On Wed, 17 Jul 2024 at 14:32, Steve Wahl <steve.wahl@xxxxxxx> wrote:
>
> From: Tao Liu <ltao@xxxxxxxxxx>
>
> A kexec kernel boot failure is sometimes observed on AMD CPUs due to
> an unmapped EFI config table array. This can be seen when "nogbpages"
> is on the kernel command line, and has been observed as a full BIOS
> reboot rather than a successful kexec.
>
> This was also the cause of reported regressions attributed to Commit
> 7143c5f4cf20 ("x86/mm/ident_map: Use gbpages only where full GB page
> should be mapped.") which was subsequently reverted.
>
> To avoid this page fault, explicitly include the EFI config table
> array in the kexec identity map.
>
> Further explanation:
>
> The following 2 commits caused the EFI config table array to be
> accessed when enabling sev at kernel startup.
>
> commit ec1c66af3a30 ("x86/compressed/64: Detect/setup SEV/SME features
> earlier during boot")
> commit c01fce9cef84 ("x86/compressed: Add SEV-SNP feature
> detection/setup")
>
> This is in the code that examines whether SEV should be enabled or
> not, so it can even affect systems that are not SEV capable.
>
> This may result in a page fault if the EFI config table array's
> address is unmapped. Since the page fault occurs before the new kernel
> establishes its own identity map and page fault routines, it is
> unrecoverable and kexec fails.
>
> Most often, this problem is not seen because the EFI config table
> array gets included in the map by the luck of being placed at a memory
> address close enough to other memory areas that *are* included in the
> map created by kexec.
>
> Both the "nogbpages" command line option and the "use gpbages only
> where full GB page should be mapped" patch greatly reduce the chance
> of being included in the map by luck, which is why the problem
> appears.
>
> Signed-off-by: Tao Liu <ltao@xxxxxxxxxx>
> Signed-off-by: Steve Wahl <steve.wahl@xxxxxxx>
> Tested-by: Pavin Joseph <me@xxxxxxxxxxxxxxx>
> Tested-by: Sarah Brofeldt <srhb@xxxxxx>
> Tested-by: Eric Hagberg <ehagberg@xxxxxxxxx>
> ---
>
> Version 3: Do not rename map_efi_systab to map_efi_tables, and don't add
> 'config table' to the comments, per Ard Biesheuvel request.
>
> arch/x86/kernel/machine_kexec_64.c | 27 +++++++++++++++++++++++++++
> 1 file changed, 27 insertions(+)
>
Reviewed-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
