From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Laszlo Ersek <lersek@redhat.com>,
"Wang, Jian J" <jian.j.wang@intel.com>,
"Justen, Jordan L" <jordan.l.justen@intel.com>
Cc: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>,
"Kinney, Michael D" <michael.d.kinney@intel.com>
Subject: Re: ASSERT in QemuVideoDxe driver during reset
Date: Wed, 6 Sep 2017 11:16:44 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A9A8802@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <130779a4-f1c8-bf07-8b85-8125d466aed3@redhat.com>
HI
I think the NULL detection feature should *never* break any existing platform.
No real function should be skipped for PcdNullDetection.
If InstallVbeShim () is needed for CSM, we should always call InstallVbeShim() for CSM.
I suggest below options:
1) In OVMF, if CSM is enabled, disable PcdNullDetection.
2) In OVMF, if any driver need access first 4K page, the code should explicit call SetAttribute(0, 4K, READ|WRITE), if PcdNullDetection is enabled.
Either #1 or #2 is OK.
#1 is simple, and #2 can help detect more potential issue.
Thank you
Yao Jiewen
From: Laszlo Ersek [mailto:lersek@redhat.com]
Sent: Wednesday, September 6, 2017 6:21 PM
To: Wang, Jian J <jian.j.wang@intel.com>; Justen, Jordan L <jordan.l.justen@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
Cc: edk2-devel@lists.01.org; Kinney, Michael D <michael.d.kinney@intel.com>
Subject: Re: ASSERT in QemuVideoDxe driver during reset
On 09/06/17 10:15, Wang, Jian J wrote:
> Hi guys,
>
> I found an ASSERT issue in function InstallVbeShim() in QemuVideoDxe
> driver during reset. The assert statement is like below.
>
> ASSERT (Int0x10->Segment == 0x0000);
> ASSERT (Int0x10->Offset == 0x0000);
>
> This happened after I have enabled NULL pointer access detection
> feature, in which page 0 (4K) is disabled.
The NULL pointer access detection conflicts with the VBE shim. For
installing the VBE shim, OVMF has to write to page 0, on purpose.
Please see commit 90803342b1b6 ("OvmfPkg: QemuVideoDxe: Int10h stub for
Windows 7 & 2008 (stdvga, QXL)", 2014-05-20).
> And because of page 0 disabled, I have to skip the memory clearing for
> page 0 in DXE core.
By doing that, you invalidate the following comment in said OVMF commit:
+ //
+ // We managed to allocate the page at zero. SVN r14218 guarantees that it
+ // is NUL-filled.
+ //
+ ASSERT (Int0x10->Segment == 0x0000);
+ ASSERT (Int0x10->Offset == 0x0000);
Because SVN r14218 was what added the clearing of page 0 to the DXE
core. (Expressed as a git commit: d436d5ca0936.)
> Otherwise it will cause page fault exception there. It seems that QEMU
> may clear all its memory at startup. Skipping the action of clearing
> page 0 in core won't cause ASSERT issue in QemuVideoDxe, for the first
> time boot. But QemuVideoDxe will write int10 vector at memory 0x10 and
> QEMU will not clear all its memory during warm boot. ASSERT will be
> triggered after reset.
QEMU does not clear guest RAM at reboot (or S3 resume).
> It's easy to fix this issue but there're some subtle situations which
> I'm not quite certain. I'd like your opinions for them.
>
> Here're my thoughts on several solutions:
> a) Remove the ASSERT statement in InstallVbeShim().
Not a good idea.
> But I'm sure if it is safe to do so because I don't quite understand
> the purpose of the ASSERT.
The ASSERT expresses our belief that, after we manage to *allocate* page
0, we can freely write the real mode Int0x10 vector there, without
overwriting anything else.
> b) Instead of skipping clearing page 0, enable it, do clearing and
> then disable it. The problem here is that CPU arch protocol is not
> ready at that time. I have to "manually" do page operation, which
> might be non-portable and a little bit odd in DXE core.
> c) Move code clearing page 0 from DXE core to another place wherever
> appropriate, like DxeIpl or cpu driver. But I think there's a good
> reason to put code there before.
I'm not sure how the NULL pointer access detection is enabled. Is it
enabled by a PCD?
Hm, yes, it seems, from your patch
[edk2] [PATCH 1/2] Implement NULL pointer detection for EDK-II Core
that the PCD is called
gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetection
I can see in that patch that the DXE core is updated *not* to clear page
0 if the PCD is set to TRUE. That makes sense.
However, OVMF should also be updated to skip the VBE shim installation
if the PCD is set to TRUE. Namely, if the PCD is set to TRUE, then we
simply cannot put the legacy Int0x10 vector in place, so we shouldn't
even try.
Please extend your original patch set with a patch for OvmfPkg. In the
file "OvmfPkg/QemuVideoDxe/Driver.c", locate the InstallVbeShim() call
site:
> #if defined MDE_CPU_IA32 || defined MDE_CPU_X64
> if (Private->Variant == QEMU_VIDEO_BOCHS_MMIO ||
> Private->Variant == QEMU_VIDEO_BOCHS) {
> InstallVbeShim (Card->Name, Private->GraphicsOutput.Mode->FrameBufferBase);
> }
> #endif
and please skip the call if the PCD is set to TRUE:
> #if defined MDE_CPU_IA32 || defined MDE_CPU_X64
> if (!FeaturePcdGet (PcdNullPointerDetection) &&
> (Private->Variant == QEMU_VIDEO_BOCHS_MMIO ||
> Private->Variant == QEMU_VIDEO_BOCHS)) {
> InstallVbeShim (Card->Name, Private->GraphicsOutput.Mode->FrameBufferBase);
> }
> #endif
Now, the consequence of this would be a working OVMF build, but it would
also break booting UEFI Windows 7 on OVMF. Therefore, please append
*another* patch to your patch set, setting the Feature PCD to FALSE in
all three OVMF DSC files:
- OvmfPkg/OvmfPkgIa32.dsc
- OvmfPkg/OvmfPkgIa32X64.dsc
- OvmfPkg/OvmfPkgX64.dsc
We cannot break Windows 7 booting in upstream OVMF. If someone really
wants the null pointer detection in OVMF (and doesn't need Windows 7 for
sure), they can patch the DSC files, or else pass the
--pcd=gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetection=TRUE
option to the "build" utility.
... I'm now seeing in the original discussion that perhaps you will
introduce a bitmap instead (one bit per firmware phase). That's OK with
me; please reinterpret all of the above with the "DXE bit" then.
When you post the next version of the patch set, please CC Jordan and
myself on the OvmfPkg patches.
Thank you!
Laszlo
next prev parent reply other threads:[~2017-09-06 11:13 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-06 8:15 ASSERT in QemuVideoDxe driver during reset Wang, Jian J
2017-09-06 10:20 ` Laszlo Ersek
2017-09-06 11:16 ` Yao, Jiewen [this message]
2017-09-06 13:18 ` Laszlo Ersek
2017-09-06 14:47 ` Gao, Liming
2017-09-06 15:35 ` Laszlo Ersek
2017-09-06 15:06 ` Yao, Jiewen
2017-09-06 15:25 ` Laszlo Ersek
2017-09-07 0:54 ` Yao, Jiewen
2017-09-07 0:41 ` Wang, Jian J
2017-09-07 1:28 ` Yao, Jiewen
2017-09-07 10:58 ` Laszlo Ersek
2017-09-07 11:16 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503A9A8802@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox