From: Petr Mladek <pmladek@suse.com>
To: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Matt Redfearn <matt.redfearn@imgtec.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Jiri Slaby <jslaby@suse.com>,
"David S. Miller" <davem@davemloft.net>,
Alan Cox <gnomes@lxorguk.ukuu.org.uk>,
"Fabio M. Di Nitto" <fdinitto@redhat.com>,
linux-serial@vger.kernel.org, linux-kernel@vger.kernel.org,
Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
Petr Mladek <pmladek@suse.com>
Subject: [PATCH 2/2] printk/console: Enhance the check for consoles using init memory
Date: Fri, 14 Jul 2017 14:51:13 +0200 [thread overview]
Message-ID: <1500036673-7122-3-git-send-email-pmladek@suse.com> (raw)
In-Reply-To: <1500036673-7122-1-git-send-email-pmladek@suse.com>
printk_late_init() is responsible for disabling boot consoles that
use init memory. It checks the address of struct console for this.
But this is not enough. For example, there are several early
consoles that have write() method in the init section and
struct console in the normal section. They are not disabled
and could cause fancy and hard to debug system states.
It is even more complicated by the macros EARLYCON_DECLARE() and
OF_EARLYCON_DECLARE() where various struct members are set at
runtime by the provided setup() function.
I have tried to reproduce this problem and forced the classic uart
early console to stay using keep_bootcon parameter. In particular
I used earlycon=uart,io,0x3f8 keep_bootcon console=ttyS0,115200.
The system did not boot:
[ 1.570496] PM: Image not found (code -22)
[ 1.570496] PM: Image not found (code -22)
[ 1.571886] PM: Hibernation image not present or could not be loaded.
[ 1.571886] PM: Hibernation image not present or could not be loaded.
[ 1.576407] Freeing unused kernel memory: 2528K
[ 1.577244] kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
The double lines are caused by having both early uart console and
ttyS0 console enabled at the same time. The early console stopped
working when the init memory was freed. Fortunately, the invalid
call was caught by the NX-protexted page check and did not cause
any silent fancy problems.
This patch adds a check for many other addresses stored in
struct console. It omits setup() and match() that are used
only when the console is registered. Therefore they have
already been used at this point and there is no reason
to use them again.
Signed-off-by: Petr Mladek <pmladek@suse.com>
---
kernel/printk/printk.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index f35d3ac3b8c7..1ebe1525ef64 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -2659,8 +2659,16 @@ static int __init printk_late_init(void)
int ret;
for_each_console(con) {
- if ((con->flags & CON_BOOT) &&
- init_section_intersects(con, sizeof(*con))) {
+ if (!(con->flags & CON_BOOT))
+ continue;
+
+ /* Check addresses that might be used for enabled consoles. */
+ if (init_section_intersects(con, sizeof(*con)) ||
+ init_section_contains(con->write, 0) ||
+ init_section_contains(con->read, 0) ||
+ init_section_contains(con->device, 0) ||
+ init_section_contains(con->unblank, 0) ||
+ init_section_contains(con->data, 0)) {
/*
* Please, consider moving the reported consoles out
* of the init section.
--
1.8.5.6
next prev parent reply other threads:[~2017-07-14 12:51 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-14 12:51 [PATCH 0/2] Avoid crashes by early (boot) consoles using init memory Petr Mladek
2017-07-14 12:51 ` [PATCH 1/2] printk/console: Always disable boot consoles that use init memory before it is freed Petr Mladek
2017-07-26 13:07 ` Sergey Senozhatsky
2017-07-14 12:51 ` Petr Mladek [this message]
2017-07-14 22:06 ` [PATCH 2/2] printk/console: Enhance the check for consoles using init memory Sergey Senozhatsky
2017-07-21 14:32 ` Petr Mladek
2017-07-24 2:03 ` Sergey Senozhatsky
2017-07-27 9:28 ` Petr Mladek
2017-07-27 9:52 ` Sergey Senozhatsky
2017-07-26 13:08 ` Sergey Senozhatsky
2017-07-27 9:29 ` Petr Mladek
2017-07-27 9:51 ` Sergey Senozhatsky
2017-07-27 10:08 ` Petr Mladek
2017-07-14 12:57 ` [PATCH 0/2] Avoid crashes by early (boot) " Fabio M. Di Nitto
2017-07-14 14:37 ` Petr Mladek
2017-07-15 5:05 ` Fabio M. Di Nitto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1500036673-7122-3-git-send-email-pmladek@suse.com \
--to=pmladek@suse.com \
--cc=akpm@linux-foundation.org \
--cc=davem@davemloft.net \
--cc=fdinitto@redhat.com \
--cc=gnomes@lxorguk.ukuu.org.uk \
--cc=gregkh@linuxfoundation.org \
--cc=jslaby@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-serial@vger.kernel.org \
--cc=matt.redfearn@imgtec.com \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=sergey.senozhatsky.work@gmail.com \
--cc=sergey.senozhatsky@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).