Commit 214191f6b574 ("x86/loader: read complete kernel") changed the
semantics of kernel_size from the piggyback kernel to the whole kernel
file, which leads to the setup_data_offset contains setup_size and leads
to wrong address of setup_data being written in header[0x250].
Fix it by minusing setup_size.
Fixes: 214191f6b574 ("x86/loader: read complete kernel")
Signed-off-by: Xiaoyao Li <xiaoyao...@intel.com>
---
hw/i386/x86-common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/i386/x86-common.c b/hw/i386/x86-common.c
index 7512be64d67b..127b85eb02cc 100644
--- a/hw/i386/x86-common.c
+++ b/hw/i386/x86-common.c
@@ -935,7 +935,7 @@ void x86_load_linux(X86MachineState *x86ms,
kernel_size = setup_data_offset + sizeof(struct setup_data) + dtb_size;
kernel = g_realloc(kernel, kernel_size);
- stq_le_p(header + 0x250, prot_addr + setup_data_offset);
+ stq_le_p(header + 0x250, prot_addr + setup_data_offset - setup_size);
setup_data = (struct setup_data *)(kernel + setup_data_offset);
setup_data->next = 0;
--
2.43.0
