PS3: Strange issue with kexec and FreeBSD loader

Geoff Levand geoff at infradead.org
Thu Feb 21 11:14:33 EST 2013


Hi Phileas,

On Sun, 2013-02-17 at 00:12 +0100, Phileas Fogg wrote:
> I found new clues about the problem.
> 
> Normally the device tree memory segment is allocated at the top of the boot 
> memory region. The boot memory size on the PS3 console is 128MB.
> 
> root at ps3-linux:~# kexec -l loader.ps3
> segment[0].mem:0x131d000 memsz:262144
> segment[1].mem:0x135d000 memsz:36864
> segment[2].mem:0x7fff000 memsz:4096
> 
> And the device tree is located at address 0x7fff000, it's the last page of the 
> boot memory.
> 
> I changed the kexec-tools and made it store the device tree just after the 
> purgatory code which is located at address 0x135d000. Like here:
> 
> root at ps3-linux:~# kexec -l loader.ps3
> segment[0].mem:0x131d000 memsz:262144
> segment[1].mem:0x135d000 memsz:36864
> segment[2].mem:0x1366000 memsz:4096   <---- new address of device tree segment
> 
> And now the sha256 verification is always successful for the FreeBSD loader too.
> But still no idea what actually corrupts the device tree segment when it's 
> located at the top of the boot memory region. And why it happens on Linux 3.7 
> and Linux 3.8 but not on Linux 3.3.8.

Excellent work so far.

You may be able to use the Cell Processor's DABR (Data Address Breakpoint)
register to find out what code is writing to that memory area.  I have a
helper patch to setup the DABR register from kernel code here:

  http://git.kernel.org/?p=linux/kernel/git/geoff/ps3-linux.git;a=commitdiff;h=c46799f5c6ba7594cdaa248ec60a50c7ad1cdeaa

-Geoff



More information about the Linuxppc-dev mailing list