Re: [PATCHv2 1/3] x86, ptdump: Add section for EFI runtime services

From: Mathias Krause
Date: Tue Oct 28 2014 - 17:14:32 EST

Next message: Felipe Balbi: "Re: Errors: Compiling 3.18-rc2"
Previous message: Al Viro: "Re: overlayfs: "filesystem of lowerdir is not supported" on cdrom"
In reply to: Borislav Petkov: "Re: [PATCHv2 1/3] x86, ptdump: Add section for EFI runtime services"
Next in thread: Borislav Petkov: "Re: [PATCHv2 1/3] x86, ptdump: Add section for EFI runtime services"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 28 October 2014 21:13, Borislav Petkov <bp@xxxxxxxxx> wrote:
> On Tue, Oct 28, 2014 at 08:48:23PM +0100, Mathias Krause wrote:
>> I tried so too but failed early as well. I tried putting the EFI
>> virtual mappings not in trampoline_pgd[511] but trampoline_pgd[510].
>> However, that didn't work out. I got page faults when trying to invoke
>> EFI functions, as, apparently, efi.systab was only mapped in the EFI
>> page table but not the kernel's page table -- at least not at the same
>> address. So when efi_call_virt() tries to dereference
>> efi.systab->runtime->f, it just traps.
>> I tried to hack around that by fiddling with get_systab_virt_addr() to
>> make it point to the direct mapping for the phys_addr but failed on
>> the first few attempts to get the math right. Then I noticed it was
>> way to late to hack EFI code and fell asleep. Next day I just gave up
>> and 'git reset --hard HEAD'. :(
>
> I know exactly what you mean. The nasty thing about it is, debugging
> this is not trivial as once you switch to another page table, you don't
> have a #PF handler and the guest triple-faults. All of the above issues
> I've encountered already while hacking on the current code :-) *Cringe*

Mapping the kernel into the EFI page table may help ;) Then the
kernel's #PF handler would be present and able to print a register
dump, at least.

So, assuming you're not mapping the EFI virtual mappings below the
pgd[511] hierarchy, making pgd[511] equal init_level4_pgt[511] should
help in this case. In fact, you need to map portions of the kernel
into the EFI page table anyway. Otherwise the EFI code wouldn't be
able to access, e.g., the data it should write to NVRAM. So the EFI
code would just trap and trigger a #PF -- and because of the missing
#PF handler, a #DF -- and because of the missing #DF handler the
triple fault. ;)

>
> I want to do experimentation with tracing page faults in KVM with the
> nested PF handling in hw turned off so that I can see all #PFs. Maybe
> that'll tell me something more, we'll see.

Oh, well. Have fun with that! I would take the "map kernel into EFI
page table" route instead. ;)

>
>> Debian's version of qemu + OVMF works fine here. Probably slightly
>> outdated but still good enough for testing EFI stuff ;)
>
> Yeah, Paolo fixed it already:
>
> https://lkml.kernel.org/r/1414420306-2771-2-git-send-email-pbonzini@xxxxxxxxxx
>
> I think we want to keep qemu+kvm functioning :-)

Of course! It makes testing a lot easier.

Cheers,
Mathias
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Felipe Balbi: "Re: Errors: Compiling 3.18-rc2"
Previous message: Al Viro: "Re: overlayfs: "filesystem of lowerdir is not supported" on cdrom"
In reply to: Borislav Petkov: "Re: [PATCHv2 1/3] x86, ptdump: Add section for EFI runtime services"
Next in thread: Borislav Petkov: "Re: [PATCHv2 1/3] x86, ptdump: Add section for EFI runtime services"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]