lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070802051323.GA4152@gollum.tnic>
Date:	Thu, 2 Aug 2007 07:13:23 +0200
From:	Borislav Petkov <bbpetkov@...oo.de>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Xudong Guan <xudong.guan@...il.com>, linux-kernel@...r.kernel.org,
	Chuck Ebbert <cebbert@...hat.com>,
	michal.k.k.piotrowski@...il.com
Subject: Re: 2.6.23-rc1: no setup signature found... SOLVED!

On Wed, Aug 01, 2007 at 10:36:07AM -0400, H. Peter Anvin wrote:
> Borislav Petkov wrote:
>> 	Breakpoint 4, 0x00040200 in ?? ()
>> 	1: x/i ($cs << 4) + $eip  0x40300:      lea    (%si),%dx
>> 	(gdb) c
>> 	Continuing.
>> if i do delete here, it loads the second stage of grub and continues to 
>> load the
>> kernel. Is there another way to land at the jmp instruction instead of 
>> poking
>> blindly, maybe disassemble something parts of the initial code. \me 
>> reading
>> grub-docs...
>
> If you do "delete" without a breakpoint number, you're deleting all 
> breakpoints.  I just experimented with grub, and it looks like it should 
> break at 0x90200, so just set that breakpoint and none of the others.
>
> 	-hpa

Hi,

now this is one of those cases where one tries to shoot a small fly with a
nuclear missile. The first assumption that something was wrong with the kernel
setup code was wrong and here's how i know:

The problem with my version of grub not hitting the breakpoint 0x90200 made me
think that something might be messed up in the grub part of the boot sequence.
Thus, i did the qemu simulation again and noticed on the initial boot screen of
grub it saying "Grub version 0.91." However, you remember from a different post
that the version of grub i have is the latest to be found in debian unstable,
0.97-29, so i thought that something has to be wrong with it and especially with all
those grub stages binaries, in my case in /boot/grub, which grub-install setups.
Checking their timestamps revealed that the files are from 2004 so i thought,
well, these are OLD! :) After refreshing the grub installation and replacing
the stages-binaries with the fresh ones, the kernel booted just fine :), here:

[boris@...lum:07:02:07:~:9994)->  uname -a
Linux gollum 2.6.22-4fd06960f120e02e9abc802a09f9511c400042a5-12 #12 PREEMPT Thu Jul 26 18:08:34 CEST 2007 i686 GNU/Linux

so i guess the problem was with the ancient parts of a grub installation i had
lying around which weren't replaced by the apt-get update process and somehow
messed up newer grub versions. Anyway, in the end one still learns a lot while at it.

Thanks for your help.

-- 
Regards/Gruß,
    Boris.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ