lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sat, 06 Mar 2010 00:02:51 +1100
From:	Graeme Russ <graeme.russ@...il.com>
To:	"H. Peter Anvin" <hpa@...or.com>
CC:	linux-kernel@...r.kernel.org
Subject: Re: x86 embedded - Problem getting past 'move compressed kernel 
 before decompression'

Graeme Russ wrote:
> H. Peter Anvin wrote:
>> On 03/01/2010 11:41 AM, Graeme Russ wrote:
>>> H. Peter Anvin wrote:
>>>> On 03/01/2010 03:56 AM, Graeme Russ wrote:
>>>>> I have done a little more digging. By adding an ascii string before
>>>>> relocated: label, I am able to determine that the int3 after the relocated:
>>>>> label exists in bzImage at offset 0x1C3FD7
>>>>>
>>>>> EAX holds (for the jump) 0x5379d0 (different bzImage of course). The
>>>>> contents of memory at this address is in bzImage at offset 0x1C09D7 - A
>>>>> difference of 0x3600 (seems too even to be random)
>>>>>

I've had a close look at the memory dumps and it looks like U-Boot is not
loading in the .text section which is _after_ the compressed vmlinux. This
is what contains the code after the relocated: label. Looks like the
bzImage anatomy information on the net is a little out of date - They
appear to have all the decompression code before the compressed kernel...

I've taken a slightly different tack now - I am tftp'ing the entire bzImage
to 0xfca00 (0x100000 - 0x3600) and adjusting the setup_header pointer to
0xfca00 + 0x1f1 and jumping to 0x10000. After a few false starts, I am able
to get an lzo compressed bzImage up to startup_32 in arch/x86/kernel/head_32.S

My next problem is at Enable Paging:

/*
 * Enable paging
 */
	movl $pa(swapper_pg_dir),%eax
	movl %eax,%cr3		/* set the page table pointer.. */
	movl %cr0,%eax
	orl  $X86_CR0_PG,%eax
	movl %eax,%cr0		/* ..and set paging (PG) bit */
	ljmp $__BOOT_CS,$1f	/* Clear prefetch and normalize %eip */


The kernel crashes at:
	movl %eax,%cr0		/* ..and set paging (PG) bit */

Argh, so close, yet so far :(

regards.

Graeme
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ