Date: Mon, 13 Feb 2017 16:44:01 -0500 From: Eric McCorkle <eric@metricspace.net> To: Dimitry Andric <dim@FreeBSD.org>, cem@freebsd.org Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: GELI BIOS weirdness Message-ID: <ef9ecdb4-51b9-f18e-fa29-c13a23f5f86d@metricspace.net> In-Reply-To: <A29A9772-6E42-4C26-BC0D-45D966B69183@FreeBSD.org> References: <6874308d-8892-2f03-d125-418949fd472c@metricspace.net> <F1DCB7BA-0E21-44A6-B80A-0E0429B235FE@FreeBSD.org> <d4d9f6b2-4aaf-1c61-f7d5-f8be908bcc73@metricspace.net> <919F6E39-476C-44B5-93EA-447D855921DE@FreeBSD.org> <CAG6CVpWiLm0%2BzP_LBFFn9izE7gdnh=icbqpKqjNS5v2_68TMrA@mail.gmail.com> <A29A9772-6E42-4C26-BC0D-45D966B69183@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--3u4MwgRJFF54xpWJsp8MJU7gobSBHIpTI
Content-Type: multipart/mixed; boundary="9RtrCT0DOsnPc1CG4IihXHPsGfFPOSf0X";
protected-headers="v1"
From: Eric McCorkle <eric@metricspace.net>
To: Dimitry Andric <dim@FreeBSD.org>, cem@freebsd.org
Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>
Message-ID: <ef9ecdb4-51b9-f18e-fa29-c13a23f5f86d@metricspace.net>
Subject: Re: GELI BIOS weirdness
References: <6874308d-8892-2f03-d125-418949fd472c@metricspace.net>
<F1DCB7BA-0E21-44A6-B80A-0E0429B235FE@FreeBSD.org>
<d4d9f6b2-4aaf-1c61-f7d5-f8be908bcc73@metricspace.net>
<919F6E39-476C-44B5-93EA-447D855921DE@FreeBSD.org>
<CAG6CVpWiLm0+zP_LBFFn9izE7gdnh=icbqpKqjNS5v2_68TMrA@mail.gmail.com>
<A29A9772-6E42-4C26-BC0D-45D966B69183@FreeBSD.org>
In-Reply-To: <A29A9772-6E42-4C26-BC0D-45D966B69183@FreeBSD.org>
--9RtrCT0DOsnPc1CG4IihXHPsGfFPOSf0X
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
On 02/13/2017 16:37, Dimitry Andric wrote:
> Yeah, but I'm interested in the symbols, otherwise it becomes hard to
> follow. Also, I've looked at my own copy of gptboot.o, and it doesn't
> contain those bytes at all. That said, my gptboot sources also don't
> have the lines:
What version of the compiler are you using?
Mine:
$ clang --version
FreeBSD clang version 3.8.0 (tags/RELEASE_380/final 262564) (based on
LLVM 3.8.0)
Target: x86_64-unknown-freebsd12.0
Thread model: posix
InstalledDir: /usr/bin
>=20
> if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
> sc->sc_mediasize -=3D (sc->sc_mediasize % sc->sc_sectorsize);
> else {
>=20
> The only use of G_ELI_FLAG_AUTH is in sys/boot/geli/geliboot.c:
>=20
> /* Store the keys */
> bcopy(mkey, geli_e->sc.sc_mkey, sizeof(geli_e->sc.sc_mk=
ey));
> bcopy(mkey, geli_e->sc.sc_ivkey, sizeof(geli_e->sc.sc_i=
vkey));
> mkp =3D mkey + sizeof(geli_e->sc.sc_ivkey);
> if ((geli_e->sc.sc_flags & G_ELI_FLAG_AUTH) =3D=3D 0) {=
> bcopy(mkp, geli_e->sc.sc_ekey, G_ELI_DATAKEYLEN=
);
> } else {
>=20
> but the assembly for the rest of the geli_attach() function looks prett=
y
> reasonable.
>=20
> -Dimitry
>=20
>> On 13 Feb 2017, at 22:32, Conrad Meyer <cem@freebsd.org> wrote:
>> "objdump -D -b binary -Mx86-64 -mi386 foo.bin" should work fine (no
>> symbols, though...).
>>
>> Best,
>> Conrad
>>
>> On Mon, Feb 13, 2017 at 1:16 PM, Dimitry Andric <dim@freebsd.org> wrot=
e:
>>> On 13 Feb 2017, at 21:58, Eric McCorkle <eric@metricspace.net> wrote:=
>>>>
>>>> On 02/13/2017 15:36, Dimitry Andric wrote:
>>>>
>>>>> This disassembles to:
>>>>>
>>>>> 0: 66 0f 38 f6 f0 adcx %eax,%esi
>>>>> 5: 31 c6 xor %eax,%esi
>>>>> 7: 8b 4d 14 mov 0x14(%ebp),%ecx
>>>>> a: 89 cf mov %ecx,%edi
>>>>> c: c1 ff 1f sar $0x1f,%edi
>>>>> f: 8b .byte 0x8b
>>>>
>>>> Note that this was truncated, so the sar and .byte are probably a
>>>> truncated instruction.
>>>>
>>>> Also, when I had printfs in place, I could see the call instructions=
=2E
>>>>
>>>>> My first guess would be that the code simply jumped into garbage. =
But
>>>>> can you post the complete .o file somewhere for inspection?
>>>>
>>>> Attached.
>>>> <gptboot>
>>>
>>> Can you please post the file before it's been stripped and objcopied
>>> from ELF to binary format? That makes it a lot easier to disassemble=
>>> and analyze... :)
>>>
>>> -Dimitry
>>>
>> _______________________________________________
>> freebsd-hackers@freebsd.org mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.=
org"
>=20
--9RtrCT0DOsnPc1CG4IihXHPsGfFPOSf0X--
--3u4MwgRJFF54xpWJsp8MJU7gobSBHIpTI
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQRELMWN3SgpoYkrmidWwohAqoAEjQUCWKIoogAKCRBWwohAqoAE
jRN2AQDQdlFP0fp3/+nN9PLEKXOfT4f9/8ykQPzxW+bLBYDKxwEAuElU7wDWvuU5
DDr1b/XiYpHZuyjtMtlH7C9cVUbwrAU=
=z/8/
-----END PGP SIGNATURE-----
--3u4MwgRJFF54xpWJsp8MJU7gobSBHIpTI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ef9ecdb4-51b9-f18e-fa29-c13a23f5f86d>