Hi,
I am trying to port edk2 to our ARM64 platform simulator and seeing strange behaviour.
I see the content of FdtDevicePath is getting changed, after executing the function BdsLoadImage() to load the Linux Image file. Because of this, when BdsLoadImage function is called to load the fdt.dtb file, the execution goes in infinite loop.
After debugging, i am seeing that, it is happenig due to corrution of FDT device path.
Before the BdsLoadImage() called to load Linux Image file, the FDT device path(0xFBC8B918) content is valid, ie DevicePathFdt->Type = 1. DevicePathFdt ->SubType= 4. DevicePathFdt->Lenght[0] = 20.
After the Linux Image is loaded, it is changes as below, DevicePathFdt->Type = 112 DevicePathFdt ->SubType= 111 DevicePathFdt->Lenght[0] = 100
further debugging, i see this happening by below lines of code, in function CoreLocateHandle(), MdeModulePkg/Core/Dxe/Hand/Locate.c
// // Increase the resulting buffer size, and if this handle // fits return it // ResultSize += sizeof(Handle); if (ResultSize <= *BufferSize) { *ResultBuffer = Handle; <= this line is corrupting the devicepath of FDT. ResultBuffer += 1; } }
Not able to understand what causing this corruption. Any clue on what is going wrong? Any suggestions for further debugging?
BTW, I am using edk2 source from git://git.linaro.org/uefi/linaro-edk2.git, branch master
thanks Ganapat
In my case, both variables DefaultFdtDevicePath and FdtDevicePath are holding the same address. this is because the function gRT->GetVariable (as called from GetEnvironmentVariable) returing status as 14(EFI_NOT_FOUND) and hence code setting FdtDevicePath same as DefaultFdtDevicePath (This is rootcause for the issue what i explained in previous email).
IMHO, it is a potential bug to execute FreePool (DefaultFdtDevicePath) unconditionally.
the probable fix could be,
diff --git a/ArmPlatformPkg/Bds/BootOption.c b/ArmPlatformPkg/Bds/BootOption.c index edd193e..be93d28 100644 --- a/ArmPlatformPkg/Bds/BootOption.c +++ b/ArmPlatformPkg/Bds/BootOption.c @@ -90,6 +90,7 @@ BootOptionStart ( Status = GetEnvironmentVariable ((CHAR16 *)L"Fdt", &gArmGlobalVariableGuid, DefaultFdtDevicePath, &FdtDevicePathSize, (VOID **)&FdtDevicePath); ASSERT_EFI_ERROR(Status); + if (DefaultFdtDevicePath != FdtDevicePath) FreePool (DefaultFdtDevicePath); } Status = BdsBootLinuxFdt (BootOption->FilePathList,
please comment?
regards Ganapat
On Sun, Mar 23, 2014 at 11:50 PM, Ganapatrao Kulkarni gpkulkarni@gmail.com wrote:
Hi,
I am trying to port edk2 to our ARM64 platform simulator and seeing strange behaviour.
I see the content of FdtDevicePath is getting changed, after executing the function BdsLoadImage() to load the Linux Image file. Because of this, when BdsLoadImage function is called to load the fdt.dtb file, the execution goes in infinite loop.
After debugging, i am seeing that, it is happenig due to corrution of FDT device path.
Before the BdsLoadImage() called to load Linux Image file, the FDT device path(0xFBC8B918) content is valid, ie DevicePathFdt->Type = 1. DevicePathFdt ->SubType= 4. DevicePathFdt->Lenght[0] = 20.
After the Linux Image is loaded, it is changes as below, DevicePathFdt->Type = 112 DevicePathFdt ->SubType= 111 DevicePathFdt->Lenght[0] = 100
further debugging, i see this happening by below lines of code, in function CoreLocateHandle(), MdeModulePkg/Core/Dxe/Hand/Locate.c
// // Increase the resulting buffer size, and if this handle // fits return it // ResultSize += sizeof(Handle); if (ResultSize <= *BufferSize) { *ResultBuffer = Handle; <= this line is corrupting the devicepath of FDT. ResultBuffer += 1; } }
Not able to understand what causing this corruption. Any clue on what is going wrong? Any suggestions for further debugging?
BTW, I am using edk2 source from git://git.linaro.org/uefi/linaro-edk2.git, branch master
thanks Ganapat
any comments?
On Mon, Mar 24, 2014 at 5:10 PM, Ganapatrao Kulkarni gpkulkarni@gmail.comwrote:
In my case, both variables DefaultFdtDevicePath and FdtDevicePath are holding the same address. this is because the function gRT->GetVariable (as called from GetEnvironmentVariable) returing status as 14(EFI_NOT_FOUND) and hence code setting FdtDevicePath same as DefaultFdtDevicePath (This is rootcause for the issue what i explained in previous email).
IMHO, it is a potential bug to execute FreePool (DefaultFdtDevicePath) unconditionally.
the probable fix could be,
diff --git a/ArmPlatformPkg/Bds/BootOption.c b/ArmPlatformPkg/Bds/BootOption.c index edd193e..be93d28 100644 --- a/ArmPlatformPkg/Bds/BootOption.c +++ b/ArmPlatformPkg/Bds/BootOption.c @@ -90,6 +90,7 @@ BootOptionStart ( Status = GetEnvironmentVariable ((CHAR16 *)L"Fdt", &gArmGlobalVariableGuid, DefaultFdtDevicePath, &FdtDevicePathSize, (VOID **)&FdtDevicePath); ASSERT_EFI_ERROR(Status);
if (DefaultFdtDevicePath != FdtDevicePath) FreePool (DefaultFdtDevicePath); } Status = BdsBootLinuxFdt (BootOption->FilePathList,please comment?
regards Ganapat
On Sun, Mar 23, 2014 at 11:50 PM, Ganapatrao Kulkarni gpkulkarni@gmail.com wrote:
Hi,
I am trying to port edk2 to our ARM64 platform simulator and seeing strange behaviour.
I see the content of FdtDevicePath is getting changed, after executing the function BdsLoadImage() to load the Linux Image file. Because of this, when BdsLoadImage function is called to load the fdt.dtb file, the execution goes in infinite loop.
After debugging, i am seeing that, it is happenig due to corrution of FDT device path.
Before the BdsLoadImage() called to load Linux Image file, the FDT device path(0xFBC8B918) content is valid, ie DevicePathFdt->Type = 1. DevicePathFdt ->SubType= 4. DevicePathFdt->Lenght[0] = 20.
After the Linux Image is loaded, it is changes as below, DevicePathFdt->Type = 112 DevicePathFdt ->SubType= 111 DevicePathFdt->Lenght[0] = 100
further debugging, i see this happening by below lines of code, in
function
CoreLocateHandle(), MdeModulePkg/Core/Dxe/Hand/Locate.c
// // Increase the resulting buffer size, and if this handle // fits return it // ResultSize += sizeof(Handle); if (ResultSize <= *BufferSize) { *ResultBuffer = Handle; <= this line is corrupting the devicepath of FDT. ResultBuffer += 1; } }
Not able to understand what causing this corruption. Any clue on what is going wrong? Any suggestions for further debugging?
BTW, I am using edk2 source from git://git.linaro.org/uefi/linaro-edk2.git, branch master
thanks Ganapat
Hi Ganapatrao,
Apologies, I was out ill most of last week. I have cc:d Olivier Martin, the ARM architecture edk2 maintainer, and Ryan Harkin, the Linaro ARM landing team lead, who probably has a better idea than me what might be goign on here.
I am afraid my only comment is that the built-in Linux loader is not part of the UEFI specification, and I intend to drop it from future Linaro edk2 builds shortly.
The expected use-case we envision is using the Linux kernel UEFI stub loader, either directly or via a secondary boot loader such as GRUB or Gummiboot. This support is not yet in upstream Linux, but expected to get there for 3.16. For now, it is available in the Linaro leg-kernel tree.
Regards,
Leif
On Tue, Apr 01, 2014 at 11:27:11AM +0530, Ganapatrao Kulkarni wrote:
On Mon, Mar 24, 2014 at 5:10 PM, Ganapatrao Kulkarni gpkulkarni@gmail.com wrote:
In my case, both variables DefaultFdtDevicePath and FdtDevicePath are holding the same address. this is because the function gRT->GetVariable (as called from GetEnvironmentVariable) returing status as 14(EFI_NOT_FOUND) and hence code setting FdtDevicePath same as DefaultFdtDevicePath (This is rootcause for the issue what i explained in previous email). IMHO, it is a potential bug to execute FreePool (DefaultFdtDevicePath) unconditionally. the probable fix could be, diff --git a/ArmPlatformPkg/Bds/BootOption.c b/ArmPlatformPkg/Bds/ BootOption.c index edd193e..be93d28 100644 --- a/ArmPlatformPkg/Bds/BootOption.c +++ b/ArmPlatformPkg/Bds/BootOption.c @@ -90,6 +90,7 @@ BootOptionStart ( Status = GetEnvironmentVariable ((CHAR16 *)L"Fdt", &gArmGlobalVariableGuid, DefaultFdtDevicePath, &FdtDevicePathSize, (VOID **)&FdtDevicePath); ASSERT_EFI_ERROR(Status); + if (DefaultFdtDevicePath != FdtDevicePath) FreePool (DefaultFdtDevicePath); } Status = BdsBootLinuxFdt (BootOption->FilePathList, please comment? regards Ganapat On Sun, Mar 23, 2014 at 11:50 PM, Ganapatrao Kulkarni <gpkulkarni@gmail.com> wrote: > Hi, > > I am trying to port edk2 to our ARM64 platform simulator and seeing > strange behaviour. > > I see the content of FdtDevicePath is getting changed, after executing > the function > BdsLoadImage() to load the Linux Image file. > Because of this, when BdsLoadImage function is called to load the > fdt.dtb file, the execution goes in infinite loop. > > After debugging, i am seeing that, it is happenig due to corrution of > FDT device path. > > Before the BdsLoadImage() called to load Linux Image file, > the FDT device path(0xFBC8B918) content is valid, ie > DevicePathFdt->Type = 1. > DevicePathFdt ->SubType= 4. > DevicePathFdt->Lenght[0] = 20. > > After the Linux Image is loaded, it is changes as below, > DevicePathFdt->Type = 112 > DevicePathFdt ->SubType= 111 > DevicePathFdt->Lenght[0] = 100 > > further debugging, i see this happening by below lines of code, in function > CoreLocateHandle(), MdeModulePkg/Core/Dxe/Hand/Locate.c > > // > // Increase the resulting buffer size, and if this handle > // fits return it > // > ResultSize += sizeof(Handle); > if (ResultSize <= *BufferSize) { > *ResultBuffer = Handle; <= this line is corrupting the > devicepath of FDT. > ResultBuffer += 1; > } > } > > Not able to understand what causing this corruption. > Any clue on what is going wrong? > Any suggestions for further debugging? > > BTW, I am using edk2 source from > git://git.linaro.org/uefi/linaro-edk2.git, branch master > > > thanks > Ganapat
Linaro-uefi mailing list Linaro-uefi@lists.linaro.org http://lists.linaro.org/mailman/listinfo/linaro-uefi
Hi Ganapat,
The issue is actually in GetEnvironmentVariable(). The function should have copied the default value to reflect the behaviour of value loaded from RUNTIME_SERVICES.GetVariable().
I fixed the issue in SVN rev 15427 (2nd April 2014).
Thanks a lot for having reported the issue,
Olivier
From: linaro-uefi-bounces@lists.linaro.org [mailto:linaro-uefi-bounces@lists.linaro.org] On Behalf Of Ganapatrao Kulkarni Sent: 01 April 2014 06:57 To: linaro-uefi@lists.linaro.org Subject: Re: [Linaro-uefi] ARM64: seeing FDT DevicePath node Corruption!!
any comments?
On Mon, Mar 24, 2014 at 5:10 PM, Ganapatrao Kulkarni gpkulkarni@gmail.com wrote:
In my case, both variables DefaultFdtDevicePath and FdtDevicePath are holding the same address. this is because the function gRT->GetVariable (as called from GetEnvironmentVariable) returing status as 14(EFI_NOT_FOUND) and hence code setting FdtDevicePath same as DefaultFdtDevicePath (This is rootcause for the issue what i explained in previous email).
IMHO, it is a potential bug to execute FreePool (DefaultFdtDevicePath) unconditionally.
the probable fix could be,
diff --git a/ArmPlatformPkg/Bds/BootOption.c b/ArmPlatformPkg/Bds/BootOption.c index edd193e..be93d28 100644 --- a/ArmPlatformPkg/Bds/BootOption.c +++ b/ArmPlatformPkg/Bds/BootOption.c @@ -90,6 +90,7 @@ BootOptionStart ( Status = GetEnvironmentVariable ((CHAR16 *)L"Fdt", &gArmGlobalVariableGuid, DefaultFdtDevicePath, &FdtDevicePathSize, (VOID **)&FdtDevicePath); ASSERT_EFI_ERROR(Status); + if (DefaultFdtDevicePath != FdtDevicePath) FreePool (DefaultFdtDevicePath); } Status = BdsBootLinuxFdt (BootOption->FilePathList,
please comment?
regards Ganapat
On Sun, Mar 23, 2014 at 11:50 PM, Ganapatrao Kulkarni gpkulkarni@gmail.com wrote:
Hi,
I am trying to port edk2 to our ARM64 platform simulator and seeing strange behaviour.
I see the content of FdtDevicePath is getting changed, after executing the function BdsLoadImage() to load the Linux Image file. Because of this, when BdsLoadImage function is called to load the fdt.dtb file, the execution goes in infinite loop.
After debugging, i am seeing that, it is happenig due to corrution of FDT device path.
Before the BdsLoadImage() called to load Linux Image file, the FDT device path(0xFBC8B918) content is valid, ie DevicePathFdt->Type = 1. DevicePathFdt ->SubType= 4. DevicePathFdt->Lenght[0] = 20.
After the Linux Image is loaded, it is changes as below, DevicePathFdt->Type = 112 DevicePathFdt ->SubType= 111 DevicePathFdt->Lenght[0] = 100
further debugging, i see this happening by below lines of code, in
function
CoreLocateHandle(), MdeModulePkg/Core/Dxe/Hand/Locate.c
// // Increase the resulting buffer size, and if this handle // fits return it // ResultSize += sizeof(Handle); if (ResultSize <= *BufferSize) { *ResultBuffer = Handle; <= this line is corrupting the devicepath of FDT. ResultBuffer += 1; } }
Not able to understand what causing this corruption. Any clue on what is going wrong? Any suggestions for further debugging?
BTW, I am using edk2 source from git://git.linaro.org/uefi/linaro-edk2.git, branch master
thanks Ganapat
-
Ganapatrao Kulkarni -
Leif Lindholm -
Olivier Martin