NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: port-amd64/49150: xrstor is privileged in Xen
The following reply was made to PR port-amd64/49150; it has been noted by GNATS.
From: John Nemeth <jnemeth%cue.bc.ca@localhost>
To: Manuel Bouyer <bouyer%antioche.eu.org@localhost>,
gnats-bugs%NetBSD.org@localhost
Cc: port-amd64-maintainer%NetBSD.org@localhost,
gnats-admin%NetBSD.org@localhost,
netbsd-bugs%NetBSD.org@localhost
Subject: Re: port-amd64/49150: xrstor is privileged in Xen
Date: Mon, 25 Aug 2014 01:24:43 -0700
On Aug 25, 9:54am, Manuel Bouyer wrote:
} On Mon, Aug 25, 2014 at 05:25:00AM +0000,
jnemeth%CornerstoneService.ca@localhost wrote:
} > >Description:
} > The xrstor instruction is privileged in Xen and the use of
} > it leads to a panic, "fatal privileged instruction fault in supervisor
} > mode".
} > >How-To-Repeat:
} > Attempt to boot a NetBSD 7 BETA domu kernel and watch it go
} > boom at mountroot time.
}
} that's strange, amd64 XEN3_DOMU boots fine here:
} http://www-soc.lip6.fr/~bouyer/NetBSD-tests/xen/netbsd-7/
}
} Can you give more details about your setup (CPU, xen version) ?
It's Xen Kernel 4.1.2. I see that it's out of date. However,
it is a production mission critical server. I can't reboot it
randomly; I have to plan downtime.
The details on the CPU are:
cpu0: AMD Family 15h (686-class), id 0x600f12
cpu0: features 0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR>
cpu0: features 0x178bfbff<PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2>
cpu0: features 0x178bfbff<HTT>
cpu0: features2 0x1698220b<SSE3,PCLMULQDQ,MONITOR,SSSE3,CX16,SSE41,SSE42>
cpu0: features2 0x1698220b<POPCNT,AES,XSAVE,AVX>
cpu0: features3 0x2fd3fbff<SYSCALL/SYSRET,NOX,MXX,FFXSR,P1GB,RDTSCP,LONG>
cpu0: features4 0x1c9bfff<LAHF,CMPLEGACY,SVM,EAPIC,ALTMOVCR0,LZCNT,SSE4A>
cpu0: features4 0x1c9bfff<MISALIGNSSE,3DNOWPREFETCH,OSVW,IBS,XOP,SKINIT,WDT>
cpu0: features4 0x1c9bfff<LWP,FMA4,NodeID,TopoExt,B23,B24>
cpu0: "AMD Opteron(TM) Processor 6272 "
cpu0: I-cache 64KB 64B/line 2-way, D-cache 16KB 64B/line 4-way
cpu0: L2 cache 2MB 64B/line 16-way
cpu0: L3 cache 12MB 64B/line 128-way
cpu0: ITLB 48 4KB entries fully associative, 24 2MB entries fully associative
cpu0: DTLB 32 4KB entries fully associative, 32 2MB entries fully associative
cpu0: L2 ITLB 512 4KB entries 4-way
cpu0: L2 DTLB 1024 4KB entries 8-way, 1024 2MB entries 8-way
cpu0: L1 1GB page ITLB 24 1GB entries fully associative
cpu0: L1 1GB page DTLB 32 1GB entries fully associative
cpu0: L2 1GB page DTLB 1024 1GB entries 8-way
cpu0: Initial APIC ID 0
cpu0: AMD Power Management features: 0x3d9<TS,TTP,HTC,100,HWP,TSC,CPB>
cpu0: SVM Rev. 1
cpu0: SVM NASID 65536
cpu0: SVM features 0x14ff<NP,LbrVirt,SVML,NRIPS,TSCRate,VMCBCleanBits>
cpu0: SVM features 0x14ff<FlushByASID,DecodeAssist,PauseFilter,B12>
cpu0: family 0f model 01 extfamily 06 extmodel 00 stepping 02
cpu0: UCode version: 0x6000629
Some quick googling seems to indicate that it is related to
XSA-52 / CVE-2013-2076. In particular, you need to have an AMD
cpu that is family 15h and up.
}-- End of excerpt from Manuel Bouyer
Home |
Main Index |
Thread Index |
Old Index