From: Colin Watson <cjwatson@debian.org>
To: debian-amd64@lists.debian.org, linux-kernel@vger.kernel.org
Cc: discuss@x86-64.org
Subject: x86-64: PT_GNU_STACK exec bit broken under ia32 emulation?
Date: Thu, 27 Jan 2005 03:53:50 -0600 [thread overview]
Message-ID: <20050127095350.GA6638@master.debian.org> (raw)
In-Reply-To: <20050127024523.GA6511@master.debian.org>
On Wed, Jan 26, 2005 at 08:45:23PM -0600, Colin Watson wrote:
> On Wed, Jan 26, 2005 at 05:49:31AM -0600, Colin Watson wrote:
> > I had the exact same problem (on Ubuntu rather than Debian, but hey).
> > Debugging-by-printf revealed that grub segfaulted after calling
> > stage2/builtins.c:disk_read_savesect_func() through the disk_read_func
> > pointer in stage2/disk_io.c:rawread(); output from a printf before that
> > call was printed, while output from a printf at the beginning of the
> > disk_read_savesect_func() call was not printed. It *looks* like the text
> > of that function is corrupt in memory, although I'm not wholly convinced
> > that my debugging techniques were sound there because I'm having trouble
> > debugging a 32-bit binary.
>
> I think this last sentence was indeed bogus.
>
> Anyway, I've narrowed down the introduction of the problem to somewhere
> between 2.6.9-bk1 and 2.6.9-bk2. Suggestions for changesets in there
> that could have broken grub would be gratefully appreciated.
Context for LKML and discuss@x86-64; grub segfaults when running its
'install' command (via grub-install) on Debian and Ubuntu systems
running stock kernels >= 2.6.9-bk2, up to and including 2.6.11-rc2-bk3
(haven't tried 2.6.11-rc2-bk4 yet). grub is a 32-bit binary relying on
ia32 emulation. The implementation of the 'install' command in grub uses
nested functions, which require a stack trampoline, and therefore the
executable-stack bit is set on the binary:
$ readelf -l /sbin/grub | grep STACK
STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4
However, booting with noexec=off cures the problem, so it would appear
that the executable stack bit isn't being checked properly at least
under ia32 emulation.
2.6.9-bk1 works fine, but noexec=on only became the default in
2.6.9-bk2; I haven't yet tried booting 2.6.9-bk1 with noexec=on, but I
can try that if it might be helpful.
Thanks,
--
Colin Watson [cjwatson@debian.org]
parent reply other threads:[~2005-01-27 9:54 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <20050127024523.GA6511@master.debian.org>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050127095350.GA6638@master.debian.org \
--to=cjwatson@debian.org \
--cc=debian-amd64@lists.debian.org \
--cc=discuss@x86-64.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.