lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <94D0CD8314A33A4D9D801C0FE68B40295BE775BC@G4W3202.americas.hpqcorp.net>
Date:	Wed, 2 Dec 2015 01:26:37 +0000
From:	"Elliott, Robert (Persistent Memory)" <elliott@....com>
To:	"joseph.cihula@...el.com" <joseph.cihula@...el.com>,
	"richard.l.maliszewski@...el.com" <richard.l.maliszewski@...el.com>,
	"gang.wei@...el.com" <gang.wei@...el.com>,
	"shane.wang@...el.com" <shane.wang@...el.com>
CC:	"tglx@...utronix.de" <tglx@...utronix.de>,
	"mingo@...hat.com" <mingo@...hat.com>,
	"hpa@...or.com" <hpa@...or.com>, "x86@...nel.org" <x86@...nel.org>,
	"tboot-devel@...ts.sourceforge.net" 
	<tboot-devel@...ts.sourceforge.net>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"Knippers, Linda" <linda.knippers@....com>,
	"Kani, Toshimitsu" <toshi.kani@....com>
Subject: RE: tboot: non-0 tboot_addr but it is not of type E820_RESERVED


> -----Original Message-----
> From: linux-kernel-owner@...r.kernel.org [mailto:linux-kernel-
> owner@...r.kernel.org] On Behalf Of Elliott, Robert (Persistent Memory)
> Sent: Monday, November 23, 2015 7:58 PM
...
> Subject: tboot: non-0 tboot_addr but it is not of type E820_RESERVED
> 
> I noticed this being reported on our UEFI-based machines booting
> with grub2 (and not using trusted boot):
> [    0.000000] tboot: non-0 tboot_addr but it is not of type E820_RESERVED
> 
> The alleged address is:
>                 0x6b7369642065766f
> which is actually an ASCII string "ksid evo".
> 
> That comes from arch/c86/kernel/tboot.c checking if the address is
> in the E820 table.
> 
> Is that supposed to be initialized to 0 by the EFI boot stub
> in arch/x86/boot/compressed/eboot.c, and we're just lucky that it
> doesn't appear to be a valid address?
... 

Per an hpa suggestion, I compared two versions of grub:

upstream grub (with "linux" in grub.cfg):
tboot_probe boot_params[0] = 0000008000000000 0000000000000070 
tboot_probe boot_params[16] = 1000000400032000 0000009100003000 
tboot_probe boot_params[32] = 3fa3001000100810 0808080008180000 
tboot_probe boot_params[48] = 0000000000000000 0000000000000000 
tboot probe boot_params[64] = 0000000000000000 0000000000000000 
tboot_probe boot_params[80] = 0000000000000000 0000000000000000 
tboot_probe boot_params[96] = 0000000000000000 0000000000000000 
tboot_probe boot_params[112] = 0000000000000000 0000000000000000 
tboot_probe boot_params[128] = 0000000000000000 0000000000000000 
tboot_probe boot_params[144] = 0000000000000000 0000000000000000 
tboot_probe boot_params[160] = 0000000000000000 0000000000000000 
tboot_probe boot_params[176] = 0000000000000000 0000000000000000 
tboot_probe boot_params[192] = 0000000000000000 0000000000000000 
...
<no complaint about tboot_addr>

Fedora 22 grub (with "linuxefi" in grub.cfg):
tboot_probe boot_params[0] = 0000000000000000 0000000000000070
tboot_probe boot_params[16] = 0000000400032000 0000009100003000
tboot_probe boot_params[32] = 0000000000100810 0808080008180000
tboot_probe boot_params[48] = 0000010000000100 0000000000000000
tboot_probe boot_params[64] = 557365206120626f 6f74206c6f616465
tboot_probe boot_params[80] = 722e0d0a0a52656d 6f7665206469736b
tboot_probe boot_params[96] = 20616e6420707265 737320616e79206b
tboot_probe boot_params[112] = 657920746f207265 626f6f742e2e2e0d
tboot_probe boot_params[128] = 0a00504500006486 0400000000000000
tboot_probe boot_params[144] = 000001000000a000 06020b020214f017
tboot_probe boot_params[160] = 5c00000000001076 d200104600000002
tboot_probe boot_params[176] = 0000000000000000 0000200000002000
tboot_probe boot_params[192] = 0000000000000000 0000000000000000
...
[    0.000000] tboot: non-0 tboot_addr 0x6b7369642065766f but it is not of type E820_RESERVED

In both cases, the kernel is compiled with CONFIG_EFI_STUB=y.

tboot_addr is at offset 88.  Offset 64 is an ASCII string that says:
"Use a boot loader.

Remove disk and press any key to reboot..."

and is from arch/x86/boot/header.S, which is placing that string 
at offset 64 (0x3c + 4) from .bstext (which precedes .bsdata) if
CONFIG_EFI_STUB is true.

#ifdef CONFIG_EFI_STUB
        .org    0x3c
        #
        # Offset to the PE header.
        #
        .long   pe_header
#endif /* CONFIG_EFI_STUB */

        .section ".bsdata", "a"
bugger_off_msg:
        .ascii  "Use a boot loader.\r\n"
        .ascii  "\n"
        .ascii  "Remove disk and press any key to reboot...\r\n"
        .byte   0


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ