Re: [coreboot] I've turned on paging as a test - coreboot

11 Mar 2014


      Hi all,
1) As for NULL checkes I did something similar years ago:
http://www.coreboot.org/pipermail/coreboot/2011-July/065792.html
...
Here is a PoC of NULL pointer dereference checking in coreboot x86. It is
surprisingly easy to implement.
It uses strange expand down segments, making a data segment from 4KB-4GB (with
base 0). It should catch most NULL derefence symbols. Unfortunately we access
0x500 while placing the coreboot tables. The hack in the patch just swaps the ds
selector work arounding that.
More advanced method would use paging and PAE, first 4MB with 4KB pages rest
with 4MB pages identity mapped. We could even mark other than coreboot RAM range
as "missing" allowing more fine grained tests what is where accessed.
Even the segment hack above could be used to check the stack overflows, but I
think we will need in IDT instead of interrupt gate a task gate and set there a
exception stack, otherwise it will end very badly while CPU is trying to safe
stack yet again during the exception.
2) There is a performance impact if you map first 2MB/4MB of RAM via ONE PAE 
page It is described in intel manual, but I don't recall on which page. I don't 
know how big the impact is. (there is a impact because of MTRR regions for 
0-1MB), so one might use 4KB pages for first 1MB...
3) To solve a problem with legit BDA stuff... Just add some function to remap 
parts to some other and use virtual address to do that. We might eventually 
define some region like D-seg to be on 0x0000 instead on 0xd0000 and "problem 
solved"
4) some processors have bugs in PAT, mainly with WC override. Linux says:
  /*
                  * There is a known erratum on Pentium III and Core Solo
                  * and Core Duo CPUs.
                  * " Page with PAT set to WC while associated MTRR is UC
                  *   may consolidate to UC "
                  * Because of this erratum, it is better to stick with
                  * setting WC in MTRR rather than using PAT on these CPUs.
                  *
                  * Enable PAT WC only on P4, Core 2 or later CPUs.
                  */
                 if (c->x86 > 0x6 || (c->x86 == 6 && c->x86_model >= 15))
                         return;
pat_disable("PAT WC disabled due to known CPU erratum.");
                 return;
Thanks
Rudolf