GELI BIOS weirdness

Dimitry Andric dim at FreeBSD.org
Mon Feb 13 21:37:47 UTC 2017


Yeah, but I'm interested in the symbols, otherwise it becomes hard to
follow.  Also, I've looked at my own copy of gptboot.o, and it doesn't
contain those bytes at all.  That said, my gptboot sources also don't
have the lines:

  if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
         sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize);
  else {

The only use of G_ELI_FLAG_AUTH is in sys/boot/geli/geliboot.c:

                /* Store the keys */
                bcopy(mkey, geli_e->sc.sc_mkey, sizeof(geli_e->sc.sc_mkey));
                bcopy(mkey, geli_e->sc.sc_ivkey, sizeof(geli_e->sc.sc_ivkey));
                mkp = mkey + sizeof(geli_e->sc.sc_ivkey);
                if ((geli_e->sc.sc_flags & G_ELI_FLAG_AUTH) == 0) {
                        bcopy(mkp, geli_e->sc.sc_ekey, G_ELI_DATAKEYLEN);
                } else {

but the assembly for the rest of the geli_attach() function looks pretty
reasonable.

-Dimitry

> On 13 Feb 2017, at 22:32, Conrad Meyer <cem at freebsd.org> wrote:
> "objdump -D -b binary -Mx86-64 -mi386 foo.bin" should work fine (no
> symbols, though...).
> 
> Best,
> Conrad
> 
> On Mon, Feb 13, 2017 at 1:16 PM, Dimitry Andric <dim at freebsd.org> wrote:
>> On 13 Feb 2017, at 21:58, Eric McCorkle <eric at metricspace.net> wrote:
>>> 
>>> On 02/13/2017 15:36, Dimitry Andric wrote:
>>> 
>>>> This disassembles to:
>>>> 
>>>>  0:   66 0f 38 f6 f0          adcx   %eax,%esi
>>>>  5:   31 c6                   xor    %eax,%esi
>>>>  7:   8b 4d 14                mov    0x14(%ebp),%ecx
>>>>  a:   89 cf                   mov    %ecx,%edi
>>>>  c:   c1 ff 1f                sar    $0x1f,%edi
>>>>  f:   8b                      .byte 0x8b
>>> 
>>> Note that this was truncated, so the sar and .byte are probably a
>>> truncated instruction.
>>> 
>>> Also, when I had printfs in place, I could see the call instructions.
>>> 
>>>> My first guess would be that the code simply jumped into garbage.  But
>>>> can you post the complete .o file somewhere for inspection?
>>> 
>>> Attached.
>>> <gptboot>
>> 
>> Can you please post the file before it's been stripped and objcopied
>> from ELF to binary format?  That makes it a lot easier to disassemble
>> and analyze... :)
>> 
>> -Dimitry
>> 
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20170213/f524a7b9/attachment.sig>


More information about the freebsd-hackers mailing list