We are running windows UEFI-based VMs on QEMU/KVM with OvmfPkg. Very rarely we are experiencing a crash when VM tries to write to RO memory very early during UEFI boot process.
Crash happens when VM tries to execute this code in interrupt handler: https://github.com/tianocore/edk2/blob/master/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ExceptionHandlerAsm.asm#L244-L246 fxsave [rdi], where RDI = 0xffe60 Which is bad - it points to ISA BIOS F-segment area. This memory was mapped by qemu for read only access, which is reflected in KVM EPT: 00000000000e0000-00000000000fffff (prio 1, R-): isa-bios This is a very early IRQ0 interrupt, presumably during early initialization phase (Sec or Pei). Looks like CommonInterruptHandler does not switch to a separate stack and works on interrupted context's stack, which was fairly close to 1MB boundary when IRQ0 fired (RSP around 1002c0). When CommonInterruptEntry reached highlighted code it subtracted 512 bytes from current RSP which dropped to 0xffe60, below 1MB and into QEMU RO region. We were figuring out how to best fix this. Possible solutions are to switch to a separate stack in CommonInterruptEntry, relocate early OvmfPkg stack to somewhere farther away from 1MB, to run with interrupts disabled until we reach a later phase or maybe something else. Any comments would be very appreciated! _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
