Linux-EFI Archive on
 help / color / Atom feed
From: Borislav Petkov <>
To: Kairui Song <>
	Ard Biesheuvel <>,
	Thomas Gleixner <>,
	Ingo Molnar <>,
	Matthew Garrett <>,
	Jarkko Sakkinen <>,
	Baoquan He <>, Dave Young <>,,
Subject: Re: [PATCH v2] x86, efi: never relocate kernel below lowest acceptable address
Date: Fri, 11 Oct 2019 15:23:39 +0200
Message-ID: <20191011132339.GB8824@zn.tnic> (raw)
In-Reply-To: <>

On Fri, Sep 20, 2019 at 12:05:21AM +0800, Kairui Song wrote:
> Currently, kernel fails to boot on some HyperV VMs when using EFI.
> And it's a potential issue on all platforms.
> It's caused a broken kernel relocation on EFI systems, when below three
> conditions are met:
> 1. Kernel image is not loaded to the default address (LOAD_PHYSICAL_ADDR)
>    by the loader.
> 2. There isn't enough room to contain the kernel, starting from the
>    default load address (eg. something else occupied part the region).
> 3. In the memmap provided by EFI firmware, there is a memory region
>    starts below LOAD_PHYSICAL_ADDR, and suitable for containing the
>    kernel.
> Efi stub will perform a kernel relocation when condition 1 is met. But
> due to condition 2, efi stub can't relocate kernel to the preferred
> address, so it fallback to query and alloc from EFI firmware for lowest
> usable memory region.
> It's incorrect to use the lowest memory address. In later stage, kernel
> will assume LOAD_PHYSICAL_ADDR as the minimal acceptable relocate address,
> but efi stub will end up relocating kernel below it.

So far, so good.

> Then before the kernel decompressing. Kernel will do another relocation
> to address not lower than LOAD_PHYSICAL_ADDR, this time the relocate will
> over write the blockage at the default load address, which efi stub tried
> to avoid, and lead to unexpected behavior. Beside, the memory region it
> writes to is not allocated from EFI firmware, which is also wrong.

This paragraph is an unreadable mess and should be rewritten in simple,
declarative sentences.

The patch itself looks ok.


  parent reply index

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-19 16:05 Kairui Song
2019-09-25  9:51 ` Jarkko Sakkinen
2019-09-25 15:25 ` Ard Biesheuvel
2019-09-25 17:36   ` Kairui Song
2019-10-11 10:18     ` Kairui Song
2019-10-11 13:23 ` Borislav Petkov [this message]
2019-10-12  3:46   ` Kairui Song

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191011132339.GB8824@zn.tnic \ \ \ \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-EFI Archive on

Archives are clonable:
	git clone --mirror linux-efi/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-efi linux-efi/ \
	public-inbox-index linux-efi

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone public-inbox