Re: [BUG] Fault during memory acceptance for TDX VMs with certain memory sizes

[Verma, Vishal L]

On Fri, 2026-02-13 at 14:24 +0000, Kiryl Shutsemau wrote:
> 
> I still think that we need align start/size/end to the PAGE_SIZE in
> accept_memory()/range_contains_unaccepted_memory() before doing anything
> else. Otherwise (end % unit_size) check is broken. But it seems to be
> unrelated to the problem you see.
> 
> diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
> index 111e87a618e5..56e9d73412fa 100644
> --- a/drivers/firmware/efi/efi.c
> +++ b/drivers/firmware/efi/efi.c
> @@ -692,13 +692,13 @@ static __init int match_config_table(const efi_guid_t *guid,
>  
>  static __init void reserve_unaccepted(struct efi_unaccepted_memory *unaccepted)
>  {
> -	phys_addr_t start, size;
> +	phys_addr_t start, end;
>  
>  	start = PAGE_ALIGN_DOWN(efi.unaccepted);
> -	size = PAGE_ALIGN(sizeof(*unaccepted) + unaccepted->size);
> +	end = PAGE_ALIGN(efi.unaccepted + sizeof(*unaccepted) + unaccepted->size);
>  
> -	memblock_add(start, size);
> -	memblock_reserve(start, size);
> +	memblock_add(start, end - start);
> +	memblock_reserve(start, end - start);
>  }
>  
>  int __init efi_config_parse_tables(const efi_config_table_t *config_tables,

I was able to reproduce the original BUG on a TDX system, and after
some LLM-assisted debugging, this similar patch seems to fix it:

---

diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
index 55452e61af31d..9f66f0f535420 100644
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -695,7 +695,8 @@ static __init void reserve_unaccepted(struct
efi_unaccepted_memory *unaccepted)
        phys_addr_t start, size;
 
        start = PAGE_ALIGN_DOWN(efi.unaccepted);
-       size = PAGE_ALIGN(sizeof(*unaccepted) + unaccepted->size);
+       size = PAGE_ALIGN(sizeof(*unaccepted) + unaccepted->size +
+                         offset_in_page(efi.unaccepted));
 
        memblock_add(start, size);
        memblock_reserve(start, size);


---

The hypothesis is that the original size calculation does not account
for the table's offset within its starting page. The EFI pool allocator
performs sub-page allocation, so efi.unaccepted may not be page
aligned.