[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMj1kXFjWBpOij5V3=-9etqTW9p8guqPDCGU3DK0Yxq6zrBiBQ@mail.gmail.com>
Date: Tue, 23 Jul 2024 00:14:29 +0200
From: Ard Biesheuvel <ardb@...nel.org>
To: "Shao, Marshall" <Marshall.Shao@...l.com>
Cc: "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "hpa@...or.com" <hpa@...or.com>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>, "bp@...en8.de" <bp@...en8.de>,
"mingo@...hat.com" <mingo@...hat.com>, "tglx@...utronix.de" <tglx@...utronix.de>,
"Mishra, Ashish" <Ashish.Mishra4@...l.com>, "Chia, Jia Yuan" <JiaYuan.Chia@...l.com>,
"Dion, Christopher" <Christopher.Dion@...l.com>, "Caisse, Joe" <Joe.Caisse@...l.com>,
"Mukundan, Govind" <Govind.Mukundan@...l.com>
Subject: Re: [Patch] Do not clear BSS region in x86 stub
On Mon, 22 Jul 2024 at 13:48, Shao, Marshall <Marshall.Shao@...l.com> wrote:
>
> Hi Ard,
>
> > Given that GRUB now supports the native EFI entrypoint properly,
> > the handover protocol is essentially deprecated.
>
> In my case, the systemd-boot jumped into the EFI stub code via
> handover protocol, this may not be an orthodox way to boot the kernel
> but it performs well on the others, I have tested on at least
> 6 firmware.
>
systemd-boot does not implement the EFI handover protocol.
systemd-stub does implement it (for UKIs) but only for kernel versions
v5.8 or older.
The EFI handover protocol is known to be problematic as the loaders
often fail to allocate memory for the entire image, and only allocate
enough pages to load the bzImage itself.
This means that clearing BSS will wipe unrelated memory if the region
after the image happens to be used already. It also means that not
clearing BSS is just a crutch, and the correct fix is to ensure that
systemd-stub allocates the correct number of pages, and clears the
ones that are not covered by the bzImage payload.
> I understand that the handover protocol is going to be deprecated.
> However, as of now, I can't guarantee which EFI loader will be
> used to load my bzImage. Although it’s not very common, booting
> from the handover protocol with uncleaned BSS memory is possible.
>
systemd-boot does not use the EFI handover protocol. Please try to
determine where this confusion comes from: are you using a UKI image
perhaps?
> >> memset(_bss+0x10000, 0, _ebss - _bss - 0x10000)
>
> > So now you are applying the memset only to part of BSS, right? How
> > does this help?
>
> This part doesn't work without increasing the BOOT_STACK_SIZE.
>
... because the 0x10000 value would be incorrect otherwise?
I am trying to understand *why* this particular change works around
the issue. Please elaborate.
My preliminary conclusion here is that your implementation of the EFI
handover protocol (which I fail to understand where it comes from) is
not allocating enough memory. This should be fixed on the bootloader
side, as not clearing the BSS does not prevent this memory from being
corrupted.
Powered by blists - more mailing lists