[Bug 1186884] New: Launching Tumbleweed under SEV-ES currently fails when kernel parses MOVVar EFI table
https://bugzilla.suse.com/show_bug.cgi?id=1186884 Bug ID: 1186884 Summary: Launching Tumbleweed under SEV-ES currently fails when kernel parses MOVVar EFI table Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Kernel Assignee: kernel-bugs@opensuse.org Reporter: jroedel@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 849947 --> https://bugzilla.suse.com/attachment.cgi?id=849947&action=edit Full guest boot log with efi=debug Launching TW as an SEV-ES guest currently fails with this kernel panic: [ 2.907677] general protection fault, probably for non-canonical address 0x43a3c02ebe2b54c6: 0000 [#1] SMP NOPTI [ 2.910048] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.12.4-2-default #1 openSUSE Tumbleweed [ 2.911636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 [ 2.911636] RIP: 0010:efi_mokvar_entry_next+0x34/0x40 [ 2.911636] Code: c5 01 48 8b 17 48 c7 07 00 00 00 00 48 85 c0 74 24 48 85 d2 74 14 80 3a 00 74 18 48 8b 82 00 01 00 00 48 8d 84 02 08 01 00 00 <80> 38 00 74 04 48 89 07 c3 31 c0 c3 0f 1f 44 00 00 41 54 4c 8b 25 [ 2.911636] RSP: 0018:ffffbca30001fe48 EFLAGS: 00010286 [ 2.911636] RAX: 43a3c02ebe2b54c6 RBX: 0000000000000000 RCX: 0000000000000000 [ 2.911636] RDX: ffffbca300294000 RSI: ffff9e8fc417b448 RDI: ffffbca30001fe50 [ 2.911636] RBP: ffff9e8fc4005a80 R08: 0000000000000000 R09: ffff9e8fc011ad90 [ 2.911636] R10: ffff9e8fc1294270 R11: 0000000000000000 R12: 0000000000000000 [ 2.911636] R13: ffffffff96e88774 R14: 0000000000000000 R15: 0000000000000000 [ 2.911636] FS: 0000000000000000(0000) GS:ffff9e903bc00000(0000) knlGS:0000000000000000 [ 2.911636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2.911636] CR2: 0000000000000000 CR3: 000080001fc10000 CR4: 00000000003506f0 [ 2.911636] Call Trace: [ 2.911636] efi_mokvar_sysfs_init+0x12a/0x172 [ 2.911636] ? efi_mokvar_table_init+0x18a/0x18a [ 2.911636] do_one_initcall+0x44/0x1d0 [ 2.911636] ? __kmalloc+0xc0/0x2d0 [ 2.911636] kernel_init_freeable+0x1ef/0x24b [ 2.911636] ? rest_init+0xb4/0xb4 [ 2.911636] kernel_init+0xa/0x10c [ 2.911636] ret_from_fork+0x22/0x30 [ 2.911636] Modules linked in: [ 2.944868] ---[ end trace 7fa546069e99e464 ]--- [ 2.946173] RIP: 0010:efi_mokvar_entry_next+0x34/0x40 [ 2.947389] Code: c5 01 48 8b 17 48 c7 07 00 00 00 00 48 85 c0 74 24 48 85 d2 74 14 80 3a 00 74 18 48 8b 82 00 01 00 00 48 8d 84 02 08 01 00 00 <80> 38 00 74 04 48 89 07 c3 31 c0 c3 0f 1f 44 00 00 41 54 4c 8b 25 [ 2.951803] RSP: 0018:ffffbca30001fe48 EFLAGS: 00010286 [ 2.953227] RAX: 43a3c02ebe2b54c6 RBX: 0000000000000000 RCX: 0000000000000000 [ 2.954899] RDX: ffffbca300294000 RSI: ffff9e8fc417b448 RDI: ffffbca30001fe50 [ 2.956397] RBP: ffff9e8fc4005a80 R08: 0000000000000000 R09: ffff9e8fc011ad90 [ 2.957987] R10: ffff9e8fc1294270 R11: 0000000000000000 R12: 0000000000000000 [ 2.959624] R13: ffffffff96e88774 R14: 0000000000000000 R15: 0000000000000000 [ 2.961414] FS: 0000000000000000(0000) GS:ffff9e903bc00000(0000) knlGS:0000000000000000 [ 2.963132] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2.964493] CR2: 0000000000000000 CR3: 000080001fc10000 CR4: 00000000003506f0 [ 2.965970] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 2.967745] Kernel Offset: 0x13c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) The reason for this is an upstream bug where the MOKVar EFI table is mapped as u nencrypted memory while it needs to be mapped encrypted. -- You are receiving this mail because: You are the assignee for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1186884
Joerg Roedel
participants (1)
-
bugzilla_noreply@suse.com