[edk2-devel] EFI table being corrupted during Kexec
Gerd Hoffmann
kraxel at redhat.com
Wed Sep 11 01:44:34 PDT 2024
On Tue, Sep 10, 2024 at 08:44:40AM GMT, Andrew Fish via groups.io wrote:
>
>
> > On Sep 10, 2024, at 6:58 AM, Breno Leitao <leitao at debian.org> wrote:
> >
> >
> > We've seen a problem in upstream kernel kexec, where a EFI TPM log event table
> > is being overwritten. This problem happen on real machine, as well as in a
> > recent EDK2 qemu VM.
> >
> > Digging deep, the table is being overwritten during kexec, more precisely when
> > relocating kernel (relocate_kernel() function).
> >
> > I've also found that the table is being properly reserved using
> > memblock_reserve() early in the boot, and that range gets overwritten later in
> > by relocate_kernel(). In other words, kexec is overwriting a memory that was
> > previously reserved (as memblock_reserve()).
> >
> > Usama found that kexec only honours memory reservations from /sys/firmware/memmap
> > which comes from e820_table_firmware table.
>
> The E820 table is not part of the UEFI standard and it is produced by
> a library in the OvmfPkg for “special cases” so I guess that lib could
> have a bug?
This "special case" is direct kernel boot ('qemu -kernel vmlinux') and
loading the linux kernel as EFI binary failed. That should only happen
with linux kernels so old that they do not have the efi stub.
Also note "problem happen on real machine" above, so it clearly is not
something OVMF-specific.
take care,
Gerd
More information about the kexec
mailing list