mirror of
https://github.com/Motorhead1991/qemu.git
synced 2025-08-07 09:43:56 -06:00
x86/loader: only patch linux kernels
If the binary loaded via -kernel is *not* a linux kernel (in which case protocol == 0), do not patch the linux kernel header fields. It's (a) pointless and (b) might break binaries by random patching and (c) changes the binary hash which in turn breaks secure boot verification. Background: OVMF happily loads and runs not only linux kernels but any efi binary via direct kernel boot. Note: Breaking the secure boot verification is a problem for linux kernels too, but fixed that is left for another day ... Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-ID: <20240905141211.1253307-3-kraxel@redhat.com>
This commit is contained in:
Gerd Hoffmann
parent
ca80a5d026
commit
57e2cc9abf
1 changed files with 1 additions and 1 deletions
|
|
@ -945,7 +945,7 @@ void x86_load_linux(X86MachineState *x86ms,
|
|||
* kernel on the other side of the fw_cfg interface matches the hash of the
|
||||
* file the user passed in.
|
||||
*/
|
||||
if (!sev_enabled()) {
|
||||
if (!sev_enabled() && protocol > 0) {
|
||||
memcpy(setup, header, MIN(sizeof(header), setup_size));
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue