From: Keir Fraser <keir.xen@gmail.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>,
Xen-devel <xen-devel@lists.xen.org>
Cc: George Dunlap <george.dunlap@eu.citrix.com>,
Keir Fraser <keir@xen.org>, Jan Beulich <JBeulich@suse.com>
Subject: Re: [PATCH] x86/boot: Fix BIOS memory corruption on certain IBM systems
Date: Wed, 04 Dec 2013 07:17:03 +0000 [thread overview]
Message-ID: <CEC4876F.690C9%keir.xen@gmail.com> (raw)
In-Reply-To: <1386102859-14477-1-git-send-email-andrew.cooper3@citrix.com>
On 03/12/2013 20:34, "Andrew Cooper" <andrew.cooper3@citrix.com> wrote:
> IBM System x3530 M4 BIOSes (including the latest available at the time of this
> patch) will corrupt a byte at physical address 0x105ff1 to the value of 0x86
> if %esp has the value 0x00080000 when issuing an `int $0x15 (ax=0xec00)` to
> inform the system about our intended operating mode.
>
> Xen gets unhappy when the bootloader has placed it's .text section in over
> this specific region of RAM.
>
> After dropping into 16bit mode, initialise as much state as we possibly can to
> sane values. This includes 0 for all the GPRs and %cs for %fs and %gs which
> would otherwise be unreal segment selectors.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> CC: Keir Fraser <keir@xen.org>
> CC: Jan Beulich <JBeulich@suse.com>
> CC: George Dunlap <george.dunlap@eu.citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
> ---
>
> George:
> * This fixes a memory corruption issue, so counts towards both #1 and #2 as
> far as a freeze exception goes.
> ---
> xen/arch/x86/boot/trampoline.S | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/xen/arch/x86/boot/trampoline.S b/xen/arch/x86/boot/trampoline.S
> index 827f412..f4dfb94 100644
> --- a/xen/arch/x86/boot/trampoline.S
> +++ b/xen/arch/x86/boot/trampoline.S
> @@ -140,10 +140,12 @@ trampoline_boot_cpu_entry:
> 1: mov %cs,%ax
> mov %ax,%ds
> mov %ax,%es
> + mov %ax,%fs
> + mov %ax,%gs
> mov %ax,%ss
>
> /* Initialise stack pointer and IDT, and enable irqs. */
> - xor %sp,%sp
> + xor %esp,%esp
> lidt bootsym(rm_idt)
> sti
>
> @@ -151,6 +153,11 @@ trampoline_boot_cpu_entry:
> * Declare that our target operating mode is long mode.
> * Initialise 32-bit registers since some buggy BIOSes depend on it.
> */
> + xor %ecx,%ecx
> + xor %edx,%edx
> + xor %esi,%esi
> + xor %edi,%edi
> + xor %ebp,%ebp
> movl $0xec00,%eax # declare target operating mode
> movl $0x0002,%ebx # long mode
> int $0x15
next prev parent reply other threads:[~2013-12-04 7:17 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-03 20:34 [PATCH] x86/boot: Fix BIOS memory corruption on certain IBM systems Andrew Cooper
2013-12-04 7:17 ` Keir Fraser [this message]
2013-12-04 10:03 ` Jan Beulich
2013-12-04 10:35 ` Andrew Cooper
2013-12-04 10:47 ` Jan Beulich
2013-12-04 18:59 ` Keir Fraser
2013-12-04 10:09 ` George Dunlap
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CEC4876F.690C9%keir.xen@gmail.com \
--to=keir.xen@gmail.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=keir@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.