Re: [PATCH 0/5] x86/efi: Re-enable memory attributes table for kexec

[Gregory Price]

On Thu, Mar 26, 2026 at 02:26:56PM +0100, Ard Biesheuvel wrote:
> From: Ard Biesheuvel <ardb@xxxxxxxxxx>
> 
> The EFI memory attributes table augments the EFI memory map, and
> provides permission attributes for all runtime code and data regions
> that are otherwise mapped read-write-execute in their entirety.
> 
> Currently, this table is disregarded when doing kexec boot on x86, for
> two reasons:
> - the boot services data region that holds the table is not reserved
>   correctly, and may contain garbage at kexec time
> - a misguided sanity check on the size of the table is likely to trigger
>   on kexec, as the EFI memory map has been trimmed down by that time.
> 
> Fix both issues, so that the EFI memory attributes table can be taken
> into account again at kexec time. Note that this requires that the call
> to efi_memattr_init() is moved to a later point for x86.
> 

I appreciate this fixup, I'll try to give it a test in some known host
configuration switch scenarios I know don't work across multiple kexecs
and see if it is an improvement.

~Gregory

> Cc: Dave Young <dyoung@xxxxxxxxxx>
> Cc: Gregory Price <gourry@xxxxxxxxxx>
> Cc: Usama Arif <usamaarif642@xxxxxxxxx>
> Cc: Jiri Slaby <jirislaby@xxxxxxxxxx>
> Cc: Breno Leitao <leitao@xxxxxxxxxx>
> 
> Ard Biesheuvel (5):
>   efi/memattr: Fix thinko in table size sanity check
>   x86/efi: Gather initial memory reservation and table handling logic
>   x86/efi: Defer the call to efi_memattr_init()
>   efi: Use efi_mem_reserve() to reserve the memory attribute table
>   x86/efi: Drop kexec quirk for the EFI memory attributes table
> 
>  arch/x86/include/asm/efi.h     |  5 ++---
>  arch/x86/kernel/setup.c        | 11 ++---------
>  arch/x86/platform/efi/efi.c    | 15 +++++++++++++++
>  arch/x86/platform/efi/quirks.c |  4 ----
>  drivers/firmware/efi/efi.c     |  2 +-
>  drivers/firmware/efi/memattr.c | 17 ++++++++++-------
>  6 files changed, 30 insertions(+), 24 deletions(-)
> 
> 
> base-commit: 217c0a5c177a3d4f7c8497950cbf5c36756e8bbb
> -- 
> 2.53.0.1018.g2bb0e51243-goog
>