From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1KNDz8-0006bF-Te for mharc-grub-devel@gnu.org; Sun, 27 Jul 2008 17:40:58 -0400 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1KNDz7-0006aa-A5 for grub-devel@gnu.org; Sun, 27 Jul 2008 17:40:57 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1KNDz5-0006Zz-IK for grub-devel@gnu.org; Sun, 27 Jul 2008 17:40:56 -0400 Received: from [199.232.76.173] (port=45359 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1KNDz5-0006Zu-Bs for grub-devel@gnu.org; Sun, 27 Jul 2008 17:40:55 -0400 Received: from aybabtu.com ([69.60.117.155]:33763) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1KNDz4-0005f2-B2 for grub-devel@gnu.org; Sun, 27 Jul 2008 17:40:55 -0400 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.69) (envelope-from ) id 1KNDsa-00031a-77; Sun, 27 Jul 2008 23:34:12 +0200 Received: from rmh by thorin with local (Exim 4.63) (envelope-from ) id 1KNDy1-0006UT-Tf; Sun, 27 Jul 2008 23:39:49 +0200 Date: Sun, 27 Jul 2008 23:39:49 +0200 From: Robert Millan To: The development of GRUB 2 Message-ID: <20080727213949.GA24562@thorin> References: <20080719230622.GA17043@thorin> <200807201109.03173.okuji@enbug.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <200807201109.03173.okuji@enbug.org> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.13 (2006-08-11) X-detected-kernel: by monty-python.gnu.org: Genre and OS details not recognized. Cc: "Yoshinori K. Okuji" Subject: Re: loader modules jumping back to kernel X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Jul 2008 21:40:57 -0000 On Sun, Jul 20, 2008 at 11:09:02AM +0200, Yoshinori K. Okuji wrote: > > IIRC this causes trouble when the loadee chose an address that precisely > > overwrites the loader, which is garanteed to happen when GRUB is loading > > itself, AFAICT. > > Sure. My recommendation is, in case where you might overwrite that part, that > you should write relocatable code (which is rather easy for simple code on > i386) at anywhere (it could be in the startup), find out a safe region when > loading an OS image, copy the code to the safe region, and finalize the > bootstrap in that code (e.g. relocating the OS image, initializing registers, > and jumping to it). On i386, we have a reserved region to temporarily load an > OS image for the very reason, so this is not difficult. Ok. I've been looking at grub_multiboot_load_elf32() which contains the bound checks that make loading abort in first place; It seems that bounds are checked for every segment in the ELF image, in: /* Load every loadable segment in memory. */ for (i = 0; i < ehdr->e_phnum; i++) so I'm wondering if it is safe to assume the segments are going to occupy a single block of memory (which can be relocated in one run) or it is allowed for them to be scattered. As for the safe region, AFAICT the OS load area is our only choice, or maybe the heap, but in both cases overlaps are a problem, as we don't want the relocator code to overwrite itself. In case of the OS load area, we could abort on situations where payload requested region overlaps with our area, and in case of the heap, we could play some ugly tricks in order to obtain a non-overlapped region from malloc. TBH I don't like either of the options. Do you have any other suggestions? -- Robert Millan I know my rights; I want my phone call! What good is a phone call… if you are unable to speak? (as seen on /.)