[Kernel-packages] [Bug 2020319] Re: Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest

Mon, 22 May 2023 01:00:28 -0700 

** Changed in: linux (Ubuntu Focal)
       Status: New => In Progress

** Changed in: linux (Ubuntu Jammy)
       Status: New => In Progress

** Changed in: linux (Ubuntu Focal)
     Assignee: (unassigned) => ChengEn, Du (chengendu)

** Changed in: linux (Ubuntu Jammy)
     Assignee: (unassigned) => ChengEn, Du (chengendu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2020319

Title:
  Encountering an issue with memcpy_fromio causing failed boot of SEV-
  enabled guest

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Bionic:
  New
Status in linux source package in Focal:
  In Progress
Status in linux source package in Jammy:
  In Progress

Bug description:
  [Impact]
  When launching a SEV-enabled guest, the guest kernel panics with the 
following call trace,
  indicating a critical error in the system.

  ==========
  [    1.090638] software IO TLB: Memory encryption is active and system is 
using DMA bounce buffers
  [    1.092105] Linux agpgart interface v0.103
  [    1.092716] BUG: unable to handle page fault for address: ffff9b820003d068
  [    1.093445] #PF: supervisor read access in kernel mode
  [    1.093966] #PF: error_code(0x0000) - not-present page
  [    1.094481] PGD 800100000067 P4D 800100000067 PUD 8001001d7067 PMD 
8001001da067 PTE 80000000fed40173
  [    1.094629] Oops: 0000 [#1] SMP NOPTI
  [    1.094629] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.0-46-generic 
#49-Ubuntu
  [    1.094629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 
02/06/2015
  [    1.094629] RIP: 0010:memcpy_fromio+0x27/0x50
  [    1.094629] Code: cc cc cc 0f 1f 44 00 00 55 48 89 e5 48 85 d2 74 28 40 f6 
c6 01 75 30 48 83 fa 01 76 06 40 f6 c6 02 75 1c 48 89 d1 48 c1 e9 02 <f3> a5 f6 
c2 02 74 02 66 a5 f6 c2 01 74 01 a4 5d e9 14 b3 97 00 66
  [    1.094629] RSP: 0018:ffff9b820001ba50 EFLAGS: 00010212
  [    1.094629] RAX: ffff9b820003d040 RBX: ffff9b820001bac0 RCX: 
0000000000000002
  [    1.094629] RDX: 0000000000000008 RSI: ffff9b820003d068 RDI: 
ffff9b820001ba90
  [    1.094629] RBP: ffff9b820001ba50 R08: 0000000000000f80 R09: 
0000000000000f80
  [    1.094629] R10: 00000000fed40080 R11: ffff9b820001bac0 R12: 
ffff8cc7068eca48
  [    1.094629] R13: ffff8cc700a64288 R14: 0000000000000000 R15: 
00000000fed40080
  [    1.094629] FS:  0000000000000000(0000) GS:ffff8cc77bd00000(0000) 
knlGS:0000000000000000
  [    1.094629] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  [    1.094629] CR2: ffff9b820003d068 CR3: 0000800174a10000 CR4: 
0000000000350ee0
  [    1.094629] Call Trace:
  [    1.094629]  <TASK>
  [    1.094629]  crb_map_io+0x315/0x870
  [    1.094629]  ? radix_tree_iter_tag_clear+0x12/0x20
  [    1.094629]  ? _raw_spin_unlock_irqrestore+0xe/0x30
  [    1.094629]  crb_acpi_add+0xc2/0x140
  [    1.094629]  acpi_device_probe+0x4c/0x170
  [    1.094629]  really_probe+0x222/0x420
  [    1.094629]  __driver_probe_device+0x119/0x190
  [    1.094629]  driver_probe_device+0x23/0xc0
  [    1.094629]  __driver_attach+0xbd/0x1e0
  [    1.094629]  ? __device_attach_driver+0x120/0x120
  [    1.094629]  bus_for_each_dev+0x7e/0xd0
  [    1.094629]  driver_attach+0x1e/0x30
  [    1.094629]  bus_add_driver+0x139/0x200
  [    1.094629]  driver_register+0x95/0x100
  [    1.094629]  ? init_tis+0xfd/0xfd
  [    1.094629]  acpi_bus_register_driver+0x39/0x50
  [    1.094629]  crb_acpi_driver_init+0x15/0x1b
  [    1.094629]  do_one_initcall+0x48/0x1e0
  [    1.094629]  do_initcalls+0x12f/0x159
  [    1.094629]  kernel_init_freeable+0x162/0x1b5
  [    1.094629]  ? rest_init+0x100/0x100
  [    1.094629]  kernel_init+0x1b/0x150
  [    1.094629]  ? rest_init+0x100/0x100
  [    1.094629]  ret_from_fork+0x22/0x30
  [    1.094629]  </TASK>
  [    1.094629] Modules linked in:
  [    1.094629] CR2: ffff9b820003d068
  [    1.094629] ---[ end trace 3d6d81c42a3c2030 ]---
  [    1.094629] RIP: 0010:memcpy_fromio+0x27/0x50
  [    1.094629] Code: cc cc cc 0f 1f 44 00 00 55 48 89 e5 48 85 d2 74 28 40 f6 
c6 01 75 30 48 83 fa 01 76 06 40 f6 c6 02 75 1c 48 89 d1 48 c1 e9 02 <f3> a5 f6 
c2 02 74 02 66 a5 f6 c2 01 74 01 a4 5d e9 14 b3 97 00 66
  [    1.094629] RSP: 0018:ffff9b820001ba50 EFLAGS: 00010212
  [    1.094629] RAX: ffff9b820003d040 RBX: ffff9b820001bac0 RCX: 
0000000000000002
  [    1.094629] RDX: 0000000000000008 RSI: ffff9b820003d068 RDI: 
ffff9b820001ba90
  [    1.094629] RBP: ffff9b820001ba50 R08: 0000000000000f80 R09: 
0000000000000f80
  [    1.094629] R10: 00000000fed40080 R11: ffff9b820001bac0 R12: 
ffff8cc7068eca48
  [    1.094629] R13: ffff8cc700a64288 R14: 0000000000000000 R15: 
00000000fed40080
  [    1.094629] FS:  0000000000000000(0000) GS:ffff8cc77bd00000(0000) 
knlGS:0000000000000000
  [    1.094629] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  [    1.094629] CR2: ffff9b820003d068 CR3: 0000800174a10000 CR4: 
0000000000350ee0
  [    1.094629] Kernel panic - not syncing: Attempted to kill init! 
exitcode=0x00000009
  [    1.094629] Kernel Offset: 0x200000 from 0xffffffff81000000 (relocation 
range: 0xffffffff80000000-0xffffffffbfffffff)
  [    1.094629] ---[ end Kernel panic - not syncing: Attempted to kill init! 
exitcode=0x00000009 ]---
  ==========

  [Fix]
  The issue arises when launching kernels in libvirt-managed SEV virtual 
machines due to the addition of a tpm-crb device by virt-install.
  Upstream commit 4009a4ac82dd has fixed this issue.
  ==========
  Author: Joerg Roedel <jroe...@suse.de>
  Date: Mon Mar 21 10:33:51 2022 +0100

  x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO

  The io-specific memcpy/memset functions use string mmio accesses to do
  their work. Under SEV, the hypervisor can't emulate these instructions
  because they read/write directly from/to encrypted memory.
  ==========

  [Test Plan]
  1. Use virt-install to create a SEV-enabled guest
  virt-install --name sev_guest --memory 16384 --vcpus 16 --boot uefi --disk 
/root/focal-server-cloudimg-amd64.img,device=disk,bus=scsi --os-variant 
ubuntu20.04 --import --controller type=scsi,model=virtio-scsi,driver.iommu=on 
--controller type=virtio-serial,driver.iommu=on --network default --memballoon 
driver.iommu=on --graphics none --launchSecurity sev --noautoconsole
  2. Poweron the guest and kernel panic occurred.

  [Where problems could occur]
  SEV doesn't support string I/O, so the patch unrolls the string I/O operation 
into a loop operating on one element at a time.
  The affected range is limited to virtual machines and specific platforms that 
support SEV (i.e., AMD Epyc) and have SEV-ES not enabled.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2020319/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to