[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#776999: marked as done (efivar: broken 32-bit userland on 64-bit kernel)

Your message dated Tue, 31 Oct 2023 11:43:08 +0000
with message-id <20231031114308.GA2313258@tack.einval.com>
and subject line Closing old bug
has caused the Debian Bug report #776999,
regarding efivar: broken 32-bit userland on 64-bit kernel
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
776999: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776999
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: efivar
Version: 0.15-3
Severity: serious

I'm afraid the patch 07-num_bits.patch breaks the case of 32-bit userland
on a 64-bit kernel.  As far as I know, this is how i386 would get installed
on any non-ancient machine if d-i could get that far (it doesn't for me in
qemu-kvm.x86-64, though).

The bad assumption is that an 64-bit kernel would give the same data to any
process.  This seems to be obvious, but it's not the case:

Here's a set of sample dumps of
/sys/firmware/efi/vars/Boot0005-8be4df61-93ca-11d2-aa0d-00e098032b8c/raw_var
-- all done on the same virtual machine, same kernel, same boot-up, all that
differs is the ABI of the cat process:

cat is amd64:
00000000  42 00 6f 00 6f 00 74 00  30 00 30 00 30 00 35 00  |B.o.o.t.0.0.0.5.|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000400  61 df e4 8b ca 93 d2 11  aa 0d 00 e0 98 03 2b 8c  |a.............+.|
00000410  76 00 00 00 00 00 00 00  01 00 00 00 62 00 64 00  |v...........b.d.|
          ^^^^^^^^^^^^^^^^^^^^^^^
00000420  65 00 62 00 69 00 61 00  6e 00 00 00 04 01 2a 00  |e.b.i.a.n.....*.|
00000430  01 00 00 00 00 08 00 00  00 00 00 00 00 00 10 00  |................|
00000440  00 00 00 00 14 ab c8 38  14 e4 68 40 89 28 2a 27  |.......8..h@.(*'|
00000450  8b 45 06 d2 02 02 04 04  34 00 5c 00 45 00 46 00  |.E......4.\.E.F.|
00000460  49 00 5c 00 64 00 65 00  62 00 69 00 61 00 6e 00  |I.\.d.e.b.i.a.n.|
00000470  5c 00 67 00 72 00 75 00  62 00 78 00 36 00 34 00  |\.g.r.u.b.x.6.4.|
00000480  2e 00 65 00 66 00 69 00  00 00 7f ff 04 00 00 00  |..e.f.i.........|
00000490  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000820  07 00 00 00                                       |....|
00000824
cat is x32:
00000000  42 00 6f 00 6f 00 74 00  30 00 30 00 30 00 35 00  |B.o.o.t.0.0.0.5.|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000400  61 df e4 8b ca 93 d2 11  aa 0d 00 e0 98 03 2b 8c  |a.............+.|
00000410  76 00 00 00 01 00 00 00  62 00 64 00 65 00 62 00  |v.......b.d.e.b.|
          ^^^^^^^^^^^
00000420  69 00 61 00 6e 00 00 00  04 01 2a 00 01 00 00 00  |i.a.n.....*.....|
00000430  00 08 00 00 00 00 00 00  00 00 10 00 00 00 00 00  |................|
00000440  14 ab c8 38 14 e4 68 40  89 28 2a 27 8b 45 06 d2  |...8..h@.(*'.E..|
00000450  02 02 04 04 34 00 5c 00  45 00 46 00 49 00 5c 00  |....4.\.E.F.I.\.|
00000460  64 00 65 00 62 00 69 00  61 00 6e 00 5c 00 67 00  |d.e.b.i.a.n.\.g.|
00000470  72 00 75 00 62 00 78 00  36 00 34 00 2e 00 65 00  |r.u.b.x.6.4...e.|
00000480  66 00 69 00 00 00 7f ff  04 00 00 00 00 00 00 00  |f.i.............|
00000490  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000810  00 00 00 00 00 00 00 00  07 00 00 00              |............|
0000081c
cat is i386:
00000000  42 00 6f 00 6f 00 74 00  30 00 30 00 30 00 35 00  |B.o.o.t.0.0.0.5.|
00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000400  61 df e4 8b ca 93 d2 11  aa 0d 00 e0 98 03 2b 8c  |a.............+.|
00000410  76 00 00 00 01 00 00 00  62 00 64 00 65 00 62 00  |v.......b.d.e.b.|
          ^^^^^^^^^^^
00000420  69 00 61 00 6e 00 00 00  04 01 2a 00 01 00 00 00  |i.a.n.....*.....|
00000430  00 08 00 00 00 00 00 00  00 00 10 00 00 00 00 00  |................|
00000440  14 ab c8 38 14 e4 68 40  89 28 2a 27 8b 45 06 d2  |...8..h@.(*'.E..|
00000450  02 02 04 04 34 00 5c 00  45 00 46 00 49 00 5c 00  |....4.\.E.F.I.\.|
00000460  64 00 65 00 62 00 69 00  61 00 6e 00 5c 00 67 00  |d.e.b.i.a.n.\.g.|
00000470  72 00 75 00 62 00 78 00  36 00 34 00 2e 00 65 00  |r.u.b.x.6.4...e.|
00000480  66 00 69 00 00 00 7f ff  04 00 00 00 00 00 00 00  |f.i.............|
00000490  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000810  00 00 00 00 00 00 00 00  07 00 00 00              |............|
0000081c

Note that, surprisingly, the kernel detects the ABI of the running process
and presents different contents of that file on the sys fs.  This means,
runtime detection is bad as any 32-bit process will get 32-bit fields
(actually, just one, the rest is arch-independent).

Thus, to fix the issue, it seems you can drop 07-num_bits.patch and install
the patch I attached instead.  I'm afraid I can't test it save for qemu and
virtualbox at this time, though.


And while we're here... could you please add x32 to the list of architectures
in debian/control?  This would fix a FTBFS on an unofficial arch.

-- 
// If you believe in so-called "intellectual property", please immediately
// cease using counterfeit alphabets.  Instead, contact the nearest temple
// of Amon, whose priests will provide you with scribal services for all
// your writing needs, for Reasonable and Non-Discriminatory prices.

--- End Message ---
--- Begin Message --- 
No response in a number of years, and the code has moved on a long way
since.

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
Dance like no one's watching. Encrypt like everyone is.
 - @torproject

--- End Message ---
Reply to: