Changeset 101489 in vbox for trunk/src/VBox/Devices

Timestamp:

Oct 18, 2023 8:44:37 AM (15 months ago)

Author:

vboxsync

Message:

Devices/EFI/Firmware/ArmPkg/CpuDxe: Disable exposing the EFI_MEMORY_ATTRIBUTE_PROTOCOL added with edk2-stable202308 as it breaks booting Oracle Linux 9 and Ubuntu Server 23.04 aarch64 guests (explanation in the code), bugref:4643

File:

• trunk/src/VBox/Devices/EFI/Firmware/ArmPkg/Drivers/CpuDxe/CpuDxe.c (modified) (5 diffs)

trunk/src/VBox/Devices/EFI/Firmware/ArmPkg/Drivers/CpuDxe/CpuDxe.c

@@ -230 +230 @@
 }
 
+#ifndef VBOX
 /**
   Map all EfiConventionalMemory regions in the memory map with NX
@@ -300 +301 @@
   }
 }
+#endif
 
 EFI_STATUS
@@ -314 +316 @@
   InitializeDma (&mCpu);
 
+#ifdef VBOX
+  /** @todo r=aeichner
+   *      Exposing the EFI_MEMORY_ATTRIBUTE protocol (added with edk2-stable202308) breaks OL9 and
+   *      Ubuntu 23.04 server guests at least. They use a shima64.efi and grubaa64.efi version where
+   *      the SHIM sets a memory region in the grub binary to readonly when the EFI_MEMORY_ATTRIBUTE protocol is present
+   *      but grub tries to write to that region for whatever reason (this seems to be fixed with more recent
+   *      guests like ArchLinux or Debian 12 because these still boot with the protocol exposed).
+   *      Disabling the protocol also requires disabling mapping the unused memory as NX as the DXE core has
+   *      no means to disable the NX when it loads drivers during the discovery phase if the protocol is not exposed.
+   *      Not setting the PcdRemapUnusedMemoryNx to FALSE here as I would have to replicate this comment in the DSC file.
+   *
+   *      I'd really like to leave them enabled alas OL9 and Ubuntu 23.04 are pretty important ARM guests, sigh...
+   *
+   *      The following is an excerpt from the exception with a debug firmware build (for the sake of completeness):
+   *          BdsDxe: starting Boot0004 "Oracle Linux" from HD(1,GPT,13CF6614-34C0-46C2-A049-DF0B6B8E67C1,0x800,0x12C000)/\EFI\redhat\shimaa64.efi
+   *          InstallProtocolInterface: 605DAB50-E046-4300-ABB6-3DD810DD8B23 F7DC31E8
+   *          FSOpen: Open '\EFI\redhat\grubaa64.efi' Success
+   *          SetMemoryAttributes: BaseAddress == 0xF77C7000, Length == 0x29F000, Attributes == 0x4000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77C7000, Length == 0x29F000, Attributes == 0x22000
+   *          SetMemoryAttributes: BaseAddress == 0xF77C8000, Length == 0x1C000, Attributes == 0x20000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77C8000, Length == 0x1C000, Attributes == 0x6000
+   *          SetMemoryAttributes: BaseAddress == 0xF77E4000, Length == 0x11000, Attributes == 0x4000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77E4000, Length == 0x11000, Attributes == 0x22000
+   *          SetMemoryAttributes: BaseAddress == 0xF77F5000, Length == 0x26E000, Attributes == 0x4000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77F5000, Length == 0x26E000, Attributes == 0x22000
+   *          SetMemoryAttributes: BaseAddress == 0xF7A63000, Length == 0x1000, Attributes == 0x24000
+   *          ClearMemoryAttributes: BaseAddress == 0xF7A63000, Length == 0x1000, Attributes == 0x2000
+   *          SetMemoryAttributes: BaseAddress == 0xF7A64000, Length == 0x1000, Attributes == 0x24000
+   *          ClearMemoryAttributes: BaseAddress == 0xF7A64000, Length == 0x1000, Attributes == 0x2000
+   *          SetMemoryAttributes: BaseAddress == 0xF77AE000, Length == 0xA000, Attributes == 0x20000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77AE000, Length == 0xA000, Attributes == 0x6000
+   *          SetMemoryAttributes: BaseAddress == 0xF77B8000, Length == 0x1000, Attributes == 0x24000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77B8000, Length == 0x1000, Attributes == 0x2000
+   *          SetMemoryAttributes: BaseAddress == 0xF77B9000, Length == 0x1000, Attributes == 0x24000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77B9000, Length == 0x1000, Attributes == 0x2000
+   *          SetMemoryAttributes: BaseAddress == 0xF77BA000, Length == 0x1000, Attributes == 0x4000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77BA000, Length ==== 0x22000
+   *          SetMemoryAttributes: BaseAddress == 0xF77BB000, Length == 0x1000, Attributes == 0x4000
+   *          ClearMemoryAttributes: BaseAddress == 0xF77BB000, Length == 0x1000, Attributes == 0x22000
+   *          SetMemoryAttributes: BaseAddress == 0xF77BC000, Length == 0x1000, Attributes == 0x20000          <= This is where the region is marked as readonly
+   *          ClearMemoryAttributes: BaseAddress == 0xF77BC000, Length == 0x1000, Attributes == 0x6000
+   *
+   *
+   *          Synchronous Exception at 0x00000000F77D889C
+   *          PC 0x0000F77D889C
+   *          PC 0x0000F77DAD90
+   *          PC 0x0000F77DD240
+   *          PC 0x0000F77DDD2C
+   *          PC 0x0000F7D2F8D4
+   *          PC 0x0000F7D2F984
+   *          PC 0x0000F7D2D4F0
+   *          PC 0x0000F7D2D030
+   *          PC 0x0000FF174DDC (0x0000FF16D000+0x00007DDC) [ 1] DxeCore.dll
+   *          PC 0x0000FB72F8AC (0x0000FB71C000+0x000138AC) [ 2] BdsDxe.dll
+   *          PC 0x0000FB71E234 (0x0000FB71C000+0x00002234) [ 2] BdsDxe.dll
+   *          PC 0x0000FB71FAB8 (0x0000FB71C000+0x00003AB8) [ 2] BdsDxe.dll
+   *          PC 0x0000FF16FB78 (0x0000FF16D000+0x00002B78) [ 3] DxeCore.dll
+   *          PC 0x0000FF16E9DC (0x0000FF16D000+0x000019DC) [ 3] DxeCore.dll
+   *          PC 0x0000FF16E028 (0x0000FF16D000+0x00001028) [ 3] DxeCore.dll
+   * [...]
+   *            X0 0x00000000F77BC8A0   X1 0x0000000000000000   X2 0x000000000000000D   X3 0x00000000F77E60D8
+   *            X4 0x00000000F77BC860   X5 0x00000000F77AE000   X6 0x00000000F77BA000   X7 0x00000000F77E5110
+   *            X8 0x00000000F77E5108   X9 0x00000000F77E5110  X10 0x00000000F77E5120  X11 0x00000000F77E5110
+   *           X12 0x00000000F77BCFFF  X13 0x0000000000000008  X14 0x0000000000000000  X15 0x0000000000000000
+   *           X16 0x0000000088660397  X17 0x0000000031550F3D  X18 0x0000000000000011  X19 0x00000000F7DAF000
+   *           X20 0x0000000000000000  X21 0x00000000F7DC3000  X22 0x00000000F9E3CA98  X3 0x00000000FF16CB40
+   *           X24 0x00000000F9E3CA98  X25 0x00000000F7DC3210  X26 0x00000000F7DC3218  X27 0x00000000F7DC3208
+   *           X28 0x00000000F7DC3220   FP 0x00000000FF16C990   LR 0x00000000F77DAD90  
+   * [...]
+   *            SP 0x00000000FF16C990  ELR 0x00000000F77D889C  SPSR 0x60000205  FPSR 0x00000000
+   *           ESR 0x9600004F          FAR 0x00000000F77BC910                                                  <= FAR holds the faulting virtual address
+   *
+   *           ESR : EC 0x25  IL 0x1  ISS 0x0000004F
+   *
+   *          Data abort: Permission fault, third level
+   */
+#endif
+#ifndef VBOX
   //
   // Once we install the CPU arch protocol, the DXE core's memory
@@ -327 +407 @@
     RemapUnusedMemoryNx ();
   }
+#endif
 
   Status = gBS->InstallMultipleProtocolInterfaces (
@@ -332 +413 @@
                   &gEfiCpuArchProtocolGuid,
                   &mCpu,
+#ifndef VBOX
                   &gEfiMemoryAttributeProtocolGuid,
                   &mMemoryAttribute,
+#endif
                   NULL
                   );