On Wed, Jul 12, 2023 at 02:03:37PM +0200, Ard Biesheuvel wrote: > On Wed, 12 Jul 2023 at 10:41, Gerd Hoffmann <kra...@redhat.com> wrote: > > > > PcdHeapGuardPageType=0x7e > > PcdHeapGuardPoolType=0x7e
> This looks like the debug 'poison' value is applied to the freed guard > page before the EFI_MEMORY_RP permission is removed. > > I wonder if the 'IsGuarded' logic in CoreFreePoolI is wrong here: this > is runtime memory, which is rounded up to 64k granularity on AArch64, > and I would not be surprised if that code is buggy. Looks plausible to me. Tried fix AdjustPoolHeadF() to use granularity instead of efi page size, that alone didn't make the firmware boot though. Clearing the two runtime memory type bits (0x7e -> 0x1e) makes the firmware boot. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106855): https://edk2.groups.io/g/devel/message/106855 Mute This Topic: https://groups.io/mt/100096124/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
