* x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report @ 2021-08-19 10:02 Fabio Aiuto 2021-08-19 10:12 ` Borislav Petkov 0 siblings, 1 reply; 9+ messages in thread From: Fabio Aiuto @ 2021-08-19 10:02 UTC (permalink / raw) To: Joerg Roedel Cc: Ingo Molnar, Borislav Petkov, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel Dear Joerg and other x86 developers, I work on a Lenovo Ideapad Miix 300-10IBY (intel baytrail based) for hardware tests. I have fedora 34 installed on, and since I updated to the 5.13.x versions, the tablet very often freezes at Lenovo startup logo. I did a bisect and found that the commit that introduced the bug is: commit 79419e13e8082cc15d174df979a363528e31f2e7 Author: Joerg Roedel <jroedel@suse.de> Date: Wed Mar 10 09:43:21 2021 +0100 x86/boot/compressed/64: Setup IDT in startup_32 boot path This boot path needs exception handling when it is used with SEV-ES. Setup an IDT and provide a helper function to write IDT entries for use in 32-bit protected mode. Signed-off-by: Joerg Roedel <jroedel@suse.de> Signed-off-by: Borislav Petkov <bp@suse.de> Link: https://lkml.kernel.org/r/20210312123824.306-5-joro@8bytes.org I tried also to checkout a v5.13 and revert this commit together with the following: fef81c86262879d4b1176ef51a834c15b805ebb9 "x86/boot/compressed/64: Check SEV encryption in the 32-bit boot-path" e927e62d8e370ebfc0d702fec22bc752249ebcef "x86/boot/compressed/64: Add CPUID sanity check to 32-bit boot-path" 1ccdbf748d862bc2ea106fa9f2300983c77860fe "x86/boot/compressed/64: Add 32-bit boot #VC handler" to ensure an errorless build. The kernel works fine on tablet without those changes. My efibootmgr -v output is: BootCurrent: 0000 Timeout: 2 seconds BootOrder: 0000,0001,2001,2002,2003 Boot0000* Fedora HD(1,GPT,1bb602be-6ed0-4ef5-aee4-b26891963c4a,0x800,0xaf000)/File(\EFI\fedora\shimia32.efi) Boot0001* Fedora HD(1,GPT,1bb602be-6ed0-4ef5-aee4-b26891963c4a,0x800,0xaf000)/File(\EFI\fedora\shim.efi)RC Boot2001* EFI USB Device RC Boot2002* EFI DVD/CDROM RC Boot2003* EFI Network RC This means that on startup is followed the 32-bit boot-path. CONFIG_AMD_MEM_ENCRYPT=y Tell me if can help, I started contributing to linux kernel five months ago in staging subsystem. I'd be glad to contribute to such a core area of the kernel. thank you in advance, fabio ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 10:02 x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report Fabio Aiuto @ 2021-08-19 10:12 ` Borislav Petkov 2021-08-19 10:47 ` Hans de Goede 2021-08-19 12:16 ` Fabio Aiuto 0 siblings, 2 replies; 9+ messages in thread From: Borislav Petkov @ 2021-08-19 10:12 UTC (permalink / raw) To: Fabio Aiuto Cc: Joerg Roedel, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel On Thu, Aug 19, 2021 at 12:02:31PM +0200, Fabio Aiuto wrote: > CONFIG_AMD_MEM_ENCRYPT=y Lemme see if I understand it correctly: you have this enabled on an Intel-based tablet? Does it boot plain 5.13.x (without any reverts) fine with that config item disabled? -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 10:12 ` Borislav Petkov @ 2021-08-19 10:47 ` Hans de Goede 2021-08-19 10:59 ` Borislav Petkov 2021-08-19 12:16 ` Fabio Aiuto 1 sibling, 1 reply; 9+ messages in thread From: Hans de Goede @ 2021-08-19 10:47 UTC (permalink / raw) To: Borislav Petkov, Fabio Aiuto Cc: Joerg Roedel, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, x86, linux-kernel Hi, On 8/19/21 12:12 PM, Borislav Petkov wrote: > On Thu, Aug 19, 2021 at 12:02:31PM +0200, Fabio Aiuto wrote: >> CONFIG_AMD_MEM_ENCRYPT=y > > Lemme see if I understand it correctly: you have this enabled on an > Intel-based tablet? Fabio is using the standard Fedora kernels which as generic distro kernels have this enabled. He used the Fedora .config when bisecting because in general when debugging it is a good idea to change as little variables as possible (even if using a distro-kernel-config leads to long build times for the bisect). Regards, Hans ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 10:47 ` Hans de Goede @ 2021-08-19 10:59 ` Borislav Petkov 0 siblings, 0 replies; 9+ messages in thread From: Borislav Petkov @ 2021-08-19 10:59 UTC (permalink / raw) To: Hans de Goede Cc: Fabio Aiuto, Joerg Roedel, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, x86, linux-kernel On Thu, Aug 19, 2021 at 12:47:05PM +0200, Hans de Goede wrote: > Fabio is using the standard Fedora kernels which as generic distro > kernels have this enabled. Right, I suspected but wanted to make sure. Then my second question would need answering: Does it boot plain 5.13.x (without any reverts) fine with that config item disabled? > (even if using a distro-kernel-config leads to long build times for > the bisect). Yah, tell me about it. :-\ -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 10:12 ` Borislav Petkov 2021-08-19 10:47 ` Hans de Goede @ 2021-08-19 12:16 ` Fabio Aiuto 2021-08-19 13:33 ` Joerg Roedel 1 sibling, 1 reply; 9+ messages in thread From: Fabio Aiuto @ 2021-08-19 12:16 UTC (permalink / raw) To: Borislav Petkov Cc: Joerg Roedel, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel Hello Borislav, On Thu, Aug 19, 2021 at 12:12:13PM +0200, Borislav Petkov wrote: > On Thu, Aug 19, 2021 at 12:02:31PM +0200, Fabio Aiuto wrote: > > CONFIG_AMD_MEM_ENCRYPT=y > > Lemme see if I understand it correctly: you have this enabled on an > Intel-based tablet? Yes I have, as Hans replied I use for rebuild the configuration provided by Fedora 34 distribution. > > Does it boot plain 5.13.x (without any reverts) fine with that config > item disabled? I rebuilt a plain v5.13 kernel (no reverts) with that config disabled and everything goes fine. > > -- > Regards/Gruss, > Boris. > > https://people.kernel.org/tglx/notes-about-netiquette thank you, fabio ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 12:16 ` Fabio Aiuto @ 2021-08-19 13:33 ` Joerg Roedel 2021-08-19 13:43 ` Fabio Aiuto 0 siblings, 1 reply; 9+ messages in thread From: Joerg Roedel @ 2021-08-19 13:33 UTC (permalink / raw) To: Fabio Aiuto Cc: Borislav Petkov, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel [-- Attachment #1: Type: text/plain, Size: 365 bytes --] Hi Fabio, thanks for your report! On Thu, Aug 19, 2021 at 02:16:53PM +0200, Fabio Aiuto wrote: > I rebuilt a plain v5.13 kernel (no reverts) with that config > disabled and everything goes fine. Can you please try the attached patch? I think the problem is that the 32-bit EFI boot path sets up its own IDT before ExitBootServices() is called. Regards, Joerg [-- Attachment #2: boot-idt.fix --] [-- Type: text/plain, Size: 2208 bytes --] diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S index 95a223b3e56a..99cfd5dea23c 100644 --- a/arch/x86/boot/compressed/efi_thunk_64.S +++ b/arch/x86/boot/compressed/efi_thunk_64.S @@ -39,7 +39,7 @@ SYM_FUNC_START(__efi64_thunk) /* * Convert x86-64 ABI params to i386 ABI */ - subq $32, %rsp + subq $64, %rsp movl %esi, 0x0(%rsp) movl %edx, 0x4(%rsp) movl %ecx, 0x8(%rsp) @@ -49,14 +49,19 @@ SYM_FUNC_START(__efi64_thunk) leaq 0x14(%rsp), %rbx sgdt (%rbx) + addq $16, %rbx + sidt (%rbx) + /* - * Switch to gdt with 32-bit segments. This is the firmware GDT - * that was installed when the kernel started executing. This - * pointer was saved at the EFI stub entry point in head_64.S. + * Switch to idt and gdt with 32-bit segments. This is the firmware GDT + * and IDT that was installed when the kernel started executing. The + * pointers were saved at the EFI stub entry point in head_64.S. * * Pass the saved DS selector to the 32-bit code, and use far return to * restore the saved CS selector. */ + leaq efi32_boot_idt(%rip), %rax + lidt (%rax) leaq efi32_boot_gdt(%rip), %rax lgdt (%rax) @@ -67,7 +72,7 @@ SYM_FUNC_START(__efi64_thunk) pushq %rax lretq -1: addq $32, %rsp +1: addq $64, %rsp movq %rdi, %rax pop %rbx @@ -132,6 +137,9 @@ SYM_FUNC_START_LOCAL(efi_enter32) */ cli + lidtl (%ebx) + subl $16, %ebx + lgdtl (%ebx) movl %cr4, %eax @@ -166,6 +174,11 @@ SYM_DATA_START(efi32_boot_gdt) .quad 0 SYM_DATA_END(efi32_boot_gdt) +SYM_DATA_START(efi32_boot_idt) + .word 0 + .quad 0 +SYM_DATA_END(efi32_boot_idt) + SYM_DATA_START(efi32_boot_cs) .word 0 SYM_DATA_END(efi32_boot_cs) diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index a2347ded77ea..572c535cf45b 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -319,6 +319,9 @@ SYM_INNER_LABEL(efi32_pe_stub_entry, SYM_L_LOCAL) movw %cs, rva(efi32_boot_cs)(%ebp) movw %ds, rva(efi32_boot_ds)(%ebp) + /* Store firmware IDT descriptor */ + sidtl rva(efi32_boot_idt)(%ebp) + /* Disable paging */ movl %cr0, %eax btrl $X86_CR0_PG_BIT, %eax ^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 13:33 ` Joerg Roedel @ 2021-08-19 13:43 ` Fabio Aiuto 2021-08-19 13:49 ` Joerg Roedel 0 siblings, 1 reply; 9+ messages in thread From: Fabio Aiuto @ 2021-08-19 13:43 UTC (permalink / raw) To: Joerg Roedel Cc: Borislav Petkov, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel Hi Joerg, On Thu, Aug 19, 2021 at 03:33:40PM +0200, Joerg Roedel wrote: > Hi Fabio, > > thanks for your report! you are welcome, > > On Thu, Aug 19, 2021 at 02:16:53PM +0200, Fabio Aiuto wrote: > > I rebuilt a plain v5.13 kernel (no reverts) with that config > > disabled and everything goes fine. > > Can you please try the attached patch? I think the problem is that the > 32-bit EFI boot path sets up its own IDT before ExitBootServices() is > called. shall I restore back CONFIG_AMD_MEM_ENCRYPT? thank you, fabio > > Regards, > > Joerg > diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S > index 95a223b3e56a..99cfd5dea23c 100644 > --- a/arch/x86/boot/compressed/efi_thunk_64.S > +++ b/arch/x86/boot/compressed/efi_thunk_64.S > @@ -39,7 +39,7 @@ SYM_FUNC_START(__efi64_thunk) > /* > * Convert x86-64 ABI params to i386 ABI > */ > - subq $32, %rsp > + subq $64, %rsp > movl %esi, 0x0(%rsp) > movl %edx, 0x4(%rsp) > movl %ecx, 0x8(%rsp) > @@ -49,14 +49,19 @@ SYM_FUNC_START(__efi64_thunk) > leaq 0x14(%rsp), %rbx > sgdt (%rbx) > > + addq $16, %rbx > + sidt (%rbx) > + > /* > - * Switch to gdt with 32-bit segments. This is the firmware GDT > - * that was installed when the kernel started executing. This > - * pointer was saved at the EFI stub entry point in head_64.S. > + * Switch to idt and gdt with 32-bit segments. This is the firmware GDT > + * and IDT that was installed when the kernel started executing. The > + * pointers were saved at the EFI stub entry point in head_64.S. > * > * Pass the saved DS selector to the 32-bit code, and use far return to > * restore the saved CS selector. > */ > + leaq efi32_boot_idt(%rip), %rax > + lidt (%rax) > leaq efi32_boot_gdt(%rip), %rax > lgdt (%rax) > > @@ -67,7 +72,7 @@ SYM_FUNC_START(__efi64_thunk) > pushq %rax > lretq > > -1: addq $32, %rsp > +1: addq $64, %rsp > movq %rdi, %rax > > pop %rbx > @@ -132,6 +137,9 @@ SYM_FUNC_START_LOCAL(efi_enter32) > */ > cli > > + lidtl (%ebx) > + subl $16, %ebx > + > lgdtl (%ebx) > > movl %cr4, %eax > @@ -166,6 +174,11 @@ SYM_DATA_START(efi32_boot_gdt) > .quad 0 > SYM_DATA_END(efi32_boot_gdt) > > +SYM_DATA_START(efi32_boot_idt) > + .word 0 > + .quad 0 > +SYM_DATA_END(efi32_boot_idt) > + > SYM_DATA_START(efi32_boot_cs) > .word 0 > SYM_DATA_END(efi32_boot_cs) > diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S > index a2347ded77ea..572c535cf45b 100644 > --- a/arch/x86/boot/compressed/head_64.S > +++ b/arch/x86/boot/compressed/head_64.S > @@ -319,6 +319,9 @@ SYM_INNER_LABEL(efi32_pe_stub_entry, SYM_L_LOCAL) > movw %cs, rva(efi32_boot_cs)(%ebp) > movw %ds, rva(efi32_boot_ds)(%ebp) > > + /* Store firmware IDT descriptor */ > + sidtl rva(efi32_boot_idt)(%ebp) > + > /* Disable paging */ > movl %cr0, %eax > btrl $X86_CR0_PG_BIT, %eax ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 13:43 ` Fabio Aiuto @ 2021-08-19 13:49 ` Joerg Roedel 2021-08-19 17:25 ` Fabio Aiuto 0 siblings, 1 reply; 9+ messages in thread From: Joerg Roedel @ 2021-08-19 13:49 UTC (permalink / raw) To: Fabio Aiuto Cc: Borislav Petkov, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel On Thu, Aug 19, 2021 at 03:43:28PM +0200, Fabio Aiuto wrote: > shall I restore back CONFIG_AMD_MEM_ENCRYPT? Yes, please restore it. Thanks, Joerg ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report 2021-08-19 13:49 ` Joerg Roedel @ 2021-08-19 17:25 ` Fabio Aiuto 0 siblings, 0 replies; 9+ messages in thread From: Fabio Aiuto @ 2021-08-19 17:25 UTC (permalink / raw) To: Joerg Roedel Cc: Borislav Petkov, Ingo Molnar, H. Peter Anvin, Thomas Gleixner, Hans de Goede, x86, linux-kernel Hello Joerg, On Thu, Aug 19, 2021 at 03:49:28PM +0200, Joerg Roedel wrote: > On Thu, Aug 19, 2021 at 03:43:28PM +0200, Fabio Aiuto wrote: > > shall I restore back CONFIG_AMD_MEM_ENCRYPT? > > Yes, please restore it. > > Thanks, > > Joerg Your patch works. I've tested the boot 10 times and worked fine. Tell me if you want me to test some other ways. thank you, fabio ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2021-08-19 17:26 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-08-19 10:02 x86/boot/compressed/64: Lenovo Ideapad Miix300 bug report Fabio Aiuto 2021-08-19 10:12 ` Borislav Petkov 2021-08-19 10:47 ` Hans de Goede 2021-08-19 10:59 ` Borislav Petkov 2021-08-19 12:16 ` Fabio Aiuto 2021-08-19 13:33 ` Joerg Roedel 2021-08-19 13:43 ` Fabio Aiuto 2021-08-19 13:49 ` Joerg Roedel 2021-08-19 17:25 ` Fabio Aiuto
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).