32-bit x86 system reboots automatically on resume from hibernate (ASLR issue?)

32-bit x86 system reboots automatically on resume from hibernate (ASLR issue?)

[Evgenii Shatokhin]

Hi,

One of my x86 machines with a 32-bit Linux system (ROSA Linux in this 
case) automatically reboots when it tries to resume from hibernate. This 
happens shortly after "Image loading progress 100%" message is shown on 
the screen.

No traces of the error are in the system log after reboot though.

The problem is present at least in the mainline kernels 4.8 - 4.10. With 
earlier versions (I tried 4.4, 4.5, etc.), the system resumes OK.

The bisection pointed to the following commit as the first "bad" one:

commit 65fe935dd2387a4faf15314c73f5e6d31ef0217e
Author: Kees Cook <keescook@chromium.org>
Date:   Mon Jun 13 15:10:02 2016 -0700

     x86/KASLR, x86/power: Remove x86 hibernation restrictions

Hardware: https://linux-hardware.org/index.php?probe=e6a06c64c7
Config used to build the kernel at rev. 65fe935: 
http://pastebin.com/AxEA6ahb

If I understand it correctly, this commit just enabled ASLR by default 
regardless of whether hibernation support was present or not. Before 
this commit, ASLR was disabled on that system because hibernation was 
supported.

To check if ASLR is really involved here, I rebuilt the kernel with 
CONFIG_RANDOMIZE_BASE unset - now the system resumes OK from 
hibernation, no auto reboots, no other visible problems so far.

The problem does not show up in a 64-bit Linux system installed on the 
same machine. Only the 32-bit system is affected.

Regards,
Evgenii

Re: 32-bit x86 system reboots automatically on resume from hibernate (ASLR issue?)

[Kees Cook]

On Tue, Mar 21, 2017 at 6:54 AM, Evgenii Shatokhin
<eugene.shatokhin@yandex.ru> wrote:
> Hi,
>
> One of my x86 machines with a 32-bit Linux system (ROSA Linux in this case)
> automatically reboots when it tries to resume from hibernate. This happens
> shortly after "Image loading progress 100%" message is shown on the screen.
>
> No traces of the error are in the system log after reboot though.
>
> The problem is present at least in the mainline kernels 4.8 - 4.10. With
> earlier versions (I tried 4.4, 4.5, etc.), the system resumes OK.
>
> The bisection pointed to the following commit as the first "bad" one:
>
> commit 65fe935dd2387a4faf15314c73f5e6d31ef0217e
> Author: Kees Cook <keescook@chromium.org>
> Date:   Mon Jun 13 15:10:02 2016 -0700
>
>     x86/KASLR, x86/power: Remove x86 hibernation restrictions

Hrm, perhaps the 32-bit hibernation code still isn't KASLR-safe. If
you boot with nokaslr on the kernel command line, does the problem go
away?

> Hardware: https://linux-hardware.org/index.php?probe=e6a06c64c7
> Config used to build the kernel at rev. 65fe935:
> http://pastebin.com/AxEA6ahb
>
> If I understand it correctly, this commit just enabled ASLR by default
> regardless of whether hibernation support was present or not. Before this
> commit, ASLR was disabled on that system because hibernation was supported.
>
> To check if ASLR is really involved here, I rebuilt the kernel with
> CONFIG_RANDOMIZE_BASE unset - now the system resumes OK from hibernation, no
> auto reboots, no other visible problems so far.
>
> The problem does not show up in a 64-bit Linux system installed on the same
> machine. Only the 32-bit system is affected.

(Why would you want to run 32-bit kernels on a 64-bit system?)

-Kees

-- 
Kees Cook
Pixel Security

Re: 32-bit x86 system reboots automatically on resume from hibernate (ASLR issue?)

[Evgenii Shatokhin]

On 21.03.2017 23:40, Kees Cook wrote:
> On Tue, Mar 21, 2017 at 6:54 AM, Evgenii Shatokhin
> <eugene.shatokhin@yandex.ru> wrote:
>> Hi,
>>
>> One of my x86 machines with a 32-bit Linux system (ROSA Linux in this case)
>> automatically reboots when it tries to resume from hibernate. This happens
>> shortly after "Image loading progress 100%" message is shown on the screen.
>>
>> No traces of the error are in the system log after reboot though.
>>
>> The problem is present at least in the mainline kernels 4.8 - 4.10. With
>> earlier versions (I tried 4.4, 4.5, etc.), the system resumes OK.
>>
>> The bisection pointed to the following commit as the first "bad" one:
>>
>> commit 65fe935dd2387a4faf15314c73f5e6d31ef0217e
>> Author: Kees Cook <keescook@chromium.org>
>> Date:   Mon Jun 13 15:10:02 2016 -0700
>>
>>      x86/KASLR, x86/power: Remove x86 hibernation restrictions
>
> Hrm, perhaps the 32-bit hibernation code still isn't KASLR-safe. If
> you boot with nokaslr on the kernel command line, does the problem go
> away?

Yes. The problem does not show up when I boot the system with 'nokaslr'.

>
>> Hardware: https://linux-hardware.org/index.php?probe=e6a06c64c7
>> Config used to build the kernel at rev. 65fe935:
>> http://pastebin.com/AxEA6ahb
>>
>> If I understand it correctly, this commit just enabled ASLR by default
>> regardless of whether hibernation support was present or not. Before this
>> commit, ASLR was disabled on that system because hibernation was supported.
>>
>> To check if ASLR is really involved here, I rebuilt the kernel with
>> CONFIG_RANDOMIZE_BASE unset - now the system resumes OK from hibernation, no
>> auto reboots, no other visible problems so far.
>>
>> The problem does not show up in a 64-bit Linux system installed on the same
>> machine. Only the 32-bit system is affected.
>
> (Why would you want to run 32-bit kernels on a 64-bit system?)

Mostly for testing and debugging.

While most of ROSA Linux users are OK with the 64-bit version of the 
distro, some still need its 32-bit variant. They reported (unrelated) 
problems with hibernate. I was debugging these and stumbled upon this 
problem as well.

Regards,
Evgenii

>
> -Kees
>

Re: 32-bit x86 system reboots automatically on resume from hibernate (ASLR issue?)

[Kees Cook]

On Wed, Mar 22, 2017 at 5:50 AM, Evgenii Shatokhin
<eugene.shatokhin@yandex.ru> wrote:
> On 21.03.2017 23:40, Kees Cook wrote:
>>
>> On Tue, Mar 21, 2017 at 6:54 AM, Evgenii Shatokhin
>> <eugene.shatokhin@yandex.ru> wrote:
>>>
>>> Hi,
>>>
>>> One of my x86 machines with a 32-bit Linux system (ROSA Linux in this
>>> case)
>>> automatically reboots when it tries to resume from hibernate. This
>>> happens
>>> shortly after "Image loading progress 100%" message is shown on the
>>> screen.
>>>
>>> No traces of the error are in the system log after reboot though.
>>>
>>> The problem is present at least in the mainline kernels 4.8 - 4.10. With
>>> earlier versions (I tried 4.4, 4.5, etc.), the system resumes OK.
>>>
>>> The bisection pointed to the following commit as the first "bad" one:
>>>
>>> commit 65fe935dd2387a4faf15314c73f5e6d31ef0217e
>>> Author: Kees Cook <keescook@chromium.org>
>>> Date:   Mon Jun 13 15:10:02 2016 -0700
>>>
>>>      x86/KASLR, x86/power: Remove x86 hibernation restrictions
>>
>>
>> Hrm, perhaps the 32-bit hibernation code still isn't KASLR-safe. If
>> you boot with nokaslr on the kernel command line, does the problem go
>> away?
>
>
> Yes. The problem does not show up when I boot the system with 'nokaslr'.

Okay, it looks like we need to either partially revert that commit
(i.e. make the by-default-prefer-hibernation logic only happen on
32-bit x86), swap the logic (i.e. by-default-prefer-KASLR on 32-bit),
or make KASLR be blocked by hibernation in Kconfig (as it was a long
time ago).

Rafael, do you have a preference here?

-Kees

-- 
Kees Cook
Pixel Security

Re: 32-bit x86 system reboots automatically on resume from hibernate (ASLR issue?)

[Rafael J. Wysocki]

On Wednesday, March 22, 2017 11:58:55 AM Kees Cook wrote:
> On Wed, Mar 22, 2017 at 5:50 AM, Evgenii Shatokhin
> <eugene.shatokhin@yandex.ru> wrote:
> > On 21.03.2017 23:40, Kees Cook wrote:
> >>
> >> On Tue, Mar 21, 2017 at 6:54 AM, Evgenii Shatokhin
> >> <eugene.shatokhin@yandex.ru> wrote:
> >>>
> >>> Hi,
> >>>
> >>> One of my x86 machines with a 32-bit Linux system (ROSA Linux in this
> >>> case)
> >>> automatically reboots when it tries to resume from hibernate. This
> >>> happens
> >>> shortly after "Image loading progress 100%" message is shown on the
> >>> screen.
> >>>
> >>> No traces of the error are in the system log after reboot though.
> >>>
> >>> The problem is present at least in the mainline kernels 4.8 - 4.10. With
> >>> earlier versions (I tried 4.4, 4.5, etc.), the system resumes OK.
> >>>
> >>> The bisection pointed to the following commit as the first "bad" one:
> >>>
> >>> commit 65fe935dd2387a4faf15314c73f5e6d31ef0217e
> >>> Author: Kees Cook <keescook@chromium.org>
> >>> Date:   Mon Jun 13 15:10:02 2016 -0700
> >>>
> >>>      x86/KASLR, x86/power: Remove x86 hibernation restrictions
> >>
> >>
> >> Hrm, perhaps the 32-bit hibernation code still isn't KASLR-safe. If
> >> you boot with nokaslr on the kernel command line, does the problem go
> >> away?
> >
> >
> > Yes. The problem does not show up when I boot the system with 'nokaslr'.
> 
> Okay, it looks like we need to either partially revert that commit
> (i.e. make the by-default-prefer-hibernation logic only happen on
> 32-bit x86), swap the logic (i.e. by-default-prefer-KASLR on 32-bit),
> or make KASLR be blocked by hibernation in Kconfig (as it was a long
> time ago).
> 
> Rafael, do you have a preference here?

I'd say let's make KASLR and hibernation mutually exclusive on 32-bit and
it really doesn't matter to me which one is preferred as long as it is clear
that one will be disabled by the other (each way).

And I don't see why 64-bit would need to be affected by this at all, frankly.

I still have a patch from Pavel to improve things in 32-bit hibernation land,
but it still requires some time and effort and I don't see volunteers for
that work.

Thanks,
Rafael