB-00CS 1B04 PQ: 0 ANSI: 5
[   20.172684] device-mapper: uevent: version 1.0.3
[   20.229228] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com
[   20.332823] sd 0:0:0:0: [sda] 39102336 512-byte logical blocks: (20.0 GB/18.6 GiB)
[   20.425590] scsi 1:0:0:0: Direct-Access     ATA      WDC WD200BB-18DE 3E05 PQ: 0 ANSI: 5
[   20.523192] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
[   20.626586] intel_pstate: CPU model not supported
[   20.683196] sd 0:0:0:0: [sda] Write Protect is off
[   20.743022] sd 1:0:0:0: [sdb] 39062500 512-byte logical blocks: (20.0 GB/18.6 GiB)
[   20.836436] Initializing XFRM netlink socket
[   20.888241] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[   20.997314] NET: Registered PF_PACKET protocol family
[   21.058269] sd 1:0:0:0: [sdb] Write Protect is off
[   21.116496] Key type dns_resolver registered
[   21.168190] sd 1:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[   21.281496] microcode: sig=0x665, pf=0x10, revision=0x3
[   21.345273] microcode: Microcode Update Driver: v2.2.
[   21.345319] IPI shorthand broadcast: enabled
[   21.457426]  sda: sda1 sda2 sda3
[   21.503615] registered taskstats version 1
[   21.553874] Loading compiled-in X.509 certificates
[   21.611956]  sdb: sdb1 sdb2
[   21.646262] sd 0:0:0:0: [sda] Attached SCSI disk
[   21.702238] zswap: loaded using pool lzo/zbud
[   21.759098] Key type ._fscrypt registered
[   21.808114] sd 1:0:0:0: [sdb] Attached SCSI disk
[   21.863583] Key type .fscrypt registered
[   21.910753] Key type fscrypt-provisioning registered
[   22.026812] Key type encrypted registered
[   22.076244] Unstable clock detected, switching default tracing clock to "global"
[   22.076244] If you want to keep using the local clock, then add:
[   22.076244]   "trace_clock=local"
[   22.076244] on the kernel command line
[   22.342821] Freeing unused kernel image (initmem) memory: 924K
[   22.413147] Write protecting kernel text and read-only data: 13532k
[   22.488377] rodata_test: all tests were successful
[   22.546247] Run /init as init process
[   22.610556] init[1] bad frame in sigreturn frame:(ptrval) ip:b7d46be6 sp:bff3af30 orax:ffffffff in libc-2.33.so[b7c94000+156000]
[   22.749531] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[   22.750240] CPU: 0 PID: 1 Comm: init Not tainted 5.14.9-smp #1
[   22.750240] Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
[   22.750240] Call Trace:
[   22.750240]  ? dump_stack_lvl+0x32/0x41
[   22.750240]  ? dump_stack+0xa/0xc
[   22.750240]  ? panic+0xa2/0x23f
[   22.750240]  ? do_exit.cold+0x94/0x94
[   22.750240]  ? do_group_exit+0x2a/0x80
[   22.750240]  ? get_signal+0x142/0x7a0
[   22.750240]  ? arch_do_signal_or_restart+0xb1/0x570
[   22.750240]  ? force_sig_info_to_task+0x65/0xf0
[   22.750240]  ? vprintk_emit+0x150/0x190
[   22.750240]  ? exit_to_user_mode_prepare+0x145/0x1e0
[   22.750240]  ? syscall_exit_to_user_mode+0x18/0x40
[   22.750240]  ? do_int80_syscall_32+0x3d/0x80
[   22.750240]  ? entry_INT80_32+0xf0/0xf0
[   22.750240] Kernel Offset: disabled

Regards,

Olmy

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
  2021-10-04 18:17   ` Ser Olmy
@ 2021-10-05 10:05     ` Borislav Petkov
  2021-10-06  0:42       ` Ser Olmy
  0 siblings, 1 reply; 10+ messages in thread
From: Borislav Petkov @ 2021-10-05 10:05 UTC (permalink / raw)
  To: Ser Olmy; +Cc: linux-kernel, x86-ml

On Mon, Oct 04, 2021 at 06:17:42PM +0000, Ser Olmy wrote:
> On Monday, October 4th, 2021 at 7:59 PM, Borislav Petkov <bp@alien8.de> wrote:
> >
> > I'm assuming your CPU cannot do 64-bit mode?
> 
> Correct, it's an old Socket 370 Celeron

Ok, thanks for the info.

On your next reply, can you please hit the "reply-to-all" button so that
I can get your reply and not have to go fish it out of the lkml flood? I
would've easily missed it if tglx didn't point me to it.

In any case, your CPU is too old for me to even find such a box and your
.config boots fine in qemu so I guess we'll have to debug it.

Can you apply the diff below on your 5.14.9 kernel, boot with it and
send full dmesg again?

Thx.

---
diff --git a/arch/x86/kernel/fpu/init.c b/arch/x86/kernel/fpu/init.c
index 64e29927cc32..5c6c11f831ed 100644
--- a/arch/x86/kernel/fpu/init.c
+++ b/arch/x86/kernel/fpu/init.c
@@ -112,7 +112,11 @@ static void __init fpu__init_system_mxcsr(void)
 		if (mask == 0)
 			mask = 0x0000ffbf;
 	}
+
 	mxcsr_feature_mask &= mask;
+
+	pr_info("%s: mxcsr_feature_mask: 0x%x, mask: 0x%x\n",
+		__func__, mxcsr_feature_mask, mask);
 }
 
 /*
diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
index 445c57c9c539..808a0ff85141 100644
--- a/arch/x86/kernel/fpu/signal.c
+++ b/arch/x86/kernel/fpu/signal.c
@@ -380,8 +380,11 @@ static int __fpu_restore_sig(void __user *buf, void __user *buf_fx,
 			return -EFAULT;
 
 		/* Reject invalid MXCSR values. */
-		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
+		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask) {
+			WARN_ONCE(1, "fpu->state.fxsave.mxcsr: 0x%x, mxcsr_feature_mask: 0x%x\n",
+				  fpu->state.fxsave.mxcsr, mxcsr_feature_mask);
 			return -EINVAL;
+		}
 
 		/* Enforce XFEATURE_MASK_FPSSE when XSAVE is enabled */
 		if (use_xsave())


-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
  2021-10-05 10:05     ` Borislav Petkov
@ 2021-10-06  0:42       ` Ser Olmy
  2021-10-06 13:34         ` Borislav Petkov
  0 siblings, 1 reply; 10+ messages in thread
From: Ser Olmy @ 2021-10-06  0:42 UTC (permalink / raw)
  To: Borislav Petkov; +Cc: linux-kernel, x86-ml

On Tuesday, October 5th, 2021 at 12:05 PM, Borislav Petkov <bp@alien8.de> wrote:
>
> Can you apply the diff below on your 5.14.9 kernel, boot with it and
>
> send full dmesg again?

Sure:

[    0.000000] Linux version 5.14.9 (root@test.test.lan) (gcc (GCC) 11.2.0, GNU ld version 2.37-slack15) #1 SMP Tue Oct 5 21:39:21
[    0.000000] fpu__init_system_mxcsr: mxcsr_feature_mask: 0xffbf, mask: 0xffbf
[    0.000000] x86/fpu: x87 FPU will use FXSAVE
[    0.000000] signal: max sigframe size: 1440
[    0.000000] BIOS-provided physical RAM map:
[    0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009f7ff] usable
[    0.000000] BIOS-e820: [mem 0x000000000009f800-0x000000000009ffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
[    0.000000] BIOS-e820: [mem 0x0000000000100000-0x0000000017eeffff] usable
[    0.000000] BIOS-e820: [mem 0x0000000017ef0000-0x0000000017effbff] ACPI data
[    0.000000] BIOS-e820: [mem 0x0000000017effc00-0x0000000017efffff] ACPI NVS
[    0.000000] BIOS-e820: [mem 0x0000000017f00000-0x0000000017ffffff] reserved
[    0.000000] BIOS-e820: [mem 0x00000000fff00000-0x00000000ffffffff] reserved
[    0.000000] Notice: NX (Execute Disable) protection missing in CPU!
[    0.000000] SMBIOS 2.3 present.
[    0.000000] DMI: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
[    0.000000] tsc: Fast TSC calibration using PIT
[    0.000000] tsc: Detected 531.638 MHz processor
[    0.004132] last_pfn = 0x17ef0 max_arch_pfn = 0x1000000
[    0.004417] x86/PAT: PAT not supported by the CPU.
[    0.006077] x86/PAT: Configuration [0-7]: WB  WT  UC- UC  WB  WT  UC- UC
[    0.035166] RAMDISK: [mem 0x17492000-0x17eeffff]
[    0.035212] ACPI: Early table checksum verification disabled
[    0.035248] ACPI: RSDP 0x00000000000F6510 000014 (v00 PTLTD )
[    0.035292] ACPI: RSDT 0x0000000017EF9B1D 000030 (v01 HP     HPBDD_JD 00001000  LTP 00000000)
[    0.035343] ACPI: FACP 0x0000000017EFFB0B 000074 (v01 HP     HPBDD_JD 00001000 PTL  00001002)
[    0.035400] ACPI: DSDT 0x0000000017EF9B4D 005FBE (v01 HP     HPBDD_IZ 00001000 MSFT 0100000B)
[    0.035442] ACPI: FACS 0x0000000017EFFFC0 000040
[    0.035477] ACPI: APIC 0x0000000017EFFB7F 00005A (v01 HP     HPBDD_JD 00001000  LTP 00000000)
[    0.035518] ACPI: BOOT 0x0000000017EFFBD9 000027 (v01 PTLTD  $SBFTBL$ 00001000  LTP 00000001)
[    0.035554] ACPI: Reserving FACP table memory at [mem 0x17effb0b-0x17effb7e]
[    0.035575] ACPI: Reserving DSDT table memory at [mem 0x17ef9b4d-0x17effb0a]
[    0.035593] ACPI: Reserving FACS table memory at [mem 0x17efffc0-0x17efffff]
[    0.035611] ACPI: Reserving APIC table memory at [mem 0x17effb7f-0x17effbd8]
[    0.035629] ACPI: Reserving BOOT table memory at [mem 0x17effbd9-0x17effbff]
[    0.035743] 382MB LOWMEM available.
[    0.035759]   mapped low ram: 0 - 17ef0000
[    0.035772]   low ram: 0 - 17ef0000
[    0.035800] cma: Reserved 16 MiB at 0x0000000016400000
[    0.035830] Zone ranges:
[    0.035840]   DMA      [mem 0x0000000000001000-0x0000000000ffffff]
[    0.035861]   Normal   [mem 0x0000000001000000-0x0000000017eeffff]
[    0.035883] Movable zone start for each node
[    0.035893] Early memory node ranges
[    0.035902]   node   0: [mem 0x0000000000001000-0x000000000009efff]
[    0.035919]   node   0: [mem 0x0000000000100000-0x0000000017eeffff]
[    0.035939] Initmem setup node 0 [mem 0x0000000000001000-0x0000000017eeffff]
[    0.072818] Using APIC driver default
[    0.073119] ACPI: PM-Timer IO Port: 0x1008
[    0.073184] ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1])
[    0.073237] IOAPIC[0]: apic_id 1, version 32, address 0xfec00000, GSI 0-23
[    0.073269] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 high edge)
[    0.073293] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[    0.073328] ACPI: Using ACPI (MADT) for SMP configuration information
[    0.073354] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
[    0.073473] PM: hibernation: Registered nosave memory: [mem 0x00000000-0x00000fff]
[    0.073500] PM: hibernation: Registered nosave memory: [mem 0x0009f000-0x0009ffff]
[    0.073515] PM: hibernation: Registered nosave memory: [mem 0x000a0000-0x000dffff]
[    0.073530] PM: hibernation: Registered nosave memory: [mem 0x000e0000-0x000fffff]
[    0.073554] [mem 0x18000000-0xffefffff] available for PCI devices
[    0.073585] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns
[    0.073659] setup_percpu: NR_CPUS:32 nr_cpumask_bits:32 nr_cpu_ids:1 nr_node_ids:1
[    0.075411] percpu: Embedded 36 pages/cpu s116300 r0 d31156 u147456
[    0.075667] Built 1 zonelists, mobility grouping on.  Total pages: 97168
[    0.075705] Kernel command line: auto BOOT_IMAGE=5.14.9-test ro panic=30 consoleblank=0 gpt vt.default_utf8=1 console=ttyS0,9600n8
[    0.076804] Unknown command line parameters: auto BOOT_IMAGE=5.14.9-test
[    0.078112] Dentry cache hash table entries: 65536 (order: 6, 262144 bytes, linear)
[    0.078930] Inode-cache hash table entries: 32768 (order: 5, 131072 bytes, linear)
[    0.079152] mem auto-init: stack:off, heap alloc:off, heap free:off
[    0.101941] Checking if this processor honours the WP bit even in supervisor mode...Ok.
[    0.102041] Memory: 344184K/391736K available (9197K kernel code, 1670K rwdata, 3592K rodata, 992K init, 624K bss, 31168K reserv)
[    0.102500] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.102597] Kernel/User page tables isolation: enabled
[    0.102679] ftrace: allocating 39072 entries in 77 pages
[    0.196722] ftrace: allocated 77 pages with 4 groups
[    0.197685] trace event string verifier disabled
[    0.198213] rcu: Hierarchical RCU implementation.
[    0.198251] rcu:     RCU restricting CPUs from NR_CPUS=32 to nr_cpu_ids=1.
[    0.198270]  Trampoline variant of Tasks RCU enabled.
[    0.198280]  Rude variant of Tasks RCU enabled.
[    0.198289]  Tracing variant of Tasks RCU enabled.
[    0.198300] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies.
[    0.198312] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[    0.205150] NR_IRQS: 2304, nr_irqs: 256, preallocated irqs: 16
[    0.208911] Console: colour VGA+ 80x25
[    0.215633] printk: console [tty0] enabled
[    6.701438] printk: console [ttyS0] enabled
[    6.751602] ACPI: Core revision 20210604
[    6.799164] APIC: Switch to symmetric I/O mode setup
[    6.858680] Enabling APIC mode:  Flat.  Using 1 I/O APICs
[    6.924022] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1
[    7.000057] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x7a9cac8195, max_idle_ns: 440795211740 ns
[    7.125065] Calibrating delay loop (skipped), value calculated using timer frequency.. 1063.27 BogoMIPS (lpj=531638)
[    7.126072] pid_max: default: 32768 minimum: 301
[    7.127252] LSM: Security Framework initializing
[    7.128179] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    7.129089] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes, linear)
[    7.132877] Last level iTLB entries: 4KB 32, 2MB 0, 4MB 2
[    7.133096] Last level dTLB entries: 4KB 64, 2MB 0, 4MB 8, 1GB 0
[    7.134073] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[    7.135076] Spectre V2 : Spectre mitigation: kernel not compiled with retpoline; no mitigation available!
[    7.135086] Speculative Store Bypass: Vulnerable
[    7.137074] MDS: Vulnerable: Clear CPU buffers attempted, no microcode
[    7.175393] Freeing SMP alternatives memory: 32K
[    7.280217] smpboot: CPU0: Intel Celeron (Mendocino) (family: 0x6, model: 0x6, stepping: 0x5)
[    7.283538] Performance Events: p6 PMU driver.
[    7.284085] ... version:                0
[    7.285073] ... bit width:              32
[    7.287071] ... generic registers:      2
[    7.288071] ... value mask:             00000000ffffffff
[    7.289071] ... max period:             000000007fffffff
[    7.290072] ... fixed-purpose events:   0
[    7.291070] ... event mask:             0000000000000003
[    7.292874] rcu: Hierarchical SRCU implementation.
[    7.294633] smp: Bringing up secondary CPUs ...
[    7.296080] smp: Brought up 1 node, 1 CPU
[    7.297080] smpboot: Max logical packages: 1
[    7.298070] smpboot: Total of 1 processors activated (1063.27 BogoMIPS)
[    7.301235] devtmpfs: initialized
[    7.304441] random: get_random_u32 called from bucket_table_alloc.isra.0+0x5d/0x130 with crng_init=0
[    7.307276] ACPI: PM: Registering ACPI NVS region [mem 0x17effc00-0x17efffff] (1024 bytes)
[    7.308511] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns
[    7.309102] futex hash table entries: 256 (order: 2, 16384 bytes, linear)
[    7.312360] prandom: seed boundary self test passed
[    7.319019] prandom: 100 self tests passed
[    7.362651] prandom32: self test passed (less than 6 bits correlated)
[    7.363072] pinctrl core: initialized pinctrl subsystem
[    7.366623] NET: Registered PF_NETLINK/PF_ROUTE protocol family
[    7.368910] audit: initializing netlink subsys (disabled)
[    7.371522] thermal_sys: Registered thermal governor 'fair_share'
[    7.371549] thermal_sys: Registered thermal governor 'bang_bang'
[    7.372092] thermal_sys: Registered thermal governor 'step_wise'
[    7.373075] thermal_sys: Registered thermal governor 'user_space'
[    7.374121] cpuidle: using governor ladder
[    7.376074] cpuidle: using governor menu
[    7.378456] Simple Boot Flag at 0x35 set to 0x1
[    7.380091] ACPI: bus type PCI registered
[    7.381080] acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5
[    7.384653] PCI: PCI BIOS revision 2.10 entry at 0xfd9c0, last bus=1
[    7.385083] PCI: Using configuration type 1 for base access
[    7.399303] audit: type=2000 audit(1633485980.253:1): state=initialized audit_enabled=0 res=1
[    7.420478] ACPI: Added _OSI(Module Device)
[    7.421095] ACPI: Added _OSI(Processor Device)
[    7.422084] ACPI: Added _OSI(3.0 _SCP Extensions)
[    7.423083] ACPI: Added _OSI(Processor Aggregator Device)
[    7.425075] ACPI: Added _OSI(Linux-Dell-Video)
[    7.426076] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[    7.427075] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
[    7.454049] ACPI: 1 ACPI AML tables successfully acquired and loaded
[    7.461483] ACPI: Interpreter enabled
[    7.462227] ACPI: PM: (supports S0 S1 S4 S5)
[    7.463078] ACPI: Using IOAPIC for interrupt routing
[    7.464343] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[    7.467030] ACPI: Enabled 2 GPEs in block 00 to 0F
[    7.467062] ACPI: Enabled 2 GPEs in block 10 to 1F
[    7.636640] acpi LNXCPU:00: Invalid PBLK length [5]
[    7.638670] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[    7.639113] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI HPX-Type3]
[    7.640115] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.
[    7.643593] PCI host bridge to bus 0000:00
[    7.644098] pci_bus 0000:00: root bus resource [io  0x0000-0x0cf7 window]
[    7.645077] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[    7.646076] pci_bus 0000:00: root bus resource [mem 0x000c0000-0x000cffff window]
[    7.647076] pci_bus 0000:00: root bus resource [mem 0x000d0000-0x000dffff window]
[    7.648076] pci_bus 0000:00: root bus resource [mem 0x18000000-0xfebfffff window]
[    7.649076] pci_bus 0000:00: root bus resource [io  0x0d00-0xffff window]
[    7.650080] pci_bus 0000:00: root bus resource [bus 00-ff]
[    7.651158] pci 0000:00:00.0: [8086:7124] type 00 class 0x060000
[    7.652622] pci 0000:00:01.0: [8086:7125] type 00 class 0x030000
[    7.653118] pci 0000:00:01.0: reg 0x10: [mem 0xf8000000-0xfbffffff pref]
[    7.654087] pci 0000:00:01.0: reg 0x14: [mem 0xf4000000-0xf407ffff]
[    7.655656] pci 0000:00:1e.0: [8086:2418] type 01 class 0x060400
[    7.657701] pci 0000:00:1f.0: [8086:2410] type 00 class 0x060100
[    7.658254] pci 0000:00:1f.0: quirk: [io  0x1000-0x107f] claimed by ICH4 ACPI/GPIO/TCO
[    7.659086] pci 0000:00:1f.0: quirk: [io  0x1180-0x11bf] claimed by ICH4 GPIO
[    7.661147] pci 0000:00:1f.1: [8086:2411] type 00 class 0x010180
[    7.662159] pci 0000:00:1f.1: reg 0x20: [io  0x1800-0x180f]
[    7.664082] pci 0000:00:1f.1: legacy IDE quirk: reg 0x10: [io  0x01f0-0x01f7]
[    7.665072] pci 0000:00:1f.1: legacy IDE quirk: reg 0x14: [io  0x03f6]
[    7.666074] pci 0000:00:1f.1: legacy IDE quirk: reg 0x18: [io  0x0170-0x0177]
[    7.667074] pci 0000:00:1f.1: legacy IDE quirk: reg 0x1c: [io  0x0376]
[    7.669267] pci 0000:00:1f.2: [8086:2412] type 00 class 0x0c0300
[    7.670164] pci 0000:00:1f.2: reg 0x20: [io  0x1820-0x183f]
[    7.671857] pci 0000:00:1f.5: [8086:2415] type 00 class 0x040100
[    7.672124] pci 0000:00:1f.5: reg 0x10: [io  0x2000-0x20ff]
[    7.673090] pci 0000:00:1f.5: reg 0x14: [io  0x1840-0x187f]
[    7.675400] pci_bus 0000:01: extended config space not accessible
[    7.676298] pci 0000:01:0b.0: [1397:2bd0] type 00 class 0x028000
[    7.677115] pci 0000:01:0b.0: reg 0x10: [io  0x3000-0x3007]
[    7.678085] pci 0000:01:0b.0: reg 0x14: [mem 0xf4100000-0xf41000ff]
[    7.679245] pci 0000:01:0b.0: supports D1 D2
[    7.680081] pci 0000:01:0b.0: PME# supported from D0 D1 D2 D3hot
[    7.682417] pci 0000:01:0d.0: [10b7:9200] type 00 class 0x020000
[    7.683121] pci 0000:01:0d.0: reg 0x10: [io  0x3080-0x30ff]
[    7.684089] pci 0000:01:0d.0: reg 0x14: [mem 0xf4100400-0xf410047f]
[    7.685136] pci 0000:01:0d.0: reg 0x30: [mem 0x00000000-0x0001ffff pref]
[    7.686194] pci 0000:01:0d.0: supports D1 D2
[    7.687076] pci 0000:01:0d.0: PME# supported from D0 D1 D2 D3hot D3cold
[    7.688416] pci 0000:01:0e.0: [1033:0035] type 00 class 0x0c0310
[    7.689119] pci 0000:01:0e.0: reg 0x10: [mem 0xf4101000-0xf4101fff]
[    7.690252] pci 0000:01:0e.0: supports D1 D2
[    7.691078] pci 0000:01:0e.0: PME# supported from D0 D1 D2 D3hot
[    7.692393] pci 0000:01:0e.1: [1033:0035] type 00 class 0x0c0310
[    7.693116] pci 0000:01:0e.1: reg 0x10: [mem 0xf4102000-0xf4102fff]
[    7.694249] pci 0000:01:0e.1: supports D1 D2
[    7.695079] pci 0000:01:0e.1: PME# supported from D0 D1 D2 D3hot
[    7.697244] pci 0000:01:0e.2: [1033:00e0] type 00 class 0x0c0320
[    7.698112] pci 0000:01:0e.2: reg 0x10: [mem 0xf4100800-0xf41008ff]
[    7.699242] pci 0000:01:0e.2: supports D1 D2
[    7.700079] pci 0000:01:0e.2: PME# supported from D0 D1 D2 D3hot
[    7.702149] pci 0000:00:1e.0: PCI bridge to [bus 01] (subtractive decode)
[    7.703083] pci 0000:00:1e.0:   bridge window [io  0x3000-0x3fff]
[    7.704079] pci 0000:00:1e.0:   bridge window [mem 0xf4100000-0xf41fffff]
[    7.705082] pci 0000:00:1e.0:   bridge window [io  0x0000-0x0cf7 window] (subtractive decode)
[    7.707072] pci 0000:00:1e.0:   bridge window [mem 0x000a0000-0x000bffff window] (subtractive decode)
[    7.708074] pci 0000:00:1e.0:   bridge window [mem 0x000c0000-0x000cffff window] (subtractive decode)
[    7.709075] pci 0000:00:1e.0:   bridge window [mem 0x000d0000-0x000dffff window] (subtractive decode)
[    7.710076] pci 0000:00:1e.0:   bridge window [mem 0x18000000-0xfebfffff window] (subtractive decode)
[    7.711076] pci 0000:00:1e.0:   bridge window [io  0x0d00-0xffff window] (subtractive decode)
[    7.714593] ACPI: PCI: Interrupt link LNKA configured for IRQ 11
[    7.716203] ACPI: PCI: Interrupt link LNKB configured for IRQ 10
[    7.717512] ACPI: PCI: Interrupt link LNKC configured for IRQ 5
[    7.719090] ACPI: PCI: Interrupt link LNKD configured for IRQ 9
[    7.724259] iommu: Default domain type: Translated
[    7.726342] pci 0000:00:01.0: vgaarb: setting as boot VGA device
[    7.727062] pci 0000:00:01.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none
[    7.727121] pci 0000:00:01.0: vgaarb: bridge control possible
[    7.728078] vgaarb: loaded
[    7.731153] SCSI subsystem initialized
[    7.732681] ACPI: bus type USB registered
[    7.734121] usbcore: registered new interface driver usbfs
[    7.735154] usbcore: registered new interface driver hub
[    7.736156] usbcore: registered new device driver usb
[    7.737354] pps_core: LinuxPPS API ver. 1 registered
[    7.739070] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    7.740108] PTP clock support registered
[    7.741243] EDAC MC: Ver: 3.0.0
[    7.745588] NetLabel: Initializing
[    7.746082] NetLabel:  domain hash size = 128
[    7.747071] NetLabel:  protocols = UNLABELED CIPSOv4 CALIPSO
[    7.748196] NetLabel:  unlabeled traffic allowed by default
[    7.749077] PCI: Using ACPI for IRQ routing
[    7.751968] clocksource: Switched to clocksource tsc-early
[    7.863543] VFS: Disk quotas dquot_6.6.0
[    7.910771] VFS: Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
[    7.994538] pnp: PnP ACPI init
[    8.032470] system 00:00: [io  0x1000-0x107f] has been reserved
[    8.103480] system 00:00: [io  0x1180-0x11bf] has been reserved
[    8.174473] system 00:00: [io  0x04d0-0x04d1] has been reserved
[    8.245378] system 00:00: [io  0x0290-0x0297] has been reserved
[    8.316305] system 00:00: [io  0x0400-0x0404] has been reserved
[    8.387204] system 00:00: [io  0xfe00-0xfe0f] has been reserved
[    8.458117] system 00:00: [mem 0xfec00000-0xfec00fff] could not be reserved
[    8.541616] system 00:00: [mem 0xfee00000-0xfee00fff] has been reserved
[    8.620838] system 00:00: [mem 0xff800000-0xffffffff] could not be reserved
[    8.771524] pnp: PnP ACPI: found 9 devices
[    8.900816] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[    9.007739] NET: Registered PF_INET protocol family
[    9.066627] IP idents hash table entries: 8192 (order: 4, 65536 bytes, linear)
[    9.154618] tcp_listen_portaddr_hash hash table entries: 512 (order: 0, 6144 bytes, linear)
[    9.254907] TCP established hash table entries: 4096 (order: 2, 16384 bytes, linear)
[    9.347834] TCP bind hash table entries: 4096 (order: 3, 32768 bytes, linear)
[    9.433462] TCP: Hash tables configured (established 4096 bind 4096)
[    9.510214] MPTCP token hash table entries: 512 (order: 1, 8192 bytes, linear)
[    9.596990] UDP hash table entries: 256 (order: 1, 8192 bytes, linear)
[    9.675323] UDP-Lite hash table entries: 256 (order: 1, 8192 bytes, linear)
[    9.759219] NET: Registered PF_UNIX/PF_LOCAL protocol family
[    9.827144] NET: Registered PF_XDP protocol family
[    9.884697] pci 0000:00:1e.0: BAR 15: assigned [mem 0x18000000-0x180fffff pref]
[    9.972364] pci 0000:01:0d.0: BAR 6: assigned [mem 0x18000000-0x1801ffff pref]
[   10.058949] pci 0000:00:1e.0: PCI bridge to [bus 01]
[   10.118423] pci 0000:00:1e.0:   bridge window [io  0x3000-0x3fff]
[   10.191411] pci 0000:00:1e.0:   bridge window [mem 0xf4100000-0xf41fffff]
[   10.272717] pci 0000:00:1e.0:   bridge window [mem 0x18000000-0x180fffff pref]
[   10.359344] pci_bus 0000:00: resource 4 [io  0x0000-0x0cf7 window]
[   10.433462] pci_bus 0000:00: resource 5 [mem 0x000a0000-0x000bffff window]
[   10.515814] pci_bus 0000:00: resource 6 [mem 0x000c0000-0x000cffff window]
[   10.598161] pci_bus 0000:00: resource 7 [mem 0x000d0000-0x000dffff window]
[   10.680509] pci_bus 0000:00: resource 8 [mem 0x18000000-0xfebfffff window]
[   10.762859] pci_bus 0000:00: resource 9 [io  0x0d00-0xffff window]
[   10.836900] pci_bus 0000:01: resource 0 [io  0x3000-0x3fff]
[   10.903645] pci_bus 0000:01: resource 1 [mem 0xf4100000-0xf41fffff]
[   10.978715] pci_bus 0000:01: resource 2 [mem 0x18000000-0x180fffff pref]
[   11.058986] pci_bus 0000:01: resource 4 [io  0x0000-0x0cf7 window]
[   11.133018] pci_bus 0000:01: resource 5 [mem 0x000a0000-0x000bffff window]
[   11.215368] pci_bus 0000:01: resource 6 [mem 0x000c0000-0x000cffff window]
[   11.297718] pci_bus 0000:01: resource 7 [mem 0x000d0000-0x000dffff window]
[   11.380064] pci_bus 0000:01: resource 8 [mem 0x18000000-0xfebfffff window]
[   11.462418] pci_bus 0000:01: resource 9 [io  0x0d00-0xffff window]
[   11.536787] pci 0000:00:01.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[   11.636906] pci 0000:00:01.0: pci_fixup_video+0x0/0xb0 took 97783 usecs
[   11.717437] pci 0000:01:0e.0: enabling device (0114 -> 0116)
[   11.787609] pci 0000:01:0e.0: quirk_usb_early_handoff+0x0/0x6e0 took 68556 usecs
[   11.876449] pci 0000:01:0e.1: enabling device (0114 -> 0116)
[   11.945745] pci 0000:01:0e.1: quirk_usb_early_handoff+0x0/0x6e0 took 67679 usecs
[   12.034655] pci 0000:01:0e.2: enabling device (0114 -> 0116)
[   12.104115] pci 0000:01:0e.2: quirk_usb_early_handoff+0x0/0x6e0 took 67839 usecs
[   12.192889] PCI: CLS 32 bytes, default 32
[   12.243237] Trying to unpack rootfs image as initramfs...
[   12.396162] Initialise system trusted keyrings
[   12.508278] workingset: timestamp_bits=30 max_order=17 bucket_order=0
[   12.594511] zbud: loaded
[   12.625642] romfs: ROMFS MTD (C) 2007 Red Hat, Inc.
[   13.132303] tsc: Refined TSC clocksource calibration: 531.608 MHz
[   13.205430] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x7a9ae70401, max_idle_ns: 440795209195 ns
[   13.353585] Key type asymmetric registered
[   13.402856] Asymmetric key parser 'x509' registered
[   13.461509] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 242)
[   13.731384] clocksource: Switched to clocksource tsc
[   13.822338] atomic64_test: passed for i586+ platform with CX8 and without SSE
[   13.913610] gbefb: couldn't reserve mmio region
[   13.968050] gbefb: probe of gbefb.0 failed with error -16
[   14.034343] isapnp: Scanning for PnP cards...
[   14.443908] isapnp: No Plug & Play device found
[   15.335655] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[   15.431926] 00:04: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[   15.737710] Floppy drive(s): fd0 is 1.44M
[   15.871483] brd: module loaded
[   15.934306] FDC 0 is a post-1991 82077
[   15.997939] st: Version 20160209, fixed bufsize 32768, s/g segs 256
[   16.206894] Freeing initrd memory: 10616K
[   16.449180] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[   16.527685] ehci-pci: EHCI PCI platform driver
[   16.582177] ehci-pci 0000:01:0e.2: EHCI Host Controller
[   16.654763] ehci-pci 0000:01:0e.2: new USB bus registered, assigned bus number 1
[   16.743836] ehci-pci 0000:01:0e.2: irq 18, io mem 0xf4100800
[   16.818137] ehci-pci 0000:01:0e.2: USB 2.0 started, EHCI 1.00
[   16.887516] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 5.14
[   16.986575] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[   17.073168] usb usb1: Product: EHCI Host Controller
[   17.131608] usb usb1: Manufacturer: Linux 5.14.9 ehci_hcd
[   17.196316] usb usb1: SerialNumber: 0000:01:0e.2
[   17.253221] hub 1-0:1.0: USB hub found
[   17.299937] hub 1-0:1.0: 5 ports detected
[   17.350043] ehci-platform: EHCI generic platform driver
[   17.413364] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[   17.487524] ohci-platform: OHCI generic platform driver
[   17.550293] uhci_hcd: USB Universal Host Controller Interface driver
[   17.627329] uhci_hcd 0000:00:1f.2: UHCI Host Controller
[   17.699776] uhci_hcd 0000:00:1f.2: new USB bus registered, assigned bus number 2
[   17.788743] uhci_hcd 0000:00:1f.2: irq 19, io base 0x00001820
[   17.859471] usb usb2: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 5.14
[   17.958667] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[   18.045210] usb usb2: Product: UHCI Host Controller
[   18.103638] usb usb2: Manufacturer: Linux 5.14.9 uhci_hcd
[   18.168335] usb usb2: SerialNumber: 0000:00:1f.2
[   18.224957] hub 2-0:1.0: USB hub found
[   18.271783] hub 2-0:1.0: 2 ports detected
[   18.322231] usbcore: registered new interface driver usb-storage
[   18.394416] usbcore: registered new interface driver ums-alauda
[   18.465498] usbcore: registered new interface driver ums-cypress
[   18.537550] usbcore: registered new interface driver ums-datafab
[   18.609633] usbcore: registered new interface driver ums-freecom
[   18.681830] usbcore: registered new interface driver ums-isd200
[   18.752903] usbcore: registered new interface driver ums-jumpshot
[   18.826004] usbcore: registered new interface driver ums-karma
[   18.896054] usbcore: registered new interface driver ums-onetouch
[   18.969190] usbcore: registered new interface driver ums-sddr09
[   19.040203] usbcore: registered new interface driver ums-sddr55
[   19.111262] usbcore: registered new interface driver ums-usbat
[   19.181849] i8042: PNP: PS/2 Controller [PNP0303:KBC0,PNP0f13:MSE0] at 0x60,0x64 irq 1,12
[   19.306966] serio: i8042 KBD port at 0x60,0x64 irq 1
[   19.366606] serio: i8042 AUX port at 0x60,0x64 irq 12
[   19.433701] mousedev: PS/2 mouse device common for all mice
[   19.500966] rtc_cmos 00:01: RTC can wake from S4
[   19.562645] rtc_cmos 00:01: registered as rtc0
[   19.616158] rtc_cmos 00:01: setting system clock to 2021-10-06T02:06:50 UTC (1633486010)
[   19.713395] rtc_cmos 00:01: alarms up to one month, y3k, 114 bytes nvram
[   19.795257] device-mapper: uevent: version 1.0.3
[   19.866845] device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com
[   19.968219] intel_pstate: CPU model not supported
[   20.027881] ledtrig-cpu: registered to indicate activity on CPUs
[   20.102754] Initializing XFRM netlink socket
[   20.154876] NET: Registered PF_INET6 protocol family
[   20.219427] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0
[   20.339902] Segment Routing with IPv6
[   20.383980] RPL Segment Routing with IPv6
[   20.432214] NET: Registered PF_PACKET protocol family
[   20.493376] Key type dns_resolver registered
[   20.548825] microcode: sig=0x665, pf=0x10, revision=0x3
[   20.613960] microcode: Microcode Update Driver: v2.2.
[   20.614002] IPI shorthand broadcast: enabled
[   20.726024] sched_clock: Marking stable (13815698178, 6910160635)->(31259594849, -10533736036)
[   20.830876] registered taskstats version 1
[   20.880182] Loading compiled-in X.509 certificates
[   20.937853] zswap: loaded using pool lzo/zbud
[   20.992298] Key type ._fscrypt registered
[   21.040453] Key type .fscrypt registered
[   21.087525] Key type fscrypt-provisioning registered
[   21.192325] Key type encrypted registered
[   21.258189] Freeing unused kernel image (initmem) memory: 992K
[   21.329692] Write protecting kernel text and read-only data: 12792k
[   21.405027] rodata_test: all tests were successful
[   21.462575] Run /init as init process
[   21.615488] ------------[ cut here ]------------
[   21.670972] fpu->state.fxsave.mxcsr: 0xb7be13b4, mxcsr_feature_mask: 0xffbf
[   21.754383] WARNING: CPU: 0 PID: 1 at arch/x86/kernel/fpu/signal.c:384 __fpu_restore_sig+0x51f/0x540
[   21.863860] Modules linked in:
[   21.900489] CPU: 0 PID: 1 Comm: init Not tainted 5.14.9 #1
[   21.966283] Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
[   22.059135] EIP: __fpu_restore_sig+0x51f/0x540
[   22.112375] Code: c0 0f 84 17 fe ff ff 0f 0b e9 10 fe ff ff 80 3d b0 ef e0 c1 00 75 18 c6 05 b0 ef e0 c1 01 52 50 68 68 6a b5 c16
[   22.337305] EAX: 0000003f EBX: 00000000 ECX: 00000000 EDX: 00000000
[   22.412364] ESI: c20f0000 EDI: c20f0800 EBP: c20e1f08 ESP: c20e1e70
[   22.487436] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 EFLAGS: 00010292
[   22.568751] CR0: 80050033 CR2: bf932db0 CR3: 03614000 CR4: 000002f0
[   22.643839] Call Trace:
[   22.673170]  fpu__restore_sig+0x48/0xa0
[   22.719225]  restore_sigcontext.constprop.0+0xc6/0xe0
[   22.779744]  __do_sys_sigreturn+0x60/0x90
[   22.827778]  do_int80_syscall_32+0x32/0x90
[   22.876963]  entry_INT80_32+0x10d/0x10d
[   22.922922] EIP: 0xb7c9fbe6
[   22.956402] Code: 8d 74 24 20 85 c0 0f 85 f8 01 00 00 c6 44 24 10 01 8d 6c 24 68 8b 8c 24 e4 00 00 00 b8 72 00 00 00 8b 94 24 e80
[   23.181331] EAX: 00000227 EBX: ffffffff ECX: bf93344c EDX: 00000000
[   23.256391] ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: bf933310
[   23.331465] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000246
[   23.412785] ---[ end trace 906a5cf3c33b02c7 ]---
[   23.468106] init[1] bad frame in sigreturn frame:(ptrval) ip:b7c9fbe6 sp:bf933310 orax:ffffffff in libc-2.33.so[b7bed000+156000]
[   23.606909] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
[   23.698718] CPU: 0 PID: 1 Comm: init Tainted: G        W         5.14.9 #1
[   23.781069] Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
[   23.873821] Call Trace:
[   23.903150]  dump_stack_lvl+0x34/0x44
[   23.947026]  dump_stack+0xd/0x10
[   23.985707]  panic+0xa3/0x22b
[   24.021269]  do_exit.cold+0x3e/0x94
[   24.063072]  do_group_exit+0x2f/0x90
[   24.105911]  get_signal+0x13b/0x790
[   24.147714]  arch_do_signal_or_restart+0x90/0x550
[   24.204071]  ? force_sig_info_to_task+0x69/0x100
[   24.259389]  ? force_sig+0x34/0x40
[   24.300153]  exit_to_user_mode_prepare+0x155/0x1f0
[   24.357550]  syscall_exit_to_user_mode+0x1b/0x40
[   24.412868]  do_int80_syscall_32+0x3c/0x90
[   24.461949]  entry_INT80_32+0x10d/0x10d
[   24.507908] EIP: 0xb7c9fbe6
[   24.541390] Code: 8d 74 24 20 85 c0 0f 85 f8 01 00 00 c6 44 24 10 01 8d 6c 24 68 8b 8c 24 e4 00 00 00 b8 72 00 00 00 8b 94 24 e80
[   24.766303] EAX: 00000000 EBX: ffffffff ECX: bf93344c EDX: 00000000
[   24.841379] ESI: 00000000 EDI: 00000000 EBP: 00000000 ESP: bf933310
[   24.916453] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000246
[   24.997790] Kernel Offset: disabled


^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
  2021-10-06  0:42       ` Ser Olmy
@ 2021-10-06 13:34         ` Borislav Petkov
  2021-10-06 14:22           ` Ser Olmy
  0 siblings, 1 reply; 10+ messages in thread
From: Borislav Petkov @ 2021-10-06 13:34 UTC (permalink / raw)
  To: Ser Olmy; +Cc: linux-kernel, x86-ml

On Wed, Oct 06, 2021 at 12:42:47AM +0000, Ser Olmy wrote:
> Sure:

Thx.

> [   21.670972] fpu->state.fxsave.mxcsr: 0xb7be13b4, mxcsr_feature_mask: 0xffbf
> [   21.754383] WARNING: CPU: 0 PID: 1 at arch/x86/kernel/fpu/signal.c:384 __fpu_restore_sig+0x51f/0x540

As tglx expected.

I guess this fixes your issue (replace with previous diff pls):

---
diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
index 445c57c9c539..684be34d4609 100644
--- a/arch/x86/kernel/fpu/signal.c
+++ b/arch/x86/kernel/fpu/signal.c
@@ -379,9 +379,8 @@ static int __fpu_restore_sig(void __user *buf, void __user *buf_fx,
 				     sizeof(fpu->state.fxsave)))
 			return -EFAULT;
 
-		/* Reject invalid MXCSR values. */
-		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
-			return -EINVAL;
+		/* Mask out reserved MXCSR bits. */
+		fpu->state.fxsave.mxcsr &= mxcsr_feature_mask;
 
 		/* Enforce XFEATURE_MASK_FPSSE when XSAVE is enabled */
 		if (use_xsave())

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [x86] Kernel v5.14 series panic on Celeron Mendocino CPU
  2021-10-06 13:34         ` Borislav Petkov
@ 2021-10-06 14:22           ` Ser Olmy
  0 siblings, 0 replies; 10+ messages in thread
From: Ser Olmy @ 2021-10-06 14:22 UTC (permalink / raw)
  To: Borislav Petkov; +Cc: linux-kernel, x86-ml

On Wednesday, October 6th, 2021 at 3:34 PM, Borislav Petkov <bp@alien8.de> wrote:
>
> On Wed, Oct 06, 2021 at 12:42:47AM +0000, Ser Olmy wrote:
>
> > [ 21.670972] fpu->state.fxsave.mxcsr: 0xb7be13b4, mxcsr_feature_mask: 0xffbf
> >
> > [ 21.754383] WARNING: CPU: 0 PID: 1 at arch/x86/kernel/fpu/signal.c:384 __fpu_restore_sig+0x51f/0x540
>
> As tglx expected.
>
> I guess this fixes your issue (replace with previous diff pls):
>

I can confirm that with the patch installed, the system does indeed boot normally with nothing out of the ordinary in the dmesg log. Thanks.

Best Regards,

Olmy

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits
  2021-10-04 17:59 ` Borislav Petkov
  2021-10-04 18:17   ` Ser Olmy
@ 2021-10-06 17:38   ` tip-bot2 for Borislav Petkov
  2021-10-07 23:40     ` Thomas Gleixner
  2021-10-08  9:58   ` tip-bot2 for Borislav Petkov
  2 siblings, 1 reply; 10+ messages in thread
From: tip-bot2 for Borislav Petkov @ 2021-10-06 17:38 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Ser Olmy, Borislav Petkov, stable, x86, linux-kernel

The following commit has been merged into the x86/urgent branch of tip:

Commit-ID:     908d969f88bfcf6d8538a0159e502567c7678775
Gitweb:        https://git.kernel.org/tip/908d969f88bfcf6d8538a0159e502567c7678775
Author:        Borislav Petkov <bp@suse.de>
AuthorDate:    Wed, 06 Oct 2021 18:33:52 +02:00
Committer:     Borislav Petkov <bp@suse.de>
CommitterDate: Wed, 06 Oct 2021 18:46:06 +02:00

x86/fpu: Restore the masking out of reserved MXCSR bits

Ser Olmy reported a boot failure:

  init[1] bad frame in sigreturn frame:(ptrval) ip:b7c9fbe6 sp:bf933310 orax:ffffffff \
	  in libc-2.33.so[b7bed000+156000]
  Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
  CPU: 0 PID: 1 Comm: init Tainted: G        W         5.14.9 #1
  Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
  Call Trace:
   dump_stack_lvl
   dump_stack
   panic
   do_exit.cold
   do_group_exit
   get_signal
   arch_do_signal_or_restart
   ? force_sig_info_to_task
   ? force_sig
   exit_to_user_mode_prepare
   syscall_exit_to_user_mode
   do_int80_syscall_32
   entry_INT80_32

on an old 32-bit Intel CPU:

  vendor_id       : GenuineIntel
  cpu family      : 6
  model           : 6
  model name      : Celeron (Mendocino)
  stepping        : 5
  microcode       : 0x3

Ser bisected the problem to the commit in Fixes.

tglx suggested reverting the rejection of invalid MXCSR values which
this commit introduced and replacing it with what the old code did -
simply masking them out to zero.

Further debugging confirmed his suggestion:

  fpu->state.fxsave.mxcsr: 0xb7be13b4, mxcsr_feature_mask: 0xffbf
  WARNING: CPU: 0 PID: 1 at arch/x86/kernel/fpu/signal.c:384 __fpu_restore_sig+0x51f/0x540

so restore the original behavior.

Fixes: 6f9866a166cd ("x86/fpu/signal: Let xrstor handle the features to init")
Reported-by: Ser Olmy <ser.olmy@protonmail.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Ser Olmy <ser.olmy@protonmail.com>
Cc: <stable@vger.kernel.org>
Link: https://lkml.kernel.org/r/YVtA67jImg3KlBTw@zn.tnic
---
 arch/x86/kernel/fpu/signal.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
index 445c57c..684be34 100644
--- a/arch/x86/kernel/fpu/signal.c
+++ b/arch/x86/kernel/fpu/signal.c
@@ -379,9 +379,8 @@ static int __fpu_restore_sig(void __user *buf, void __user *buf_fx,
 				     sizeof(fpu->state.fxsave)))
 			return -EFAULT;
 
-		/* Reject invalid MXCSR values. */
-		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
-			return -EINVAL;
+		/* Mask out reserved MXCSR bits. */
+		fpu->state.fxsave.mxcsr &= mxcsr_feature_mask;
 
 		/* Enforce XFEATURE_MASK_FPSSE when XSAVE is enabled */
 		if (use_xsave())

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits
  2021-10-06 17:38   ` [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits tip-bot2 for Borislav Petkov
@ 2021-10-07 23:40     ` Thomas Gleixner
  0 siblings, 0 replies; 10+ messages in thread
From: Thomas Gleixner @ 2021-10-07 23:40 UTC (permalink / raw)
  To: tip-bot2 for Borislav Petkov, linux-tip-commits
  Cc: Ser Olmy, Borislav Petkov, stable, x86, linux-kernel

On Wed, Oct 06 2021 at 17:38, tip-bot wrote:
> Ser bisected the problem to the commit in Fixes.
>
> tglx suggested reverting the rejection of invalid MXCSR values which
> this commit introduced and replacing it with what the old code did -
> simply masking them out to zero.
>
> Further debugging confirmed his suggestion:
>
>   fpu->state.fxsave.mxcsr: 0xb7be13b4, mxcsr_feature_mask: 0xffbf
>   WARNING: CPU: 0 PID: 1 at arch/x86/kernel/fpu/signal.c:384 __fpu_restore_sig+0x51f/0x540
>
> so restore the original behavior.
>
> Fixes: 6f9866a166cd ("x86/fpu/signal: Let xrstor handle the features to init")
> Reported-by: Ser Olmy <ser.olmy@protonmail.com>
> Signed-off-by: Borislav Petkov <bp@suse.de>
> Tested-by: Ser Olmy <ser.olmy@protonmail.com>
> Cc: <stable@vger.kernel.org>
> Link: https://lkml.kernel.org/r/YVtA67jImg3KlBTw@zn.tnic
> ---
>  arch/x86/kernel/fpu/signal.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
> index 445c57c..684be34 100644
> --- a/arch/x86/kernel/fpu/signal.c
> +++ b/arch/x86/kernel/fpu/signal.c
> @@ -379,9 +379,8 @@ static int __fpu_restore_sig(void __user *buf, void __user *buf_fx,
>  				     sizeof(fpu->state.fxsave)))
>  			return -EFAULT;
>  
> -		/* Reject invalid MXCSR values. */
> -		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
> -			return -EINVAL;
> +		/* Mask out reserved MXCSR bits. */
> +		fpu->state.fxsave.mxcsr &= mxcsr_feature_mask;

can we please make this:

--- a/arch/x86/kernel/fpu/signal.c
+++ b/arch/x86/kernel/fpu/signal.c
@@ -384,9 +384,14 @@ static bool __fpu_restore_sig(void __use
 				     sizeof(fpu->state.fxsave)))
 			return false;
 
-		/* Reject invalid MXCSR values. */
-		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
-			return false;
+		if (IS_ENABLED(CONFIG_X86_64)) {
+			/* Reject invalid MXCSR values. */
+			if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
+				return false;
+		} else {
+			/* Mask invalid bits out for historical reasons (broken hardware) */
+			fpu->state.fxsave.mxcsr &= ~mxcsr_feature_mask;
+		}
 
 		/* Enforce XFEATURE_MASK_FPSSE when XSAVE is enabled */
 		if (use_xsave())

On a 64 bit kernel even 32bit user space which supplies broken mxcsr
values has to be considered malicious.

The 32bit story on those stone age machines is different because the
hardware is simply buggy and we can't differentiate between broken
hardware and broken or malicious software.

Thanks,

        tglx

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits
  2021-10-04 17:59 ` Borislav Petkov
  2021-10-04 18:17   ` Ser Olmy
  2021-10-06 17:38   ` [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits tip-bot2 for Borislav Petkov
@ 2021-10-08  9:58   ` tip-bot2 for Borislav Petkov
  2 siblings, 0 replies; 10+ messages in thread
From: tip-bot2 for Borislav Petkov @ 2021-10-08  9:58 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Ser Olmy, Borislav Petkov, stable, x86, linux-kernel

The following commit has been merged into the x86/urgent branch of tip:

Commit-ID:     d298b03506d3e161f7492c440babb0bfae35e650
Gitweb:        https://git.kernel.org/tip/d298b03506d3e161f7492c440babb0bfae35e650
Author:        Borislav Petkov <bp@suse.de>
AuthorDate:    Wed, 06 Oct 2021 18:33:52 +02:00
Committer:     Borislav Petkov <bp@suse.de>
CommitterDate: Fri, 08 Oct 2021 11:12:17 +02:00

x86/fpu: Restore the masking out of reserved MXCSR bits

Ser Olmy reported a boot failure:

  init[1] bad frame in sigreturn frame:(ptrval) ip:b7c9fbe6 sp:bf933310 orax:ffffffff \
	  in libc-2.33.so[b7bed000+156000]
  Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b
  CPU: 0 PID: 1 Comm: init Tainted: G        W         5.14.9 #1
  Hardware name: Hewlett-Packard HP PC/HP Board, BIOS  JD.00.06 12/06/2001
  Call Trace:
   dump_stack_lvl
   dump_stack
   panic
   do_exit.cold
   do_group_exit
   get_signal
   arch_do_signal_or_restart
   ? force_sig_info_to_task
   ? force_sig
   exit_to_user_mode_prepare
   syscall_exit_to_user_mode
   do_int80_syscall_32
   entry_INT80_32

on an old 32-bit Intel CPU:

  vendor_id       : GenuineIntel
  cpu family      : 6
  model           : 6
  model name      : Celeron (Mendocino)
  stepping        : 5
  microcode       : 0x3

Ser bisected the problem to the commit in Fixes.

tglx suggested reverting the rejection of invalid MXCSR values which
this commit introduced and replacing it with what the old code did -
simply masking them out to zero.

Further debugging confirmed his suggestion:

  fpu->state.fxsave.mxcsr: 0xb7be13b4, mxcsr_feature_mask: 0xffbf
  WARNING: CPU: 0 PID: 1 at arch/x86/kernel/fpu/signal.c:384 __fpu_restore_sig+0x51f/0x540

so restore the original behavior only for 32-bit kernels where you have
ancient machines with buggy hardware. For 32-bit programs on 64-bit
kernels, user space which supplies wrong MXCSR values is considered
malicious so fail the sigframe restoration there.

Fixes: 6f9866a166cd ("x86/fpu/signal: Let xrstor handle the features to init")
Reported-by: Ser Olmy <ser.olmy@protonmail.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Ser Olmy <ser.olmy@protonmail.com>
Cc: <stable@vger.kernel.org>
Link: https://lkml.kernel.org/r/YVtA67jImg3KlBTw@zn.tnic
---
 arch/x86/kernel/fpu/signal.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c
index 445c57c..fa17a27 100644
--- a/arch/x86/kernel/fpu/signal.c
+++ b/arch/x86/kernel/fpu/signal.c
@@ -379,9 +379,14 @@ static int __fpu_restore_sig(void __user *buf, void __user *buf_fx,
 				     sizeof(fpu->state.fxsave)))
 			return -EFAULT;
 
-		/* Reject invalid MXCSR values. */
-		if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
-			return -EINVAL;
+		if (IS_ENABLED(CONFIG_X86_64)) {
+			/* Reject invalid MXCSR values. */
+			if (fpu->state.fxsave.mxcsr & ~mxcsr_feature_mask)
+				return -EINVAL;
+		} else {
+			/* Mask invalid bits out for historical reasons (broken hardware). */
+			fpu->state.fxsave.mxcsr &= ~mxcsr_feature_mask;
+		}
 
 		/* Enforce XFEATURE_MASK_FPSSE when XSAVE is enabled */
 		if (use_xsave())

^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2021-10-08  9:59 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-04 17:47 [x86] Kernel v5.14 series panic on Celeron Mendocino CPU Ser Olmy
2021-10-04 17:59 ` Borislav Petkov
2021-10-04 18:17   ` Ser Olmy
2021-10-05 10:05     ` Borislav Petkov
2021-10-06  0:42       ` Ser Olmy
2021-10-06 13:34         ` Borislav Petkov
2021-10-06 14:22           ` Ser Olmy
2021-10-06 17:38   ` [tip: x86/urgent] x86/fpu: Restore the masking out of reserved MXCSR bits tip-bot2 for Borislav Petkov
2021-10-07 23:40     ` Thomas Gleixner
2021-10-08  9:58   ` tip-bot2 for Borislav Petkov

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.