This patchset attempts to fix https://bugs.launchpad.net/qemu/+bug/1823998 which reports that we don't handle kernels larger than 128MB correctly, because we allow the initrd to be placed over the tail end of the kernel. AArch64 kernel Image files (since v3.17) report the total size they require (including any BSS area that isn't in the Image itself), so we can use that to be sure we place the initrd sufficiently far into the RAM. Patches 1 and 2 are new since v1; patches 3 and 4 are the old patches 1 and 2 (and are basically unchanged since v1). Patches 1 and 2 in this series are new. Patch 1 fixes bugs in the existing code where we were assuming that we could treat info->ram_size as the address of the end of RAM, which isn't true if the RAM doesn't start at address 0. (This generally went unnoticed thanks to the magic of unsigned integer underflow turning end-start calculations into very large max_size values for load_ramdisk_as() and friends.) Patch 2 adds some explicit checks that we don't try to put things entirely off the end of RAM (which avoids those accidental underflows). Patch 3 in this series adjusts our "where do we put the initrd" heuristic so that it always places it at least after whatever our best guess at the kernel size is. (This might still not be right for images like self-decompressing 32-bit kernels, where there's no way to know how big the kernel will be after decompression.) Patch 4 makes load_aarch64_image() return the kernel size as indicated in the Image file header, so that for the specific case of AArch64 Image files we will definitely not put the initrd on top of them. thanks -- PMM Peter Maydell (4): hw/arm/boot: Don't assume RAM starts at address zero hw/arm/boot: Diagnose layouts that put initrd or DTB off the end of RAM hw/arm/boot: Avoid placing the initrd on top of the kernel hw/arm/boot: Honour image size field in AArch64 Image format kernels hw/arm/boot.c | 83 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 62 insertions(+), 21 deletions(-) -- 2.20.1
Hi Peter, Sorry for the delay in replying to this... On Thu, May 16, 2019 at 03:47:29PM +0100, Peter Maydell wrote: > > This patchset attempts to fix https://bugs.launchpad.net/qemu/+bug/1823998 > which reports that we don't handle kernels larger than 128MB > correctly, because we allow the initrd to be placed over the > tail end of the kernel. AArch64 kernel Image files (since v3.17) > report the total size they require (including any BSS area that > isn't in the Image itself), so we can use that to be sure we > place the initrd sufficiently far into the RAM. > > Patches 1 and 2 are new since v1; patches 3 and 4 are the old > patches 1 and 2 (and are basically unchanged since v1). > > Patches 1 and 2 in this series are new. Patch 1 fixes bugs > in the existing code where we were assuming that we could > treat info->ram_size as the address of the end of RAM, which > isn't true if the RAM doesn't start at address 0. (This > generally went unnoticed thanks to the magic of unsigned integer > underflow turning end-start calculations into very large max_size > values for load_ramdisk_as() and friends.) > Patch 2 adds some explicit checks that we don't try to put things > entirely off the end of RAM (which avoids those accidental > underflows). > Patch 3 in this series adjusts our "where do we put the initrd" > heuristic so that it always places it at least after whatever > our best guess at the kernel size is. (This might still not > be right for images like self-decompressing 32-bit kernels, where > there's no way to know how big the kernel will be after > decompression.) > Patch 4 makes load_aarch64_image() return the > kernel size as indicated in the Image file header, so that for > the specific case of AArch64 Image files we will definitely not > put the initrd on top of them. With all 4 patches applied, I'm able to boot kernels with large BSS segments (~128M, ~512M, and ~1G), and I get sensible warnings when they are impossible to boot, e.g. # 124M of RAM [mark@gravadlaks:~/repro]% ./vmboot.sh ~/Image.test-128M qemu-system-aarch64: kernel '/home/mark/Image.test-128M' is too large to fit in RAM (kernel size 155500544, RAM size 130023424) # 150M of RAM [mark@gravadlaks:~/repro]% ./vmboot.sh ~/Image.test-128M qemu-system-aarch64: Not enough space for DTB after kernel/initrd So feel free to add: Tested-by: Mark Rutland <mark.rutland@arm.com> Thanks for putting this together; this is _really_ useful for my testing setup, and the warnings above are likely to save people a lot of head-scratching in future. It would be great to see this merged. :) Thanks, Mark.
Ping for code review, please? thanks -- PMM On Thu, 16 May 2019 at 15:47, Peter Maydell <peter.maydell@linaro.org> wrote: > > > This patchset attempts to fix https://bugs.launchpad.net/qemu/+bug/1823998 > which reports that we don't handle kernels larger than 128MB > correctly, because we allow the initrd to be placed over the > tail end of the kernel. AArch64 kernel Image files (since v3.17) > report the total size they require (including any BSS area that > isn't in the Image itself), so we can use that to be sure we > place the initrd sufficiently far into the RAM. > > Patches 1 and 2 are new since v1; patches 3 and 4 are the old > patches 1 and 2 (and are basically unchanged since v1). > > Patches 1 and 2 in this series are new. Patch 1 fixes bugs > in the existing code where we were assuming that we could > treat info->ram_size as the address of the end of RAM, which > isn't true if the RAM doesn't start at address 0. (This > generally went unnoticed thanks to the magic of unsigned integer > underflow turning end-start calculations into very large max_size > values for load_ramdisk_as() and friends.) > Patch 2 adds some explicit checks that we don't try to put things > entirely off the end of RAM (which avoids those accidental > underflows). > Patch 3 in this series adjusts our "where do we put the initrd" > heuristic so that it always places it at least after whatever > our best guess at the kernel size is. (This might still not > be right for images like self-decompressing 32-bit kernels, where > there's no way to know how big the kernel will be after > decompression.) > Patch 4 makes load_aarch64_image() return the > kernel size as indicated in the Image file header, so that for > the specific case of AArch64 Image files we will definitely not > put the initrd on top of them. > > thanks > -- PMM > > Peter Maydell (4): > hw/arm/boot: Don't assume RAM starts at address zero > hw/arm/boot: Diagnose layouts that put initrd or DTB off the end of > RAM > hw/arm/boot: Avoid placing the initrd on top of the kernel > hw/arm/boot: Honour image size field in AArch64 Image format kernels > > hw/arm/boot.c | 83 ++++++++++++++++++++++++++++++++++++++------------- > 1 file changed, 62 insertions(+), 21 deletions(-) > > -- > 2.20.1 >
Cc'ing Drew and Eric On 6/7/19 3:07 PM, Peter Maydell wrote: > Ping for code review, please? > > thanks > -- PMM > > On Thu, 16 May 2019 at 15:47, Peter Maydell <peter.maydell@linaro.org> wrote: >> >> >> This patchset attempts to fix https://bugs.launchpad.net/qemu/+bug/1823998 >> which reports that we don't handle kernels larger than 128MB >> correctly, because we allow the initrd to be placed over the >> tail end of the kernel. AArch64 kernel Image files (since v3.17) >> report the total size they require (including any BSS area that >> isn't in the Image itself), so we can use that to be sure we >> place the initrd sufficiently far into the RAM. >> >> Patches 1 and 2 are new since v1; patches 3 and 4 are the old >> patches 1 and 2 (and are basically unchanged since v1). >> >> Patches 1 and 2 in this series are new. Patch 1 fixes bugs >> in the existing code where we were assuming that we could >> treat info->ram_size as the address of the end of RAM, which >> isn't true if the RAM doesn't start at address 0. (This >> generally went unnoticed thanks to the magic of unsigned integer >> underflow turning end-start calculations into very large max_size >> values for load_ramdisk_as() and friends.) >> Patch 2 adds some explicit checks that we don't try to put things >> entirely off the end of RAM (which avoids those accidental >> underflows). >> Patch 3 in this series adjusts our "where do we put the initrd" >> heuristic so that it always places it at least after whatever >> our best guess at the kernel size is. (This might still not >> be right for images like self-decompressing 32-bit kernels, where >> there's no way to know how big the kernel will be after >> decompression.) >> Patch 4 makes load_aarch64_image() return the >> kernel size as indicated in the Image file header, so that for >> the specific case of AArch64 Image files we will definitely not >> put the initrd on top of them. >> >> thanks >> -- PMM >> >> Peter Maydell (4): >> hw/arm/boot: Don't assume RAM starts at address zero >> hw/arm/boot: Diagnose layouts that put initrd or DTB off the end of >> RAM >> hw/arm/boot: Avoid placing the initrd on top of the kernel >> hw/arm/boot: Honour image size field in AArch64 Image format kernels >> >> hw/arm/boot.c | 83 ++++++++++++++++++++++++++++++++++++++------------- >> 1 file changed, 62 insertions(+), 21 deletions(-) >> >> -- >> 2.20.1 >> >
© 2016 - 2024 Red Hat, Inc.