From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
To: Borislav Petkov <bp@alien8.de>
Cc: Chao Fan <fanc.fnst@cn.fujitsu.com>,
Guenter Roeck <linux@roeck-us.net>,
Thomas Gleixner <tglx@linutronix.de>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
"Lendacky, Thomas" <thomas.lendacky@amd.com>,
Masahiro Yamada <yamada.masahiro@socionext.com>,
caoj.fnst@cn.fujitsu.com, Juergen Gross <jgross@suse.com>,
Ingo Molnar <mingo@kernel.org>, Kees Cook <keescook@chromium.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
"H. Peter Anvin" <hpa@zytor.com>,
linux-tip-commits@vger.kernel.org,
Matt Fleming <matt@codeblueprint.co.uk>
Subject: Re: [tip:x86/boot] x86/boot: Early parse RSDP and save it in boot_params
Date: Mon, 11 Feb 2019 10:33:02 +0000 [thread overview]
Message-ID: <CAKv+Gu-Fk+_uDvRz7nbceaHAWS_mevm0BuDQd1sSYAQpiPgmNw@mail.gmail.com> (raw)
In-Reply-To: <20190211102426.GA19618@zn.tnic>
On Mon, 11 Feb 2019 at 11:24, Borislav Petkov <bp@alien8.de> wrote:
>
> On Mon, Feb 11, 2019 at 10:17:36AM +0000, Ard Biesheuvel wrote:
> > That still does not explain how 'table' can assume a value > 4 GB
> > after assigning the contents of a u32 to it.
>
> See efi_get_rsdp_addr() in tip/master and especially that systable address
> computation:
>
> #ifdef CONFIG_X86_64
> systab = (efi_system_table_t *)(ei->efi_systab | ((__u64)ei->efi_systab_hi<<32));
> #else
> if (ei->efi_systab_hi || ei->efi_memmap_hi) {
> debug_putstr("Error getting RSDP address: EFI system table located above 4GB.\n");
> return 0;
> }
> systab = (efi_system_table_t *)ei->efi_systab;
> #endif
>
> ...
>
> config_tables = (void *)(systab->tables + size * i);
>
> It is hard to debug that early but I managed to singlestep it last night
> to this deref:
>
> } else {
> efi_config_table_32_t *tmp_table;
>
> tmp_table = config_tables;
> guid = tmp_table->guid;
> ^^^^^^^^^^^^^^
>
> table = tmp_table->table;
>
> which in asm is:
>
> # arch/x86/boot/compressed/acpi.c:114: guid = tmp_table->guid;
> #NO_APP
> movq (%rdi), %rax # MEM[(struct efi_config_table_32_t *)config_tables_37].guid, guid
> movq 8(%rdi), %rsi # MEM[(struct efi_config_table_32_t *)config_tables_37].guid, guid
> # arch/x86/boot/compressed/acpi.c:115: table = tmp_table->table;
> movl 16(%rdi), %r10d # MEM[(struct efi_config_table_32_t *)config_tables_37].table, table
>
> and %rdi has 0x630646870 so either we got the wrong address or qemu
> mapped it above 4G...
>
> It is only an observation for now though...
>
I think the problem is that efi_system_table_t is native, so if you
want to access a 32-bit EFI system table from a 64-bit build, you will
need to use efi_system_table_32_t explicitly.
next prev parent reply other threads:[~2019-02-11 10:33 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-23 11:08 [PATCH v16 0/7] Parse ACPI table and limit KASLR to choosing immovable memory Chao Fan
2019-01-23 11:08 ` [PATCH v16 1/7] x86/boot: Copy kstrtoull() to boot/string.c instead of simple_strtoull() Chao Fan
2019-02-01 10:58 ` [tip:x86/boot] x86/boot: Copy kstrtoull() to boot/string.c tip-bot for Chao Fan
2019-01-23 11:08 ` [PATCH v16 2/7] x86/boot: Introduce get_acpi_rsdp() to parse RSDP in cmdline from KEXEC Chao Fan
2019-02-01 10:59 ` [tip:x86/boot] x86/boot: Add "acpi_rsdp=" early parsing tip-bot for Chao Fan
2019-01-23 11:08 ` [PATCH v16 3/7] x86/boot: Introduce efi_get_rsdp_addr() to find RSDP from EFI table Chao Fan
2019-02-01 10:59 ` [tip:x86/boot] x86/boot: Search for RSDP in the EFI tables tip-bot for Chao Fan
2019-01-23 11:08 ` [PATCH v16 4/7] x86/boot: Introduce bios_get_rsdp_addr() to search RSDP in memory Chao Fan
2019-02-01 11:00 ` [tip:x86/boot] x86/boot: Search for " tip-bot for Chao Fan
2019-01-23 11:08 ` [PATCH v16 5/7] x86/boot: Early parse RSDP and fill in boot_params Chao Fan
2019-01-23 11:17 ` Chao Fan
2019-02-01 11:01 ` [tip:x86/boot] x86/boot: Early parse RSDP and save it " tip-bot for Chao Fan
2019-02-08 19:02 ` Guenter Roeck
2019-02-08 19:10 ` Borislav Petkov
2019-02-08 20:44 ` Guenter Roeck
2019-02-08 21:53 ` Borislav Petkov
2019-02-11 0:22 ` Borislav Petkov
2019-02-11 1:33 ` Chao Fan
2019-02-11 9:46 ` Ard Biesheuvel
2019-02-11 9:55 ` Chao Fan
2019-02-11 9:57 ` Ard Biesheuvel
2019-02-11 10:10 ` Chao Fan
2019-02-11 10:17 ` Ard Biesheuvel
2019-02-11 10:24 ` Borislav Petkov
2019-02-11 10:33 ` Ard Biesheuvel [this message]
2019-02-11 10:42 ` Borislav Petkov
2019-02-11 10:46 ` Ard Biesheuvel
2019-02-11 11:04 ` Borislav Petkov
2019-02-11 11:55 ` Ard Biesheuvel
2019-02-11 12:16 ` Borislav Petkov
2019-02-11 11:20 ` Borislav Petkov
2019-02-11 13:21 ` Chao Fan
2019-02-13 1:54 ` Chao Fan
2019-02-13 7:36 ` Boris Petkov
2019-02-13 7:58 ` Chao Fan
2019-02-13 8:01 ` Ard Biesheuvel
2019-02-13 8:12 ` Chao Fan
2019-02-13 8:50 ` Borislav Petkov
2019-02-13 8:57 ` Chao Fan
2019-02-11 1:07 ` Chao Fan
2019-02-11 9:30 ` Chao Fan
2019-02-11 10:08 ` Borislav Petkov
2019-02-11 13:03 ` Chao Fan
2019-02-11 14:08 ` Guenter Roeck
2019-02-13 9:06 ` [tip:x86/boot] x86/boot: Correct RSDP parsing with 32-bit EFI tip-bot for Borislav Petkov
2019-02-13 11:27 ` tip-bot for Borislav Petkov
2019-01-23 11:08 ` [PATCH v16 6/7] x86/boot: Parse SRAT address from RSDP and store immovable memory Chao Fan
2019-02-01 11:01 ` [tip:x86/boot] x86/boot: Parse SRAT table and count immovable memory regions tip-bot for Chao Fan
2019-01-23 11:08 ` [PATCH v16 7/7] x86/boot/KASLR: Limit KASLR to extracting kernel in immovable memory Chao Fan
2019-02-01 11:02 ` [tip:x86/boot] x86/boot/KASLR: Limit KASLR to extract the kernel in immovable memory only tip-bot for Chao Fan
2019-01-28 17:51 ` [PATCH v16 0/7] Parse ACPI table and limit KASLR to choosing immovable memory Borislav Petkov
2019-01-30 5:58 ` Chao Fan
2019-01-30 11:22 ` [PATCH] x86/boot: Build the command line parsing code unconditionally (was: Re: [PATCH v16 0/7] Parse ACPI table and limit KASLR to choosing immovable memory) Borislav Petkov
2019-02-01 10:57 ` [tip:x86/boot] x86/boot: Build the command line parsing code unconditionally tip-bot for Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKv+Gu-Fk+_uDvRz7nbceaHAWS_mevm0BuDQd1sSYAQpiPgmNw@mail.gmail.com \
--to=ard.biesheuvel@linaro.org \
--cc=bp@alien8.de \
--cc=caoj.fnst@cn.fujitsu.com \
--cc=fanc.fnst@cn.fujitsu.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=keescook@chromium.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=linux@roeck-us.net \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
--cc=yamada.masahiro@socionext.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.