@@ -1088,8 +1088,15 @@ void x86_load_linux(X86MachineState *x86ms,
qemu_guest_getrandom_nofail(setup_data->data, RNG_SEED_LENGTH);
}
- /* Offset 0x250 is a pointer to the first setup_data link. */
- stq_p(header + 0x250, first_setup_data);
+ /*
+ * Only modify the header if doing so won't crash EFI boot, which is the
+ * case only for newer boot protocols, and don't do so either if SEV is
+ * enabled.
+ */
+ if (protocol >= 0x210 && !sev_enabled()) {
+ /* Offset 0x250 is a pointer to the first setup_data link. */
+ stq_p(header + 0x250, first_setup_data);
+ }
/*
* If we're starting an encrypted VM, it will be OVMF based, which uses the
It's only safe to modify the setup_data pointer on newer kernels where the EFI stub loader will ignore it. So condition setting that offset on the newer boot protocol version. While we're at it, gate this on SEV too. This depends on the kernel commit linked below going upstream. Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Laurent Vivier <laurent@vivier.eu> Cc: Michael S. Tsirkin <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Philippe Mathieu-Daudé <f4bug@amsat.org> Cc: Richard Henderson <richard.henderson@linaro.org> Cc: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/linux-efi/20220904165321.1140894-1-Jason@zx2c4.com/ Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> --- hw/i386/x86.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-)