Bug ID | 1186884 |
---|---|
Summary | Launching Tumbleweed under SEV-ES currently fails when kernel parses MOVVar EFI table |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | Current |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Kernel |
Assignee | kernel-bugs@opensuse.org |
Reporter | jroedel@suse.com |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
Created attachment 849947 [details]
Full guest boot log with efi=debug
Launching TW as an SEV-ES guest currently fails with this kernel panic:
[ 2.907677] general protection fault, probably for non-canonical address
0x43a3c02ebe2b54c6: 0000 [#1] SMP NOPTI
[ 2.910048] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.12.4-2-default #1
openSUSE Tumbleweed
[ 2.911636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0
02/06/2015
[ 2.911636] RIP: 0010:efi_mokvar_entry_next+0x34/0x40
[ 2.911636] Code: c5 01 48 8b 17 48 c7 07 00 00 00 00 48 85 c0 74 24 48 85
d2 74 14 80 3a 00 74 18 48 8b 82 00 01 00 00 48 8d 84 02 08 01 00 00 <80> 38 00
74 04 48 89 07 c3 31 c0 c3 0f 1f 44 00 00 41 54 4c 8b 25
[ 2.911636] RSP: 0018:ffffbca30001fe48 EFLAGS: 00010286
[ 2.911636] RAX: 43a3c02ebe2b54c6 RBX: 0000000000000000 RCX:
0000000000000000
[ 2.911636] RDX: ffffbca300294000 RSI: ffff9e8fc417b448 RDI:
ffffbca30001fe50
[ 2.911636] RBP: ffff9e8fc4005a80 R08: 0000000000000000 R09:
ffff9e8fc011ad90
[ 2.911636] R10: ffff9e8fc1294270 R11: 0000000000000000 R12:
0000000000000000
[ 2.911636] R13: ffffffff96e88774 R14: 0000000000000000 R15:
0000000000000000
[ 2.911636] FS: 0000000000000000(0000) GS:ffff9e903bc00000(0000)
knlGS:0000000000000000
[ 2.911636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2.911636] CR2: 0000000000000000 CR3: 000080001fc10000 CR4:
00000000003506f0
[ 2.911636] Call Trace:
[ 2.911636] efi_mokvar_sysfs_init+0x12a/0x172
[ 2.911636] ? efi_mokvar_table_init+0x18a/0x18a
[ 2.911636] do_one_initcall+0x44/0x1d0
[ 2.911636] ? __kmalloc+0xc0/0x2d0
[ 2.911636] kernel_init_freeable+0x1ef/0x24b
[ 2.911636] ? rest_init+0xb4/0xb4
[ 2.911636] kernel_init+0xa/0x10c
[ 2.911636] ret_from_fork+0x22/0x30
[ 2.911636] Modules linked in:
[ 2.944868] ---[ end trace 7fa546069e99e464 ]---
[ 2.946173] RIP: 0010:efi_mokvar_entry_next+0x34/0x40
[ 2.947389] Code: c5 01 48 8b 17 48 c7 07 00 00 00 00 48 85 c0 74 24 48 85
d2 74 14 80 3a 00 74 18 48 8b 82 00 01 00 00 48 8d 84 02 08 01 00 00 <80> 38 00
74 04 48 89 07 c3 31 c0 c3 0f 1f 44 00 00 41 54 4c 8b 25
[ 2.951803] RSP: 0018:ffffbca30001fe48 EFLAGS: 00010286
[ 2.953227] RAX: 43a3c02ebe2b54c6 RBX: 0000000000000000 RCX:
0000000000000000
[ 2.954899] RDX: ffffbca300294000 RSI: ffff9e8fc417b448 RDI:
ffffbca30001fe50
[ 2.956397] RBP: ffff9e8fc4005a80 R08: 0000000000000000 R09:
ffff9e8fc011ad90
[ 2.957987] R10: ffff9e8fc1294270 R11: 0000000000000000 R12:
0000000000000000
[ 2.959624] R13: ffffffff96e88774 R14: 0000000000000000 R15:
0000000000000000
[ 2.961414] FS: 0000000000000000(0000) GS:ffff9e903bc00000(0000)
knlGS:0000000000000000
[ 2.963132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2.964493] CR2: 0000000000000000 CR3: 000080001fc10000 CR4:
00000000003506f0
[ 2.965970] Kernel panic - not syncing: Attempted to kill init!
exitcode=0x0000000b
[ 2.967745] Kernel Offset: 0x13c00000 from 0xffffffff81000000 (relocation
range: 0xffffffff80000000-0xffffffffbfffffff)
The reason for this is an upstream bug where the MOKVar EFI table is mapped as
u nencrypted memory while it needs to be mapped encrypted.