From: Colin Watson <cjwatson@debian.org>
To: debian-amd64@lists.debian.org, linux-kernel@vger.kernel.org
Cc: discuss@x86-64.org
Subject: x86-64: PT_GNU_STACK exec bit broken under ia32 emulation?
Date: Thu, 27 Jan 2005 03:53:50 -0600 [thread overview]
Message-ID: <20050127095350.GA6638@master.debian.org> (raw)
In-Reply-To: <20050127024523.GA6511@master.debian.org>
On Wed, Jan 26, 2005 at 08:45:23PM -0600, Colin Watson wrote:
> On Wed, Jan 26, 2005 at 05:49:31AM -0600, Colin Watson wrote:
> > I had the exact same problem (on Ubuntu rather than Debian, but hey).
> > Debugging-by-printf revealed that grub segfaulted after calling
> > stage2/builtins.c:disk_read_savesect_func() through the disk_read_func
> > pointer in stage2/disk_io.c:rawread(); output from a printf before that
> > call was printed, while output from a printf at the beginning of the
> > disk_read_savesect_func() call was not printed. It *looks* like the text
> > of that function is corrupt in memory, although I'm not wholly convinced
> > that my debugging techniques were sound there because I'm having trouble
> > debugging a 32-bit binary.
>
> I think this last sentence was indeed bogus.
>
> Anyway, I've narrowed down the introduction of the problem to somewhere
> between 2.6.9-bk1 and 2.6.9-bk2. Suggestions for changesets in there
> that could have broken grub would be gratefully appreciated.
Context for LKML and discuss@x86-64; grub segfaults when running its
'install' command (via grub-install) on Debian and Ubuntu systems
running stock kernels >= 2.6.9-bk2, up to and including 2.6.11-rc2-bk3
(haven't tried 2.6.11-rc2-bk4 yet). grub is a 32-bit binary relying on
ia32 emulation. The implementation of the 'install' command in grub uses
nested functions, which require a stack trampoline, and therefore the
executable-stack bit is set on the binary:
$ readelf -l /sbin/grub | grep STACK
STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RWE 0x4
However, booting with noexec=off cures the problem, so it would appear
that the executable stack bit isn't being checked properly at least
under ia32 emulation.
2.6.9-bk1 works fine, but noexec=on only became the default in
2.6.9-bk2; I haven't yet tried booting 2.6.9-bk1 with noexec=on, but I
can try that if it might be helpful.
Thanks,
--
Colin Watson [cjwatson@debian.org]
parent reply other threads:[~2005-01-27 9:54 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <20050127024523.GA6511@master.debian.org>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050127095350.GA6638@master.debian.org \
--to=cjwatson@debian.org \
--cc=debian-amd64@lists.debian.org \
--cc=discuss@x86-64.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox