GELI BIOS weirdness
Dimitry Andric
dim at FreeBSD.org
Mon Feb 13 20:36:41 UTC 2017
On 13 Feb 2017, at 21:24, Eric McCorkle <eric at metricspace.net> wrote:
>
> Hello everyone,
>
> I ran into an apparent bug while trying to test a patch related to some
> GELI boot work. This particular patch involves *BIOS* GELI-on-root (not
> EFI).
>
> I created an image for qemu with a single gpt disk having a freebsd-boot
> and freebsd-ufs partition, with the freebsd-ufs partition actually
> having a GELI volume.
>
> The gptboot phase crashes with an illegal instruction. I tracked this
> down to eli_metadata_softc (defined in sys/geom/eli/g_eli.h),
> specifically to the mod operation near the end. Code here:
>
>> if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
>> sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize);
>> else {
>
> This crash also occurs on a build from master.
>
> The crash dump shows eip pointing to the following code:
>
> 66 0f 38 f6 f0 31 c6 8b - 4d 14 89 cf c1 ff 1f 8b
>
> The the first 5 bytes of this looks like it's supposed to be an extended
> DIV instruction, which is what I would expect, except the opcode is
> wrong (it's adc instead), which doesn't end up corresponding to any
> valid form of an extended instruction (the 66 prefix). Examination of
> the disassembly confirms this, and the surrounding instructions match
> what you would expect from the C code.
This disassembles to:
0: 66 0f 38 f6 f0 adcx %eax,%esi
5: 31 c6 xor %eax,%esi
7: 8b 4d 14 mov 0x14(%ebp),%ecx
a: 89 cf mov %ecx,%edi
c: c1 ff 1f sar $0x1f,%edi
f: 8b .byte 0x8b
My first guess would be that the code simply jumped into garbage. But
can you post the complete .o file somewhere for inspection?
-Dimitry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freebsd.org/pipermail/freebsd-amd64/attachments/20170213/1a328da0/attachment.sig>
More information about the freebsd-amd64
mailing list