[coreboot] I've turned on paging as a test

Rudolf Marek r.marek at assembler.cz
Tue Mar 11 08:46:33 CET 2014 

Hi all,

1) As for NULL checkes I did something similar years ago:

http://www.coreboot.org/pipermail/coreboot/2011-July/065792.html

> Here is a PoC of NULL pointer dereference checking in coreboot x86. It is
> surprisingly easy to implement.
>
> It uses strange expand down segments, making a data segment from 4KB-4GB (with
> base 0). It should catch most NULL derefence symbols. Unfortunately we access
> 0x500 while placing the coreboot tables. The hack in the patch just swaps the ds
> selector work arounding that.
>
> More advanced method would use paging and PAE, first 4MB with 4KB pages rest
> with 4MB pages identity mapped. We could even mark other than coreboot RAM range
> as "missing" allowing more fine grained tests what is where accessed.
>
> Even the segment hack above could be used to check the stack overflows, but I
> think we will need in IDT instead of interrupt gate a task gate and set there a
> exception stack, otherwise it will end very badly while CPU is trying to safe
> stack yet again during the exception.

2) There is a performance impact if you map first 2MB/4MB of RAM via ONE PAE 
page It is described in intel manual, but I don't recall on which page. I don't 
know how big the impact is. (there is a impact because of MTRR regions for 
0-1MB), so one might use 4KB pages for first 1MB...

3) To solve a problem with legit BDA stuff... Just add some function to remap 
parts to some other and use virtual address to do that. We might eventually 
define some region like D-seg to be on 0x0000 instead on 0xd0000 and "problem 
solved"

4) some processors have bugs in PAT, mainly with WC override. Linux says:
  /*
                  * There is a known erratum on Pentium III and Core Solo
                  * and Core Duo CPUs.
                  * " Page with PAT set to WC while associated MTRR is UC
                  *   may consolidate to UC "
                  * Because of this erratum, it is better to stick with
                  * setting WC in MTRR rather than using PAT on these CPUs.
                  *
                  * Enable PAT WC only on P4, Core 2 or later CPUs.
                  */
                 if (c->x86 > 0x6 || (c->x86 == 6 && c->x86_model >= 15))
                         return;

                 pat_disable("PAT WC disabled due to known CPU erratum.");
                 return;

Thanks
Rudolf

More information about the coreboot mailing list