From: "Ard Biesheuvel" <ardb@kernel.org>
To: "Marvin Häuser" <mhaeuser@posteo.de>
Cc: edk2-devel-groups-io <devel@edk2.groups.io>,
Leif Lindholm <quic_llindhol@quicinc.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Sami Mujawar <sami.mujawar@arm.com>,
Vitaly Cheptsov <vit9696@protonmail.com>
Subject: Re: [edk2-devel] [PATCH 1/2] ArmPkg/AsmMacroIoLibV8: Introduce ASM_FUNC_ALIGN()
Date: Wed, 19 Apr 2023 23:55:12 +0200 [thread overview]
Message-ID: <CAMj1kXFJXTU7dmGqBZHFCe4f=XUX6UmiuLWtMd+4JkFu9ExNqw@mail.gmail.com> (raw)
In-Reply-To: <D7BED99B-0867-469E-90B3-B0D15F79B72A@posteo.de>
On Wed, 19 Apr 2023 at 22:10, Marvin Häuser <mhaeuser@posteo.de> wrote:
>
>
> > On 19. Apr 2023, at 21:48, Ard Biesheuvel <ardb@kernel.org> wrote:
> >
> > The issue is likely caused by
> >
> > -Wl,--defsym=PECOFF_HEADER_SIZE=0
> >
> > Why are you setting that? It breaks the ELF to PE conversion.
>
> Where?
It would, but you only appear to be setting that for ASLD_DLINK_FLAGS,
right? So that seems unrelated.
The only thing I am observing is that the store to memory in
ArmMmuBaseLibConstructor()
Hob = GetFirstGuidHob (&gArmMmuReplaceLiveTranslationEntryFuncGuid);
if (Hob != NULL) {
mReplaceLiveEntryFunc = *(VOID **)GET_GUID_HOB_DATA (Hob);
is writing to the emulated NOR flash, and this switches it into NOR
programming mode, causing the firmware to crash immediately as it can
no longer fetch instructions.
FYI I am using GDB to step through the code, i.e.,
- run gdb (or 'gdb-multiarch' if you are cross-compiling)
- start qemu with -s -S
- connect using 'target remote :1234'
- paste the 'add-symbol-file' line, e.g.,
add-symbol-file
/home/ard/build/edk2-workspace/Build/ArmVirtQemu-AARCH64/DEBUG_GCC5/AARCH64/MdeModulePkg/Core/DxeIplPeim/DxeIpl/DEBUG/DxeIpl.dll
0x30000
- set breakpoint
"hb _ModuleEntryPoint"
- start executing
"c"
- use 'ni' to advance to the 'str' instruction that sets mReplaceLiveEntryFunc
> 0x3553c <_ModuleEntryPoint+96> str x1, [x0, #224]
Now, as soon as I step over that instruction (using 's'), the entire
view of memory changes into
│ > 0x35540 <_ModuleEntryPoint+100> .inst 0x00800080 ; undefined
│ 0x35544 <_ModuleEntryPoint+104> .inst 0x00800080 ; undefined
etc, and the next step generates an exception, but this cannot be
handled either. This is all related to the NOR flash emulation code in
QEMU, that stops working as a ROM and switches into programming mode.
I cannot explain why this only happens in this case, and why some
writes seem to be ignored. But it does explain why this particular
firmware build is misbehaving
Now, if you apply the following patches:
ArmPkg/Mmu: Remove handling of NONSECURE memory regions
ArmPkg/ArmMmuLib: Introduce region types for RO/XP WB cached memory
ArmVirtPkg/ArmVirtQemu: Use read-only memory region type for code flash
(from the edk2-devel list), your build still crashes, but it prints
one additional line
Synchronous Exception at 0x3553C
which is the exception caused by the write to NOR flash, which is now
mapped read-only in the page tables, and so it is caught by the
firmware itself.
If you subsequently apply
ArmVirtPkg/ArmVirtQemu: Use PEI flavor of ArmMmuLib for all PEIMs
things work as expected.
https://github.com/ardbiesheuvel/edk2/tree/arm_corruption-latest-ardb
next prev parent reply other threads:[~2023-04-19 21:55 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-17 18:09 [PATCH 1/2] ArmPkg/AsmMacroIoLibV8: Introduce ASM_FUNC_ALIGN() Marvin Häuser
2023-04-17 18:09 ` [PATCH 2/2] ArmPkg/ArmMmuLib: Fix ArmReplaceLiveTranslationEntry() alignment Marvin Häuser
2023-04-17 19:53 ` Leif Lindholm
2023-04-17 19:52 ` [PATCH 1/2] ArmPkg/AsmMacroIoLibV8: Introduce ASM_FUNC_ALIGN() Leif Lindholm
2023-04-17 21:18 ` Ard Biesheuvel
2023-04-18 6:40 ` Marvin Häuser
2023-04-18 8:10 ` Ard Biesheuvel
2023-04-18 8:18 ` Marvin Häuser
2023-04-18 8:59 ` Ard Biesheuvel
2023-04-19 17:13 ` Marvin Häuser
2023-04-19 17:40 ` [edk2-devel] " Ard Biesheuvel
2023-04-19 17:45 ` Marvin Häuser
2023-04-19 18:03 ` Ard Biesheuvel
2023-04-19 18:25 ` Marvin Häuser
2023-04-19 18:26 ` Ard Biesheuvel
2023-04-19 18:31 ` Marvin Häuser
2023-04-19 19:48 ` Ard Biesheuvel
2023-04-19 20:10 ` Marvin Häuser
2023-04-19 21:42 ` Marvin Häuser
2023-04-19 21:55 ` Ard Biesheuvel [this message]
2023-04-19 22:15 ` Marvin Häuser
2023-04-19 22:27 ` Pedro Falcato
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMj1kXFJXTU7dmGqBZHFCe4f=XUX6UmiuLWtMd+4JkFu9ExNqw@mail.gmail.com' \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox