Re: arm64/efistub boot error with CONFIG_GCC_PLUGIN_STACKLEAK
On Sat, 31 Aug 2019 at 10:20, skodde wrote: > > On Thu, Aug 15, 2019 at 8:17 AM skodde wrote: > > On Thu, Aug 15, 2019 at 7:21 AM Ard Biesheuvel > > wrote: > > > On Thu, 15 Aug 2019 at 14:03, Mark Rutland wrote: > > > > On Thu, Aug 15, 2019 at 05:56:27AM -0400, skodde wrote: > > > > > The kernel boots fine with that option disabled, but strangely > > > > > presents the same error when disabling only CONFIG_RANDOMIZE_BASE. > > > > > > > > That shouldn't be possible, given the IS_ENABLED(CONFIG_RANDOMIZE_BASE) > > > > guard around the efi_get_random_bytes() call, so something sounds wrong. > > > > > > > > Maybe there's a problem with stale objects. If you're not doing so > > > > already, could you try a clean build with CONFIG_RANDOMIZE_BASE > > > > deselected? > > > > > > > Also, can you try booting with the nokaslr command line option added? > > > > You were right, I haven't tried with nokaslr, but it worked fine by > > rebuilding the kernel after a distclean with CONFIG_RANDOMIZE_BASE > > disabled and CONFIG_GCC_PLUGIN_STACKLEAK enabled. That's what I was > > expecting the first time and this is the reason why I mentioned it. > > I've been recompiling too many times, sorry about that. > > > > Anyhow, the main issue is the efi_get_random_bytes() fail with > > CONFIG_GCC_PLUGIN_STACKLEAK enabled, and that's still valid. > > Now the configuration that was working on 5.8 fails on 5.11 (haven't > tried 5.9 or 5.10): > What do these version numbers mean? v5.8 vs v5.11?? > - CONFIG_GCC_PLUGIN_STACKLEAK=n && CONFIG_RANDOMIZE_BASE=y (working on 5.8) > > Loading Linux 5.2.11-00015-g0cc3335a89ac ... > Loading initial ramdisk ... > EFI stub: Booting Linux Kernel... > EFI stub: ERROR: efi_get_random_bytes() failed > EFI stub: ERROR: Failed to relocate kernel To be honest, this looks like a firmware issue. Its implementation of EFI_RNG_PROTOCOL is throwing an error. I guess we could choose to handle this error more gracefully, but the result above is the expected behavior when EFI_RNG_PROTOCOL throws an error. > Error: Image at 0007956 start failed: Load Error > Unloading driver at 0x0007956 > > > - CONFIG_GCC_PLUGIN_STACKLEAK=n && CONFIG_RANDOMIZE_BASE=y && nokaslr > > Loading Linux 5.2.11-00015-g0cc3335a89ac ... > Loading initial ramdisk ... > EFI stub: Booting Linux Kernel... > EFI stub: KASLR disabled on kernel command line > EFI stub: Using DTB from configuration table > EFI stub: Exiting boot services and installing virtual address map... > EFI stub: ERROR: Unable to construct new device tree. > EFI stub: ERROR: Failed to update FDT and exit boot services > Error: Image at 00079561000 start failed: Load Error > Unloading driver at 0x00079561000 > This looks unrelated. update_fdt() is faling, but we don't know why. Could you add some debug prints at the various return sites to figure out why it is failing? > > After getting back to the bootloader, loading a known working kernel > fails (but it works fine after a reboot): > > Loading Linux 5.2.8-00016-ga0d5f389a536 ... > > Synchronous Exception at 0xB652157C > PC 0xB652157C > PC 0xB65226B4 > PC 0xB6522EE0 > PC 0xB646BB10 > PC 0xB6468580 > PC 0xB6524600 > PC 0xB6420078 > PC 0xB6485CFC > PC 0xB64849B4 > PC 0xB648586C > PC 0xB64849B4 > PC 0xB6485E68 > PC 0xB6485EC0 > PC 0xB647C5C8 > PC 0xB647C2C8 > PC 0xB647C658 > PC 0xB647C2C8 > PC 0xB64784A8 > PC 0xB646F1FC > PC 0xB6485CFC > PC 0xB64849B4 > PC 0xB648586C > PC 0xB64849B4 > PC 0xB6483C94 > PC 0xB64785A4 > PC 0xB6478794 > PC 0xB647880C > PC 0xB652532C > PC 0x3F95B714 (0x3F952000+0x9714) [ 1] DxeCore.dll > PC 0xB66CC440 (0xB66B9000+0x00013440) [ 2] UiApp.dll > PC 0xB66CCD8C (0xB66B9000+0x00013D8C) [ 2] UiApp.dll > PC 0xBF73D880 (0xBF729000+0x00014880) [ 3] SetupBrowser.dll > PC 0xBF737BFC (0xBF729000+0xEBFC) [ 3] SetupBrowser.dll > PC 0xB66C2700 (0xB66B9000+0x9700) [ 4] UiApp.dll > PC 0x3F95B714 (0x3F952000+0x9714) [ 5] DxeCore.dll > PC 0xBF71AEBC (0xBF711000+0x9EBC) [ 6] BdsDxe.dll > PC 0xBF721C8C (0xBF711000+0x00010C8C) [ 6] BdsDxe.dll > PC 0x3F95F470 (0x3F952000+0xD470) [ 7] DxeCore.dll > [ 1] > /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll > [ 2] > /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Application/UiApp/UiApp/DEBUG/UiApp.dll > [ 3] > /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe/DEBUG/SetupBrowser.dll > [ 4] > /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Application/UiApp/UiApp/DEBUG/UiApp.dll > [ 5] >
Re: arm64/efistub boot error with CONFIG_GCC_PLUGIN_STACKLEAK
On Thu, Aug 15, 2019 at 8:17 AM skodde wrote: > On Thu, Aug 15, 2019 at 7:21 AM Ard Biesheuvel > wrote: > > On Thu, 15 Aug 2019 at 14:03, Mark Rutland wrote: > > > On Thu, Aug 15, 2019 at 05:56:27AM -0400, skodde wrote: > > > > The kernel boots fine with that option disabled, but strangely > > > > presents the same error when disabling only CONFIG_RANDOMIZE_BASE. > > > > > > That shouldn't be possible, given the IS_ENABLED(CONFIG_RANDOMIZE_BASE) > > > guard around the efi_get_random_bytes() call, so something sounds wrong. > > > > > > Maybe there's a problem with stale objects. If you're not doing so > > > already, could you try a clean build with CONFIG_RANDOMIZE_BASE > > > deselected? > > > > > Also, can you try booting with the nokaslr command line option added? > > You were right, I haven't tried with nokaslr, but it worked fine by > rebuilding the kernel after a distclean with CONFIG_RANDOMIZE_BASE > disabled and CONFIG_GCC_PLUGIN_STACKLEAK enabled. That's what I was > expecting the first time and this is the reason why I mentioned it. > I've been recompiling too many times, sorry about that. > > Anyhow, the main issue is the efi_get_random_bytes() fail with > CONFIG_GCC_PLUGIN_STACKLEAK enabled, and that's still valid. Now the configuration that was working on 5.8 fails on 5.11 (haven't tried 5.9 or 5.10): - CONFIG_GCC_PLUGIN_STACKLEAK=n && CONFIG_RANDOMIZE_BASE=y (working on 5.8) Loading Linux 5.2.11-00015-g0cc3335a89ac ... Loading initial ramdisk ... EFI stub: Booting Linux Kernel... EFI stub: ERROR: efi_get_random_bytes() failed EFI stub: ERROR: Failed to relocate kernel Error: Image at 0007956 start failed: Load Error Unloading driver at 0x0007956 - CONFIG_GCC_PLUGIN_STACKLEAK=n && CONFIG_RANDOMIZE_BASE=y && nokaslr Loading Linux 5.2.11-00015-g0cc3335a89ac ... Loading initial ramdisk ... EFI stub: Booting Linux Kernel... EFI stub: KASLR disabled on kernel command line EFI stub: Using DTB from configuration table EFI stub: Exiting boot services and installing virtual address map... EFI stub: ERROR: Unable to construct new device tree. EFI stub: ERROR: Failed to update FDT and exit boot services Error: Image at 00079561000 start failed: Load Error Unloading driver at 0x00079561000 After getting back to the bootloader, loading a known working kernel fails (but it works fine after a reboot): Loading Linux 5.2.8-00016-ga0d5f389a536 ... Synchronous Exception at 0xB652157C PC 0xB652157C PC 0xB65226B4 PC 0xB6522EE0 PC 0xB646BB10 PC 0xB6468580 PC 0xB6524600 PC 0xB6420078 PC 0xB6485CFC PC 0xB64849B4 PC 0xB648586C PC 0xB64849B4 PC 0xB6485E68 PC 0xB6485EC0 PC 0xB647C5C8 PC 0xB647C2C8 PC 0xB647C658 PC 0xB647C2C8 PC 0xB64784A8 PC 0xB646F1FC PC 0xB6485CFC PC 0xB64849B4 PC 0xB648586C PC 0xB64849B4 PC 0xB6483C94 PC 0xB64785A4 PC 0xB6478794 PC 0xB647880C PC 0xB652532C PC 0x3F95B714 (0x3F952000+0x9714) [ 1] DxeCore.dll PC 0xB66CC440 (0xB66B9000+0x00013440) [ 2] UiApp.dll PC 0xB66CCD8C (0xB66B9000+0x00013D8C) [ 2] UiApp.dll PC 0xBF73D880 (0xBF729000+0x00014880) [ 3] SetupBrowser.dll PC 0xBF737BFC (0xBF729000+0xEBFC) [ 3] SetupBrowser.dll PC 0xB66C2700 (0xB66B9000+0x9700) [ 4] UiApp.dll PC 0x3F95B714 (0x3F952000+0x9714) [ 5] DxeCore.dll PC 0xBF71AEBC (0xBF711000+0x9EBC) [ 6] BdsDxe.dll PC 0xBF721C8C (0xBF711000+0x00010C8C) [ 6] BdsDxe.dll PC 0x3F95F470 (0x3F952000+0xD470) [ 7] DxeCore.dll [ 1] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll [ 2] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Application/UiApp/UiApp/DEBUG/UiApp.dll [ 3] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe/DEBUG/SetupBrowser.dll [ 4] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Application/UiApp/UiApp/DEBUG/UiApp.dll [ 5] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll [ 6] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Universal/BdsDxe/BdsDxe/DEBUG/BdsDxe.dll [ 7] /home/skodde/macchiatobin/edk/uefi-marvell/Build/Armada80x0McBin-AARCH64/RELEASE_GCC5/AARCH64/MdeModulePkg/Core/Dxe/DxeMain/DEBUG/DxeCore.dll X0 0xAFAFAFAFAFAFAFAF X1 0x8000 X2 0xFFEF X3 0x8000 X4 0xB653 X5 0xB652CAE0 X6 0x7B4FE000 X7 0xB6468258 X8 0x1000 X9 0x0002 X10 0x X11 0xB648A182 X12 0xB6489FAC X13
Re: arm64/efistub boot error with CONFIG_GCC_PLUGIN_STACKLEAK
On Thu, Aug 15, 2019 at 7:21 AM Ard Biesheuvel wrote: > On Thu, 15 Aug 2019 at 14:03, Mark Rutland wrote: > > On Thu, Aug 15, 2019 at 05:56:27AM -0400, skodde wrote: > > > The kernel boots fine with that option disabled, but strangely > > > presents the same error when disabling only CONFIG_RANDOMIZE_BASE. > > > > That shouldn't be possible, given the IS_ENABLED(CONFIG_RANDOMIZE_BASE) > > guard around the efi_get_random_bytes() call, so something sounds wrong. > > > > Maybe there's a problem with stale objects. If you're not doing so > > already, could you try a clean build with CONFIG_RANDOMIZE_BASE > > deselected? > > > Also, can you try booting with the nokaslr command line option added? You were right, I haven't tried with nokaslr, but it worked fine by rebuilding the kernel after a distclean with CONFIG_RANDOMIZE_BASE disabled and CONFIG_GCC_PLUGIN_STACKLEAK enabled. That's what I was expecting the first time and this is the reason why I mentioned it. I've been recompiling too many times, sorry about that. Anyhow, the main issue is the efi_get_random_bytes() fail with CONFIG_GCC_PLUGIN_STACKLEAK enabled, and that's still valid. Thanks
Re: arm64/efistub boot error with CONFIG_GCC_PLUGIN_STACKLEAK
On Thu, Aug 15, 2019 at 02:21:26PM +0300, Ard Biesheuvel wrote: > On Thu, 15 Aug 2019 at 14:03, Mark Rutland wrote: > > On Thu, Aug 15, 2019 at 05:56:27AM -0400, skodde wrote: > > > Hi, > > > > > > I've enabled CONFIG_GCC_PLUGIN_STACKLEAK on 5.2.8 for an arm64 > > > macchiatobin board and I get the following error when loading the > > > kernel (using grub-efi on top of edk ii): > > > > > > EFI stub: Booting Linux Kernel... > > > EFI stub: ERROR: efi_get_random_bytes() failed > > > EFI stub: ERROR: Failed to relocate kernel > > > > > > The kernel boots fine with that option disabled, but strangely > > > presents the same error when disabling only CONFIG_RANDOMIZE_BASE. > > > > That shouldn't be possible, given the IS_ENABLED(CONFIG_RANDOMIZE_BASE) > > guard around the efi_get_random_bytes() call, so something sounds wrong. > > > > Are you certain that you're running the same kernel Image that you > > rebuilt? > > > > Ard, do you reckon it would be worth adding the UTS_RELEASE and > > UTS_VERSION to the " Booting Linux Kernel..." string? It would make > > debugging that potential issue easier. > > Use of the UTS_xxx macros already triggers an annoying number of > object rebuilds every time you change anything entirely unrelated in > your kernel sources, so I'd prefer to avoid this tbh. Fair enough; saves me writing a patch! :) Mark.
Re: arm64/efistub boot error with CONFIG_GCC_PLUGIN_STACKLEAK
On Thu, 15 Aug 2019 at 14:03, Mark Rutland wrote: > > On Thu, Aug 15, 2019 at 05:56:27AM -0400, skodde wrote: > > Hi, > > > > I've enabled CONFIG_GCC_PLUGIN_STACKLEAK on 5.2.8 for an arm64 > > macchiatobin board and I get the following error when loading the > > kernel (using grub-efi on top of edk ii): > > > > EFI stub: Booting Linux Kernel... > > EFI stub: ERROR: efi_get_random_bytes() failed > > EFI stub: ERROR: Failed to relocate kernel > > > > The kernel boots fine with that option disabled, but strangely > > presents the same error when disabling only CONFIG_RANDOMIZE_BASE. > > That shouldn't be possible, given the IS_ENABLED(CONFIG_RANDOMIZE_BASE) > guard around the efi_get_random_bytes() call, so something sounds wrong. > > Are you certain that you're running the same kernel Image that you > rebuilt? > > Ard, do you reckon it would be worth adding the UTS_RELEASE and > UTS_VERSION to the " Booting Linux Kernel..." string? It would make > debugging that potential issue easier. > Use of the UTS_xxx macros already triggers an annoying number of object rebuilds every time you change anything entirely unrelated in your kernel sources, so I'd prefer to avoid this tbh. > > Let me know if I can provide more info or do some tests. > > Maybe there's a problem with stale objects. If you're not doing so > already, could you try a clean build with CONFIG_RANDOMIZE_BASE > deselected? > Also, can you try booting with the nokaslr command line option added?
Re: arm64/efistub boot error with CONFIG_GCC_PLUGIN_STACKLEAK
On Thu, Aug 15, 2019 at 05:56:27AM -0400, skodde wrote: > Hi, > > I've enabled CONFIG_GCC_PLUGIN_STACKLEAK on 5.2.8 for an arm64 > macchiatobin board and I get the following error when loading the > kernel (using grub-efi on top of edk ii): > > EFI stub: Booting Linux Kernel... > EFI stub: ERROR: efi_get_random_bytes() failed > EFI stub: ERROR: Failed to relocate kernel > > The kernel boots fine with that option disabled, but strangely > presents the same error when disabling only CONFIG_RANDOMIZE_BASE. That shouldn't be possible, given the IS_ENABLED(CONFIG_RANDOMIZE_BASE) guard around the efi_get_random_bytes() call, so something sounds wrong. Are you certain that you're running the same kernel Image that you rebuilt? Ard, do you reckon it would be worth adding the UTS_RELEASE and UTS_VERSION to the " Booting Linux Kernel..." string? It would make debugging that potential issue easier. > Let me know if I can provide more info or do some tests. Maybe there's a problem with stale objects. If you're not doing so already, could you try a clean build with CONFIG_RANDOMIZE_BASE deselected? Thanks, Mark.