From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: x86@kernel.org, Ard Biesheuvel <ardb@kernel.org>,
James Le Cuirot <chewi@gentoo.org>,
"H. Peter Anvin (Intel)" <hpa@zytor.com>
Subject: [PATCH] efi: Wipe INITRD config table from memory after consumption
Date: Fri, 5 Dec 2025 10:32:16 +0100 [thread overview]
Message-ID: <20251205093215.607858-2-ardb@kernel.org> (raw)
When the EFI stub itself loads the initrd and puts it in memory (rather
than simply passing on a struct boot_params or device tree that already
carries initrd information), it exposes this information to the core
kernel via a INITRD configuration table.
Given that config tables are preserved across kexec, this means that
subsequent kexec boots will observe the same information, even though it
most likely has become stale by that point. On x86, this information is
usually superseded by the initrd info passed via bootparams, in which
case this stale information is simply ignored. However, when performing
a kexec boot without passing an initrd, the loader falls back to this
stale information and explodes.
So wipe the base and size from the INITRD config table as soon as it has
been consumed. This fixes the issue for kexec on all EFI architectures.
Reported-by: James Le Cuirot <chewi@gentoo.org>
Tested-by: James Le Cuirot <chewi@gentoo.org>
Acked-by: H. Peter Anvin (Intel) <hpa@zytor.com>
Link: https://lore.kernel.org/all/20251126173209.374755-2-chewi@gentoo.org
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
drivers/firmware/efi/efi.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
index a9070d00b833..988198c36a63 100644
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -818,6 +818,7 @@ int __init efi_config_parse_tables(const efi_config_table_t *config_tables,
if (tbl) {
phys_initrd_start = tbl->base;
phys_initrd_size = tbl->size;
+ tbl->base = tbl->size = 0;
early_memunmap(tbl, sizeof(*tbl));
}
}
--
2.47.3
reply other threads:[~2025-12-05 9:32 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251205093215.607858-2-ardb@kernel.org \
--to=ardb@kernel.org \
--cc=chewi@gentoo.org \
--cc=hpa@zytor.com \
--cc=linux-efi@vger.kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).