kexec and struct boot_params

kexec and struct boot_params

[H. Peter Anvin]

Hi Eric,

Could you give a list of struct boot_params field which are initialized
properly by kexec?  I think we need to do the sentinel hack, and want to
know what to whitelist.

Also, does kexec set a bootloader ID?

	-hpa

Re: kexec and struct boot_params

[Yinghai Lu]

On Wed, Dec 5, 2012 at 5:57 PM, H. Peter Anvin <hpa@zytor.com> wrote:
> Hi Eric,
>
> Could you give a list of struct boot_params field which are initialized
> properly by kexec?  I think we need to do the sentinel hack, and want to
> know what to whitelist.

the one with *
? means set only when lfb_depth > 8
also
   0xa2 to 0x1df is not set

struct x86_linux_param_header {
	uint8_t  orig_x;			/* 0x00 */  *
	uint8_t  orig_y;			/* 0x01 */  *
	uint16_t ext_mem_k;			/* 0x02 -- EXT_MEM_K sits here */   *
	uint16_t orig_video_page;		/* 0x04 */  *
	uint8_t  orig_video_mode;		/* 0x06 */  *
	uint8_t  orig_video_cols;		/* 0x07 */  *
	uint16_t unused2;			/* 0x08 */
	uint16_t orig_video_ega_bx;		/* 0x0a */  *
	uint16_t unused3;			/* 0x0c */
	uint8_t	 orig_video_lines;		/* 0x0e */  *
	uint8_t	 orig_video_isVGA;		/* 0x0f */   *
	uint16_t orig_video_points;		/* 0x10 */   *

	/* VESA graphic mode -- linear frame buffer */
	uint16_t lfb_width;			/* 0x12 */   *
	uint16_t lfb_height;			/* 0x14 */   *
	uint16_t lfb_depth;			/* 0x16 */   *
	uint32_t lfb_base;			/* 0x18 */   *
	uint32_t lfb_size;			/* 0x1c */   *
	uint16_t cl_magic;			/* 0x20 */   *
#define CL_MAGIC_VALUE 0xA33F
	uint16_t cl_offset;			/* 0x22 */   *
	uint16_t lfb_linelength;		/* 0x24 */   *
	uint8_t	 red_size;			/* 0x26 */   ?
	uint8_t	 red_pos;			/* 0x27 */   ?
	uint8_t	 green_size;			/* 0x28 */   ?
	uint8_t	 green_pos;			/* 0x29 */   ?
	uint8_t	 blue_size;			/* 0x2a */   ?
	uint8_t	 blue_pos;			/* 0x2b */   ?
	uint8_t	 rsvd_size;			/* 0x2c */   ?
	uint8_t	 rsvd_pos;			/* 0x2d */   ?
	uint16_t vesapm_seg;			/* 0x2e */   *
	uint16_t vesapm_off;			/* 0x30 */
	uint16_t pages;				/* 0x32 */   *
	uint8_t  reserved4[12];			/* 0x34 -- 0x3f reserved for future expansion */

	struct apm_bios_info apm_bios_info;	/* 0x40 */   *
	struct drive_info_struct drive_info;	/* 0x80 */   *
	struct sys_desc_table sys_desc_table;	/* 0xa0 */   * only .length =
0, aka 0xa2 to 0x1df is not set
	uint32_t alt_mem_k;			/* 0x1e0 */  *
	uint8_t  reserved5[4];			/* 0x1e4 */
	uint8_t  e820_map_nr;			/* 0x1e8 */  *
	uint8_t  eddbuf_entries;		/* 0x1e9 */  *
	uint8_t  edd_mbr_sig_buf_entries;	/* 0x1ea */  *
	uint8_t  reserved6[6];			/* 0x1eb */
	HEADER.....					    copied and or meset 0 and set.
	uint8_t  reserved16[0x290 - 0x248];	/* 0x248 */
	uint32_t edd_mbr_sig_buffer[EDD_MBR_SIG_MAX];	/* 0x290 */  *
#endif
	struct 	e820entry e820_map[E820MAX];	/* 0x2d0 */   *
	uint8_t _pad8[48];			/* 0xcd0 */
	struct 	edd_info eddbuf[EDDMAXNR];	/* 0xd00 */   *
						/* 0xeec */
#define COMMAND_LINE_SIZE 2048
};


>
> Also, does kexec set a bootloader ID?

no, 0xff

Re: kexec and struct boot_params

[Yinghai Lu]

On Wed, Dec 5, 2012 at 7:12 PM, Yinghai Lu <yinghai@kernel.org> wrote:
> On Wed, Dec 5, 2012 at 5:57 PM, H. Peter Anvin <hpa@zytor.com> wrote:
>> Hi Eric,
>>
>> Could you give a list of struct boot_params field which are initialized
>> properly by kexec?  I think we need to do the sentinel hack, and want to
>> know what to whitelist.
>
> the one with *
> ? means set only when lfb_depth > 8
> also
>    0xa2 to 0x1df is not set
>
> struct x86_linux_param_header {
>         uint8_t  orig_x;                        /* 0x00 */  *
>         uint8_t  orig_y;                        /* 0x01 */  *
>         uint16_t ext_mem_k;                     /* 0x02 -- EXT_MEM_K sits here */   *
>         uint16_t orig_video_page;               /* 0x04 */  *
>         uint8_t  orig_video_mode;               /* 0x06 */  *
>         uint8_t  orig_video_cols;               /* 0x07 */  *
>         uint16_t unused2;                       /* 0x08 */
>         uint16_t orig_video_ega_bx;             /* 0x0a */  *
>         uint16_t unused3;                       /* 0x0c */
>         uint8_t  orig_video_lines;              /* 0x0e */  *
>         uint8_t  orig_video_isVGA;              /* 0x0f */   *
>         uint16_t orig_video_points;             /* 0x10 */   *
>
>         /* VESA graphic mode -- linear frame buffer */
>         uint16_t lfb_width;                     /* 0x12 */   *
>         uint16_t lfb_height;                    /* 0x14 */   *
>         uint16_t lfb_depth;                     /* 0x16 */   *
>         uint32_t lfb_base;                      /* 0x18 */   *
>         uint32_t lfb_size;                      /* 0x1c */   *
>         uint16_t cl_magic;                      /* 0x20 */   *
> #define CL_MAGIC_VALUE 0xA33F
>         uint16_t cl_offset;                     /* 0x22 */   *
>         uint16_t lfb_linelength;                /* 0x24 */   *
>         uint8_t  red_size;                      /* 0x26 */   ?
>         uint8_t  red_pos;                       /* 0x27 */   ?
>         uint8_t  green_size;                    /* 0x28 */   ?
>         uint8_t  green_pos;                     /* 0x29 */   ?
>         uint8_t  blue_size;                     /* 0x2a */   ?
>         uint8_t  blue_pos;                      /* 0x2b */   ?
>         uint8_t  rsvd_size;                     /* 0x2c */   ?
>         uint8_t  rsvd_pos;                      /* 0x2d */   ?
>         uint16_t vesapm_seg;                    /* 0x2e */   *
>         uint16_t vesapm_off;                    /* 0x30 */
>         uint16_t pages;                         /* 0x32 */   *
>         uint8_t  reserved4[12];                 /* 0x34 -- 0x3f reserved for future expansion */
>
>         struct apm_bios_info apm_bios_info;     /* 0x40 */   *
>         struct drive_info_struct drive_info;    /* 0x80 */   *
>         struct sys_desc_table sys_desc_table;   /* 0xa0 */   * only .length =
> 0, aka 0xa2 to 0x1df is not set
>         uint32_t alt_mem_k;                     /* 0x1e0 */  *
>         uint8_t  reserved5[4];                  /* 0x1e4 */
>         uint8_t  e820_map_nr;                   /* 0x1e8 */  *
>         uint8_t  eddbuf_entries;                /* 0x1e9 */  *
>         uint8_t  edd_mbr_sig_buf_entries;       /* 0x1ea */  *
>         uint8_t  reserved6[6];                  /* 0x1eb */
>         HEADER.....                                         copied and or meset 0 and set.
>         uint8_t  reserved16[0x290 - 0x248];     /* 0x248 */
>         uint32_t edd_mbr_sig_buffer[EDD_MBR_SIG_MAX];   /* 0x290 */  *
> #endif
>         struct  e820entry e820_map[E820MAX];    /* 0x2d0 */   *
>         uint8_t _pad8[48];                      /* 0xcd0 */
>         struct  edd_info eddbuf[EDDMAXNR];      /* 0xd00 */   *
>                                                 /* 0xeec */
> #define COMMAND_LINE_SIZE 2048
> };
>
>
>>
>> Also, does kexec set a bootloader ID?
>
> no, 0xff

Hi, Peter,

What's your decision about this?

Do you mean have one boot_params mask in initdata and AND that with
boot_params from bootloader
to clean not used bytes?

So later will not need to check
    if (boot_params.hdr.xloadflags & USE_EXT_BOOT_PARAMS)
?

I worked out other patches that remove kdump 896M limitation.
would like to post those patches to get more testing.
those are needed for bigger system with lots of pcie devices.

Thanks

Yinghai

Re: kexec and struct boot_params

[Yinghai Lu]

On Thu, Dec 6, 2012 at 10:57 PM, Yinghai Lu <yinghai@kernel.org> wrote:
> On Wed, Dec 5, 2012 at 7:12 PM, Yinghai Lu <yinghai@kernel.org> wrote:
>> On Wed, Dec 5, 2012 at 5:57 PM, H. Peter Anvin <hpa@zytor.com> wrote:
>>> Hi Eric,
>>>
>>> Could you give a list of struct boot_params field which are initialized
>>> properly by kexec?  I think we need to do the sentinel hack, and want to
>>> know what to whitelist.
>>
>> the one with *
>> ? means set only when lfb_depth > 8
>> also
>>    0xa2 to 0x1df is not set
>>
>> struct x86_linux_param_header {
>>         uint8_t  orig_x;                        /* 0x00 */  *
>>         uint8_t  orig_y;                        /* 0x01 */  *
>>         uint16_t ext_mem_k;                     /* 0x02 -- EXT_MEM_K sits here */   *
>>         uint16_t orig_video_page;               /* 0x04 */  *
>>         uint8_t  orig_video_mode;               /* 0x06 */  *
>>         uint8_t  orig_video_cols;               /* 0x07 */  *
>>         uint16_t unused2;                       /* 0x08 */
>>         uint16_t orig_video_ega_bx;             /* 0x0a */  *
>>         uint16_t unused3;                       /* 0x0c */
>>         uint8_t  orig_video_lines;              /* 0x0e */  *
>>         uint8_t  orig_video_isVGA;              /* 0x0f */   *
>>         uint16_t orig_video_points;             /* 0x10 */   *
>>
>>         /* VESA graphic mode -- linear frame buffer */
>>         uint16_t lfb_width;                     /* 0x12 */   *
>>         uint16_t lfb_height;                    /* 0x14 */   *
>>         uint16_t lfb_depth;                     /* 0x16 */   *
>>         uint32_t lfb_base;                      /* 0x18 */   *
>>         uint32_t lfb_size;                      /* 0x1c */   *
>>         uint16_t cl_magic;                      /* 0x20 */   *
>> #define CL_MAGIC_VALUE 0xA33F
>>         uint16_t cl_offset;                     /* 0x22 */   *
>>         uint16_t lfb_linelength;                /* 0x24 */   *
>>         uint8_t  red_size;                      /* 0x26 */   ?
>>         uint8_t  red_pos;                       /* 0x27 */   ?
>>         uint8_t  green_size;                    /* 0x28 */   ?
>>         uint8_t  green_pos;                     /* 0x29 */   ?
>>         uint8_t  blue_size;                     /* 0x2a */   ?
>>         uint8_t  blue_pos;                      /* 0x2b */   ?
>>         uint8_t  rsvd_size;                     /* 0x2c */   ?
>>         uint8_t  rsvd_pos;                      /* 0x2d */   ?
>>         uint16_t vesapm_seg;                    /* 0x2e */   *
>>         uint16_t vesapm_off;                    /* 0x30 */
>>         uint16_t pages;                         /* 0x32 */   *
>>         uint8_t  reserved4[12];                 /* 0x34 -- 0x3f reserved for future expansion */
>>
>>         struct apm_bios_info apm_bios_info;     /* 0x40 */   *
>>         struct drive_info_struct drive_info;    /* 0x80 */   *
>>         struct sys_desc_table sys_desc_table;   /* 0xa0 */   * only .length =
>> 0, aka 0xa2 to 0x1df is not set
>>         uint32_t alt_mem_k;                     /* 0x1e0 */  *
>>         uint8_t  reserved5[4];                  /* 0x1e4 */
>>         uint8_t  e820_map_nr;                   /* 0x1e8 */  *
>>         uint8_t  eddbuf_entries;                /* 0x1e9 */  *
>>         uint8_t  edd_mbr_sig_buf_entries;       /* 0x1ea */  *
>>         uint8_t  reserved6[6];                  /* 0x1eb */
>>         HEADER.....                                         copied and or meset 0 and set.
>>         uint8_t  reserved16[0x290 - 0x248];     /* 0x248 */
>>         uint32_t edd_mbr_sig_buffer[EDD_MBR_SIG_MAX];   /* 0x290 */  *
>> #endif
>>         struct  e820entry e820_map[E820MAX];    /* 0x2d0 */   *
>>         uint8_t _pad8[48];                      /* 0xcd0 */
>>         struct  edd_info eddbuf[EDDMAXNR];      /* 0xd00 */   *
>>                                                 /* 0xeec */
>> #define COMMAND_LINE_SIZE 2048
>> };
>>
>>
>>>
>>> Also, does kexec set a bootloader ID?
>>
>> no, 0xff
>
> Hi, Peter,
>
> What's your decision about this?
>
> Do you mean have one boot_params mask in initdata and AND that with
> boot_params from bootloader
> to clean not used bytes?
>
> So later will not need to check
>     if (boot_params.hdr.xloadflags & USE_EXT_BOOT_PARAMS)
> ?
>
> I worked out other patches that remove kdump 896M limitation.
> would like to post those patches to get more testing.
> those are needed for bigger system with lots of pcie devices.


ping!

Re: kexec and struct boot_params

[H. Peter Anvin]

On 12/12/2012 06:49 PM, Yinghai Lu wrote:
>>
>> Hi, Peter,
>>
>> What's your decision about this?
>>
>> Do you mean have one boot_params mask in initdata and AND that with
>> boot_params from bootloader
>> to clean not used bytes?
>>
>> So later will not need to check
>>      if (boot_params.hdr.xloadflags & USE_EXT_BOOT_PARAMS)
>> ?
>>
>> I worked out other patches that remove kdump 896M limitation.
>> would like to post those patches to get more testing.
>> those are needed for bigger system with lots of pcie devices.
>
>
> ping!
>

I still want to do what I mentioned before, because we need to not rely 
on the initialized/16-bit portion so much:

1. add a field in the uninitialized portion, call it "sentinel";
2. make sure the byte position corresponding to the "sentinel" field is
    nonzero in the bzImage file;
3. if the kernel boots up and sentinel is nonzero, erase those fields
    that you identified as uninitialized;
4. assign a proper boot loader ID to kexec, so we have a way of dealing
    with this kind of debacles in the future (that is what the
    bootloader ID is for: it gives us a way to work around
    bootloader-specific problems.)

We also need to formalize the 64-bit entry point properly, including all 
the entry conditions and so forth.  That needs to be documented.

Eric, any thoughts or additional opinions?

	-hpa


-- 
H. Peter Anvin, Intel Open Source Technology Center
I work for Intel.  I don't speak on their behalf.

[tip:x86/urgent] x86, doc: Add a formal bootloader ID for kexec-tools

[tip-bot for H. Peter Anvin]

Commit-ID:  4bfe24ac1d9d9f06b30b2909f53ea462c72cfe1d
Gitweb:     http://git.kernel.org/tip/4bfe24ac1d9d9f06b30b2909f53ea462c72cfe1d
Author:     H. Peter Anvin <hpa@linux.intel.com>
AuthorDate: Wed, 12 Dec 2012 20:24:12 -0800
Committer:  H. Peter Anvin <hpa@linux.intel.com>
CommitDate: Wed, 12 Dec 2012 20:25:43 -0800

x86, doc: Add a formal bootloader ID for kexec-tools

Add bootloader id D for kexec-tools (it is kexec-tools, not the kexec
system call, that builds the data structures, therefore it is
kexec-tools which is the "bootloader" for this purpose.)

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Link: http://lkml.kernel.org/r/50C95832.5030306@zytor.com
---
 Documentation/x86/boot.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Documentation/x86/boot.txt b/Documentation/x86/boot.txt
index 9efceff..c25a53e 100644
--- a/Documentation/x86/boot.txt
+++ b/Documentation/x86/boot.txt
@@ -381,6 +381,7 @@ Protocol:	2.00+
 	A  Gujin
 	B  Qemu
 	C  Arcturus Networks uCbootloader
+	D  kexec-tools
 	E  Extended		(see ext_loader_type)
 	F  Special		(0xFF = undefined)
        10  Reserved

Re: kexec and struct boot_params

[Yinghai Lu]

[-- Attachment #1: Type: text/plain, Size: 1407 bytes --]

On Wed, Dec 12, 2012 at 8:23 PM, H. Peter Anvin <hpa@zytor.com> wrote:
> I still want to do what I mentioned before, because we need to not rely on
> the initialized/16-bit portion so much:
>
> 1. add a field in the uninitialized portion, call it "sentinel";
> 2. make sure the byte position corresponding to the "sentinel" field is
>    nonzero in the bzImage file;
> 3. if the kernel boots up and sentinel is nonzero, erase those fields
>    that you identified as uninitialized;

thanks for the instruction. please check if you are ok with update patch

> 4. assign a proper boot loader ID to kexec, so we have a way of dealing
>    with this kind of debacles in the future (that is what the
>    bootloader ID is for: it gives us a way to work around
>    bootloader-specific problems.)

ok, add one patch for kexec-tools

>
> We also need to formalize the 64-bit entry point properly, including all the
> entry conditions and so forth.  That needs to be documented.

do you mean, in some file, like bzImage_entry_64.txt
1. kernel 16 bit code length is defined by setup_sects in setup_header.
2. after that there are kernel code
   a. 32bit entry is 0,
   b. 64bit entry is 0x200
3. when using 32bit entry, kernel should under 1G, initrd should be
under 2G, zero_page, command_line should be under 1G.
 when using 64bit entry, kernel, initrd, zero_page, command_line could
be above 4G.

Thanks

Yinghai

[-- Attachment #2: ext_ramdisk_image.patch --]
[-- Type: application/octet-stream, Size: 9767 bytes --]

Subject: [PATCH v5 10/11] x86, boot: add fields to support load bzImage and ramdisk above 4G

ext_ramdisk_image/size will record high 32bits for ramdisk info.

xloadflags bit0 will be set if relocatable with 64bit.

Let get_ramdisk_image/size to use ext_ramdisk_image/size to get
right positon for ramdisk.

bootloader will fill value to ext_ramdisk_image/size when it load
ramdisk above 4G.

Also bootloader will check if xloadflags bit0 is set to decicde if
it could load ramdisk high above 4G.

sentinel is used to make sure kernel have ext_* valid values set

Update header version to 2.12.

-v2: add ext_cmd_line_ptr for above 4G support.
-v3: update to xloadflags from HPA.
-v4: use fields from bootparam instead setup_header according to HPA.
-v5: add checking for USE_EXT_BOOT_PARAMS
-v6: use sentinel to check if ext_* are valid suggested by HPA.
     HPA said:
	1. add a field in the uninitialized portion, call it "sentinel";
	2. make sure the byte position corresponding to the "sentinel" field is
	   nonzero in the bzImage file;
	3. if the kernel boots up and sentinel is nonzero, erase those fields
	   that you identified as uninitialized;

Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Cc: Rob Landley <rob@landley.net>
Cc: Matt Fleming <matt.fleming@intel.com>

---
 Documentation/x86/boot.txt         |   15 ++++++++++++++-
 Documentation/x86/zero-page.txt    |    4 ++++
 arch/x86/boot/compressed/cmdline.c |    2 ++
 arch/x86/boot/compressed/misc.c    |   12 ++++++++++++
 arch/x86/boot/header.S             |   16 ++++++++++++++--
 arch/x86/include/asm/bootparam.h   |   12 +++++++++---
 arch/x86/kernel/head64.c           |    2 ++
 arch/x86/kernel/setup.c            |    4 ++++
 8 files changed, 61 insertions(+), 6 deletions(-)

Index: linux-2.6/Documentation/x86/boot.txt
===================================================================
--- linux-2.6.orig/Documentation/x86/boot.txt
+++ linux-2.6/Documentation/x86/boot.txt
@@ -57,6 +57,9 @@ Protocol 2.10:	(Kernel 2.6.31) Added a p
 Protocol 2.11:	(Kernel 3.6) Added a field for offset of EFI handover
 		protocol entry point.
 
+Protocol 2.12:	(Kernel 3.9) Added three fields for loading bzImage and
+		 ramdisk above 4G with 64bit in bootparam.
+
 **** MEMORY LAYOUT
 
 The traditional memory map for the kernel loader, used for Image or
@@ -182,7 +185,7 @@ Offset	Proto	Name		Meaning
 0230/4	2.05+	kernel_alignment Physical addr alignment required for kernel
 0234/1	2.05+	relocatable_kernel Whether kernel is relocatable or not
 0235/1	2.10+	min_alignment	Minimum alignment, as a power of two
-0236/2	N/A	pad3		Unused
+0236/2	2.12+	xloadflags	Boot protocol option flags
 0238/4	2.06+	cmdline_size	Maximum size of the kernel command line
 023C/4	2.07+	hardware_subarch Hardware subarchitecture
 0240/8	2.07+	hardware_subarch_data Subarchitecture-specific data
@@ -582,6 +585,16 @@ Protocol:	2.10+
   misaligned kernel.  Therefore, a loader should typically try each
   power-of-two alignment from kernel_alignment down to this alignment.
 
+Field name:     xloadflags
+Type:           modify (obligatory)
+Offset/size:    0x236/2
+Protocol:       2.12+
+
+  This field is a bitmask.
+
+  Bit 0 (read): CAN_BE_LOADED_ABOVE_4G
+        - If 1, kernel/boot_params/cmdline/ramdisk can be above 4g,
+
 Field name:	cmdline_size
 Type:		read
 Offset/size:	0x238/4
Index: linux-2.6/arch/x86/boot/header.S
===================================================================
--- linux-2.6.orig/arch/x86/boot/header.S
+++ linux-2.6/arch/x86/boot/header.S
@@ -251,6 +251,10 @@ section_table:
 
 #endif /* CONFIG_EFI_STUB */
 
+	/* sentinel: make sure if boot_params from bootloader is right */
+	.org    0x1f0
+	.byte	0xff
+
 	# Kernel attributes; used by setup.  This is part 1 of the
 	# header, from the old boot sector.
 
@@ -279,7 +283,7 @@ _start:
 	# Part 2 of the header, from the old setup.S
 
 		.ascii	"HdrS"		# header signature
-		.word	0x020b		# header version number (>= 0x0105)
+		.word	0x020c		# header version number (>= 0x0105)
 					# or else old loadlin-1.5 will fail)
 		.globl realmode_swtch
 realmode_swtch:	.word	0, 0		# default_switch, SETUPSEG
@@ -369,7 +373,15 @@ relocatable_kernel:    .byte 1
 relocatable_kernel:    .byte 0
 #endif
 min_alignment:		.byte MIN_KERNEL_ALIGN_LG2	# minimum alignment
-pad3:			.word 0
+
+xloadflags:
+CAN_BE_LOADED_ABOVE_4G	= 1		# If set, the kernel/boot_param/
+					# ramdisk could be loaded above 4g
+#if defined(CONFIG_X86_64) && defined(CONFIG_RELOCATABLE)
+			.word CAN_BE_LOADED_ABOVE_4G
+#else
+			.word 0
+#endif
 
 cmdline_size:   .long   COMMAND_LINE_SIZE-1     #length of the command line,
                                                 #added with boot protocol
Index: linux-2.6/arch/x86/include/asm/bootparam.h
===================================================================
--- linux-2.6.orig/arch/x86/include/asm/bootparam.h
+++ linux-2.6/arch/x86/include/asm/bootparam.h
@@ -58,7 +58,9 @@ struct setup_header {
 	__u32	initrd_addr_max;
 	__u32	kernel_alignment;
 	__u8	relocatable_kernel;
-	__u8	_pad2[3];
+	__u8	min_alignment;
+	__u16	xloadflags;
+#define CAN_BE_LOADED_ABOVE_4G	(1<<0)
 	__u32	cmdline_size;
 	__u32	hardware_subarch;
 	__u64	hardware_subarch_data;
@@ -106,7 +108,10 @@ struct boot_params {
 	__u8  hd1_info[16];	/* obsolete! */		/* 0x090 */
 	struct sys_desc_table sys_desc_table;		/* 0x0a0 */
 	struct olpc_ofw_header olpc_ofw_header;		/* 0x0b0 */
-	__u8  _pad4[128];				/* 0x0c0 */
+	__u32 ext_ramdisk_image;			/* 0x0c0 */
+	__u32 ext_ramdisk_size;				/* 0x0c4 */
+	__u32 ext_cmd_line_ptr;				/* 0x0c8 */
+	__u8  _pad4[116];				/* 0x0cc */
 	struct edid_info edid_info;			/* 0x140 */
 	struct efi_info efi_info;			/* 0x1c0 */
 	__u32 alt_mem_k;				/* 0x1e0 */
@@ -115,7 +120,8 @@ struct boot_params {
 	__u8  eddbuf_entries;				/* 0x1e9 */
 	__u8  edd_mbr_sig_buf_entries;			/* 0x1ea */
 	__u8  kbd_status;				/* 0x1eb */
-	__u8  _pad6[5];					/* 0x1ec */
+	__u8  _pad6[4];					/* 0x1ec */
+	__u8  sentinel;					/* 0x1f0 */
 	struct setup_header hdr;    /* setup header */	/* 0x1f1 */
 	__u8  _pad7[0x290-0x1f1-sizeof(struct setup_header)];
 	__u32 edd_mbr_sig_buffer[EDD_MBR_SIG_MAX];	/* 0x290 */
Index: linux-2.6/arch/x86/kernel/setup.c
===================================================================
--- linux-2.6.orig/arch/x86/kernel/setup.c
+++ linux-2.6/arch/x86/kernel/setup.c
@@ -306,12 +306,16 @@ static u64 __init get_ramdisk_image(void
 {
 	u64 ramdisk_image = boot_params.hdr.ramdisk_image;
 
+	ramdisk_image |= (u64)boot_params.ext_ramdisk_image << 32;
+
 	return ramdisk_image;
 }
 static u64 __init get_ramdisk_size(void)
 {
 	u64 ramdisk_size = boot_params.hdr.ramdisk_size;
 
+	ramdisk_size |= (u64)boot_params.ext_ramdisk_size << 32;
+
 	return ramdisk_size;
 }
 
Index: linux-2.6/arch/x86/boot/compressed/cmdline.c
===================================================================
--- linux-2.6.orig/arch/x86/boot/compressed/cmdline.c
+++ linux-2.6/arch/x86/boot/compressed/cmdline.c
@@ -17,6 +17,8 @@ static unsigned long get_cmd_line_ptr(vo
 {
 	unsigned long cmd_line_ptr = real_mode->hdr.cmd_line_ptr;
 
+	cmd_line_ptr |= (u64)real_mode->ext_cmd_line_ptr << 32;
+
 	return cmd_line_ptr;
 }
 int cmdline_find_option(const char *option, char *buffer, int bufsize)
Index: linux-2.6/arch/x86/kernel/head64.c
===================================================================
--- linux-2.6.orig/arch/x86/kernel/head64.c
+++ linux-2.6/arch/x86/kernel/head64.c
@@ -56,6 +56,8 @@ static unsigned long get_cmd_line_ptr(vo
 {
 	unsigned long cmd_line_ptr = boot_params.hdr.cmd_line_ptr;
 
+	cmd_line_ptr |= (u64)boot_params.ext_cmd_line_ptr << 32;
+
 	return cmd_line_ptr;
 }
 
Index: linux-2.6/Documentation/x86/zero-page.txt
===================================================================
--- linux-2.6.orig/Documentation/x86/zero-page.txt
+++ linux-2.6/Documentation/x86/zero-page.txt
@@ -19,6 +19,9 @@ Offset	Proto	Name		Meaning
 090/010	ALL	hd1_info	hd1 disk parameter, OBSOLETE!!
 0A0/010	ALL	sys_desc_table	System description table (struct sys_desc_table)
 0B0/010	ALL	olpc_ofw_header	OLPC's OpenFirmware CIF and friends
+0C0/004	ALL	ext_ramdisk_image ramdisk_image high 32bits
+0C4/004	ALL	ext_ramdisk_size  ramdisk_size high 32bits
+0C8/004	ALL	ext_cmd_line_ptr  cmd_line_ptr high 32bits
 140/080	ALL	edid_info	Video mode setup (struct edid_info)
 1C0/020	ALL	efi_info	EFI 32 information (struct efi_info)
 1E0/004	ALL	alk_mem_k	Alternative mem check, in KB
@@ -27,6 +30,7 @@ Offset	Proto	Name		Meaning
 1E9/001	ALL	eddbuf_entries	Number of entries in eddbuf (below)
 1EA/001	ALL	edd_mbr_sig_buf_entries	Number of entries in edd_mbr_sig_buffer
 				(below)
+1F0/001	ALL	sentinel	0: states _ext_* fields are valid
 290/040	ALL	edd_mbr_sig_buffer EDD MBR signatures
 2D0/A00	ALL	e820_map	E820 memory map table
 				(array of struct e820entry)
Index: linux-2.6/arch/x86/boot/compressed/misc.c
===================================================================
--- linux-2.6.orig/arch/x86/boot/compressed/misc.c
+++ linux-2.6/arch/x86/boot/compressed/misc.c
@@ -318,6 +318,16 @@ static void parse_elf(void *output)
 	free(phdrs);
 }
 
+static void sanitize_real_mode(struct boot_params *real_mode)
+{
+	if (real_mode->sentinel) {
+		/* ext_* field in boot_params is not valid, clear them */
+		real_mode->ext_ramdisk_image = 0;
+		real_mode->ext_ramdisk_size  = 0;
+		real_mode->ext_cmd_line_ptr  = 0;
+	}
+}
+
 asmlinkage void decompress_kernel(void *rmode, memptr heap,
 				  unsigned char *input_data,
 				  unsigned long input_len,
@@ -325,6 +335,8 @@ asmlinkage void decompress_kernel(void *
 {
 	real_mode = rmode;
 
+	sanitize_real_mode(real_mode);
+
 	if (real_mode->screen_info.orig_video_mode == 7) {
 		vidmem = (char *) 0xb0000;
 		vidport = 0x3b4;