On Wed, Jan 3, 2018 at 8:35 PM, Benjamin Gilbert benjamin.gilbert@coreos.com wrote:
On Wed, Jan 03, 2018 at 04:37:53PM -0800, Andy Lutomirski wrote:
Maybe try rebuilding a bad kernel with free_ldt_pgtables() modified to do nothing, and the read /sys/kernel/debug/page_tables/current (or current_kernel, or whatever it's called). The problem may be obvious.
current_kernel attached. I have not seen any crashes with free_ldt_pgtables() stubbed out.
I haven't reproduced it, but I think I see what's wrong. KASLR sets vaddr_end to a totally bogus value. It should be no larger than LDT_BASE_ADDR. I suspect that your vmemmap is getting randomized into the LDT range. If it weren't for that, it could just as easily land in the cpu_entry_area range. This will need fixing in all versions that aren't still called KAISER.
Our memory map code is utter shite. This kind of bug should not be possible without a giant warning at boot that something is screwed up.