Draft: x86/kexec: Add EFI config table identity mapping for kexec kernel (!2598) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Tao Liu requested to merge liutgnu/centos-stream-9:x86_efi into main May 25, 2023

Currently EFI system table is identity-mapped for the kexec kernel, but EFI
config table is not mapped explicitly:

    commit 6bbeb276b71f ("x86/kexec: Add the EFI system tables and ACPI
                          tables to the ident map")

Later in the following 2 commits, EFI config table will be accessed when
enabling sev at kernel startup. This may result in a page fault due to EFI
config table's unmapped address. Since the page fault occurs at an early
stage, it is unrecoverable and kernel hangs.

    commit ec1c66af3a30 ("x86/compressed/64: Detect/setup SEV/SME features
                          earlier during boot")
    commit c01fce9cef84 ("x86/compressed: Add SEV-SNP feature
                          detection/setup")

In addition, the issue doesn't appear on all systems, because the kexec
kernel uses Page Size Extension (PSE) for identity mapping. In most cases,
EFI config table can end up to be mapped into due to 1 GB page size.
However if nogbpages is set or cpu doesn't support pdpe1gb feature,
EFI config table may not be mapped into, thus a page fault hang is more
likely to happen.

In this patch, we will make sure the EFI config table is always mapped.

Draft: x86/kexec: Add EFI config table identity mapping for kexec kernel

Merge request reports