KASAN debug kernel fails to boot at early stage when CONFIG_SMP=y is set (kernel 6.5-rc5, PowerMac G4 3,6)

Erhard Furtner erhard_f at mailbox.org
Tue Aug 15 03:27:48 AEST 2023 

On Mon, 14 Aug 2023 09:40:44 +0000
Christophe Leroy <christophe.leroy at csgroup.eu> wrote:

> Interesting. That means we get stuck somewhere around  MMU_init()
> 
> We know that MMU_init_hw() is called and runs at least until:
> 
> 	pr_info("Total memory = %lldMB; using %ldkB for hash table\n",
> 		(unsigned long long)(total_memory >> 20), Hash_size >> 10);
> 
> But we never reach the print in setup_kuap() which is itself called by 
> set_kup():
> 	pr_info("Activating Kernel Userspace Access Protection\n");
> 
> 
> Could you try to narrow more the issue by spreading pr_info() at places 
> in the code below and/or the called functions ? Either we never come 
> back from MMU_init_hw(), or one of mapin_ram() btext_unmap() 
> kasan_mmu_init() fails.
> 
> So the piece of code we are interested in is located in 
> arch/powerpc/mm/init_32.c and is:
> 
> 	/* Initialize the MMU hardware */
> 	if (ppc_md.progress)
> 		ppc_md.progress("MMU:hw init", 0x300);
> ==>	MMU_init_hw();  
> 
> 	/* Map in all of RAM starting at KERNELBASE */
> 	if (ppc_md.progress)
> 		ppc_md.progress("MMU:mapin", 0x301);
> 	mapin_ram();
> 
> 	/* Initialize early top-down ioremap allocator */
> 	ioremap_bot = IOREMAP_TOP;
> 
> 	if (ppc_md.progress)
> 		ppc_md.progress("MMU:exit", 0x211);
> 
> 	/* From now on, btext is no longer BAT mapped if it was at all */
> #ifdef CONFIG_BOOTX_TEXT
> 	btext_unmap();
> #endif
> 
> 	kasan_mmu_init();
> 
> ==>	setup_kup();  

I added a pr_info(); right after MMU_init_hw(); and another one right after setup_kup();.

Output of PPC_EARLY_DEBUG changes so that I get an additional black blank line after
[    0.000000] printk: bootconsole [udbg0] enabled
[    0.000000] Total memory = 2048MB; using 4096kB for hash table

and the freeze afterwards. So it looks like we return from MMU_init_hw() but not from setup_kup().

The dmesg of a warm boot (after first booting with kernel 6.4.10) supports that as it also shows the 1st blank line and the 2nd one just after activating KUEP/KUAP:

[    0.000000] printk: bootconsole [udbg0] enabled
[    0.000000] Total memory = 2048MB; using 4096kB for hash table
[    0.000000] 
[    0.000000] Activating Kernel Userspace Access Protection
[    0.000000] Activating Kernel Userspace Execution Prevention
[    0.000000] 
[    0.000000] Linux version 6.5.0-rc6-PMacG4-dirty (root at T1000) (gcc (Gentoo 12.3.1_p20230526 p2) 12.3.1 20230526, GNU ld (Gentoo 2.40 p7) 2.40.0) #1 SMP Mon Aug 14 18:05:17 CEST 2023

As the 2nd blank line from pr_info() is just after KUAP, KUEP initialization I thought these might be a problem. But if I deactivate KUAP/KUAP in the kernel .config I still get the freeze sot it must be something else.

Regards,
Erhard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dmesg_65-rc6_g4-
Type: application/octet-stream
Size: 50400 bytes
Desc: not available
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20230814/8e7fb4c1/attachment-0001.obj>

More information about the Linuxppc-dev mailing list