lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20111116093256.GA5390@udknight.homenetwork>
Date:	Wed, 16 Nov 2011 17:32:56 +0800
From:	wangyanqing <udknight@...il.com>
To:	linux-kernel@...r.kernel.org
Cc:	castet.matthieu@...e.fr, torvalds@...ux-foundation.org,
	akpm@...ux-foundation.org, gregkh@...e.de, tglx@...utronix.de,
	mingo@...e.hu, hpa@...ux.intel.com, spock@...too.org
Subject: Re: [PATCH -V1] x86: make executable for video bios area

Hi All!
Here is the result of my research, hope it is useful to resolve this question.

Notice:trace from up to down	
1:pci_arch_init()

2:pci_mmcfg_early_init() ;boot without PCI_PROBE_NOEARLY  

3:__pci_mmcfg_init(1);

4:pci_mmcfg_arch_init(); mmcfg need acpi

5:pci_probe = (pci_probe & ~PCI_PROBE_MASK) | PCI_PROBE_MMCONF; <== IMPORTANT: clean PCI_PROBE_BIOS away

6:pci_pcbios_init();

7:pci_probe & PCI_PROBE_BIOS ; it will fail

8:pci_find_bios() will no chance to execute 

the result is:
1:pcibios_enabled will always 0
2:set_bios_x will no chance to execute, so from BIOS_BEGIN to BIOS_END is  NX

lrmi:linux real mode interface project, http://sourceforge.net/projects/lrmi/
v86d use lrmi
lrmi.c:358

 if (!map_file((void *)0xc0000, 0x40000,
                PROT_READ | PROT_EXEC,
                MAP_FIXED | MAP_SHARED, "/dev/mem", 0xc0000)) {
                munmap((void *)0, 0x502);
                munmap((void *)0xa0000, 0x20000);
                real_mem_deinit();
                return 0;
        }
this function to map 000c0000-00100000 with X privilege

00000000-00001000 rw-s 00000000 00:01 822        /dev/mem 
00009000-0000a000 r-xp 00001000 00:01 912        /sbin/v86d 
00010000-00050000 rwxp 00000000 00:01 818        /dev/zero 
000a0000-000c0000 rw-s 000a0000 00:01 822        /dev/mem 
000c0000-00100000 r-xs 000c0000 00:01 822        /dev/mem 
08048000-0804c000 r-xp 00001000 00:01 912        /sbin/v86d 
0804c000-0804d000 rw-p 00004000 00:01 912        /sbin/v86d 
b779a000-b779b000 r-xp 00000000 00:00 0          [vdso]
bfac2000-bfae3000 rw-p 00000000 00:00 0          [stack]

At last we get the reason that my machine hang with black screen
The reason is when I boot with ACPI, BIOS_BEGIN to BIOS_END is NX,
then v86d try to map 0xc0000 to 0x100000 with executable privilege, 
it mmap success(mem.c:300, mmap_mem haven't check whether it is illegal), 
but the pages between BIOS_BEGIN and BIOS_END is NX at all, so it hang!

Question:
1:boot with ACPI make BIOS area NX on X86, is that what we want?
2:mmap_mem haven't check whether it is illegal the mmap target address, right?

Thanks




--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ