[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] OVMF/Xen, Debian wheezy can't boot with NX on stack (Was: Re: [edk2] [PATCH] OvmfPkg: prevent code execution from DXE stack)



On 09/09/15 09:06, Jan Beulich wrote:
>>>> On 09.09.15 at 00:23, <lersek@xxxxxxxxxx> wrote:
>> On 09/08/15 19:26, Anthony PERARD wrote:
>>> And I get this on the console:
>>> Welcome to GRUB!
>>>
>>> !!!! X64 Exception Type - 0E(#PF - Page-Fault)  CPU Apic ID - 00000000 !!!!
>>> RIP  - 000000000F5F8918, CS  - 0000000000000028, RFLAGS - 0000000000210206
>>> ExceptionData - 0000000000000011
>>> RAX  - 0000000000000000, RCX - 0000000007FCE000, RDX - 0000000000000000
>>> RBX  - 000000000B6092C0, RSP - 000000000F5F8590, RBP - 000000000B608EA0
>>> RSI  - 000000000F5F8838, RDI - 000000000B608EA0
>>> R8   - 0000000000000000, R9  - 000000000B609200, R10 - 0000000000000000
>>> R11  - 000000000000000A, R12 - 0000000000000000, R13 - 000000000000001B
>>> R14  - 000000000B609360, R15 - 0000000000000000
>>> DS   - 0000000000000008, ES  - 0000000000000008, FS  - 0000000000000008
>>> GS   - 0000000000000008, SS  - 0000000000000008
>>> CR0  - 0000000080000033, CR2 - 000000000F5F8918, CR3 - 000000000F597000
>>> CR4  - 0000000000000668, CR8 - 0000000000000000
>>> DR0  - 0000000000000000, DR1 - 0000000000000000, DR2 - 0000000000000000
>>> DR3  - 0000000000000000, DR6 - 00000000FFFF0FF0, DR7 - 0000000000000400
>>> GDTR - 000000000F57BF18 000000000000003F, LDTR - 0000000000000000
>>> IDTR - 000000000EEA5018 0000000000000FFF,   TR - 0000000000000000
>>> FXSAVE_STATE - 000000000F5F81F0
>>> !!!! Find PE image 
>> /build/xen-unstable/src/xen-unstable/tools/firmware/ovmf-dir-remote/Build
>> /OvmfX64/DEBUG_GCC49/X64/IntelFrameworkModulePkg/Universal/StatusCode/Runtime
>> Dxe/StatusCodeRuntimeDxe/DEBUG/StatusCodeRuntimeDxe.dll 
>> (ImageBase=000000000F556000, EntryPoint=000000000F55628F) !!!!
>>>
>>> I did check with other guest (Windows, Ubuntu, Debian Jessie), and they are
>>> working correctly. Debian Wheezy is the only one that fail.
>>
>> I don't have an environment to reproduce this in. I think we should try
>> to understand this problem better, before deciding how to make it go away.
>>
>> Please locate the "StatusCodeRuntimeDxe.debug" file in your Build
>> directory (ie. under the location listed in the error report). Then,
>> please disassemble it with "objdump -S". The fault location in the
>> disassembly can be found based on RIP, ImageBase and EntryPoint;
> 
> I don't think the exact instruction at that address really matters. The
> main question appears to be why RIP and RSP both point into the
> same page (see also the subject of Anthony's mail). I.e. we need to
> spot the entity setting the stack to a page that also contains code,
> or placing code on the stack.

Good point!

(... FWIW, I've had luck on several occasions in the past deducing the
the origin of the data from the data itself. So if we can see the "code
on the stack", maybe that could help us figure out where it comes from.
Just an idea; might not apply very well here.)

> That's unlikely to be found by identifying
> the instruction RIP points to, but rather (sadly not part of the state
> dump) something higher up the call chain.

As far as I can see, Debian switched from grub2 v1.99 to v2.02, from
Wheezy to Jessie. Based on the grub2 commit history, quite a few things
happened in grub2 in that timeframe. Should we perhaps ask the grub2
developers?

Thanks
Laszlo

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.