From patchwork Sun May 17 12:57:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206335 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0A594C433E0 for ; Sun, 17 May 2020 12:58:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DA4F720801 for ; Sun, 17 May 2020 12:58:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720316; bh=odAfPtsXVyhUKaIWs8xG3NNQZw4n00GnkhpwXSmjrl8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=hP6+ki5AoYVGzbmqetnRICjG9KiRjyUYTikPAAxrcmYCS7k9+w9olGcvcsJSQUEae bb42j7tC4oGhp/hv5jOLAsuyaObmXlAilt4ZBnn4yiyORakW2mBCN5YjjOiFBeaKME 9YX4LCLgDjdIH0B5z9MFr4utgPlSFUKws/IZypvo= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727903AbgEQM6g (ORCPT ); Sun, 17 May 2020 08:58:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:51456 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727896AbgEQM6g (ORCPT ); Sun, 17 May 2020 08:58:36 -0400 Received: from e123331-lin.nice.arm.com (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 72BCA20735; Sun, 17 May 2020 12:58:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720315; bh=odAfPtsXVyhUKaIWs8xG3NNQZw4n00GnkhpwXSmjrl8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bjwPl3SYEAwfMt+cSUaQAii7yrGd1L1dlu1N26KDnUMy0VKVEm8I79TubxBZrNMmE EJ97dNX+z3Io5tjQ48fk9E18hVtIsgnHSbRAskh6zxjUw9rAfOiBXG0brkVuxWGRMN xyr0KlHA6hxfMRN3IcAAoyoVgdOvep9k1kQjBdsA= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Arvind Sankar , Benjamin Thiel , Borislav Petkov , Dave Young , Heinrich Schuchardt , Javier Martinez Canillas , Jerry Snitselaar , Lenny Szubowicz , linux-acpi@vger.kernel.org, Loic Yhuel , Matthew Garrett , Mike Lothian , Punit Agrawal Subject: [PATCH 1/7] efi/libstub: Avoid returning uninitialized data from setup_graphics() Date: Sun, 17 May 2020 14:57:48 +0200 Message-Id: <20200517125754.8934-2-ardb@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200517125754.8934-1-ardb@kernel.org> References: <20200517125754.8934-1-ardb@kernel.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Heinrich Schuchardt Currently, setup_graphics() ignores the return value of efi_setup_gop(). As AllocatePool() does not zero out memory, the screen information table will contain uninitialized data in this case. We should free the screen information table if efi_setup_gop() returns an error code. Signed-off-by: Heinrich Schuchardt Link: https://lore.kernel.org/r/20200426194946.112768-1-xypron.glpk@gmx.de Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/arm-stub.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/libstub/arm-stub.c b/drivers/firmware/efi/libstub/arm-stub.c index 99a5cde7c2d8..48161b1dd098 100644 --- a/drivers/firmware/efi/libstub/arm-stub.c +++ b/drivers/firmware/efi/libstub/arm-stub.c @@ -60,7 +60,11 @@ static struct screen_info *setup_graphics(void) si = alloc_screen_info(); if (!si) return NULL; - efi_setup_gop(si, &gop_proto, size); + status = efi_setup_gop(si, &gop_proto, size); + if (status != EFI_SUCCESS) { + free_screen_info(si); + return NULL; + } } return si; } From patchwork Sun May 17 12:57:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206334 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 16E16C433DF for ; Sun, 17 May 2020 12:58:46 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E4A5020801 for ; Sun, 17 May 2020 12:58:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720326; bh=5tXL+YjtmxVs2yaNSEFQ3R9gk1JxmZK5tELvxsPiRaw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=ebuoK0R4kLjJDlkhN9pV8AHhKN9SRwoFPbHYvB2b4ARY3h90D3PmRfFE0D34dZu7z f8ZziWl80fdj2jjOoqQx90OB4oWdtQ6aX/X08B/4KAAjdG+tsF9fU4cdj93Me1Ot4v jllJulQSlZVYTF83rRS/0msqBQmeGp7wHJBfKZLw= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728038AbgEQM6p (ORCPT ); Sun, 17 May 2020 08:58:45 -0400 Received: from mail.kernel.org ([198.145.29.99]:51688 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728035AbgEQM6p (ORCPT ); Sun, 17 May 2020 08:58:45 -0400 Received: from e123331-lin.nice.arm.com (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 4359D204EC; Sun, 17 May 2020 12:58:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720323; bh=5tXL+YjtmxVs2yaNSEFQ3R9gk1JxmZK5tELvxsPiRaw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WKOE2jgf3mmUgNcnc03VCWp0QnSJ3zH4qHJXG7/KwC8HQi0nBluxZ0LDnfVw1Xfak tgkQYmt0yoWOvOeG2rzjt+BfpUo/89IVTH07R4qkw1ZVOfGcacS8NF5jzYTxohJin2 H6AUm8BeylyWB5mZkdEm1iS3VKNb1s/L6FTjta34= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Arvind Sankar , Benjamin Thiel , Borislav Petkov , Dave Young , Heinrich Schuchardt , Javier Martinez Canillas , Jerry Snitselaar , Lenny Szubowicz , linux-acpi@vger.kernel.org, Loic Yhuel , Matthew Garrett , Mike Lothian , Punit Agrawal Subject: [PATCH 3/7] efi/libstub/x86: Avoid EFI map buffer alloc in allocate_e820() Date: Sun, 17 May 2020 14:57:50 +0200 Message-Id: <20200517125754.8934-4-ardb@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200517125754.8934-1-ardb@kernel.org> References: <20200517125754.8934-1-ardb@kernel.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Lenny Szubowicz In allocate_e820(), call the EFI get_memory_map() service directly instead of indirectly via efi_get_memory_map(). This avoids allocation of a buffer and return of the full EFI memory map, which is not needed here and would otherwise need to be freed. Routine allocate_e820() only needs to know how many EFI memory descriptors there are in the map to allocate an adequately sized e820ext buffer, if it's needed. Note that since efi_get_memory_map() returns a memory map buffer sized with extra headroom, allocate_e820() now needs to explicitly factor that into the e820ext size calculation. Signed-off-by: Lenny Szubowicz Suggested-by: Ard Biesheuvel Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/efistub.h | 13 +++++++++++++ drivers/firmware/efi/libstub/mem.c | 2 -- drivers/firmware/efi/libstub/x86-stub.c | 24 +++++++++--------------- 3 files changed, 22 insertions(+), 17 deletions(-) diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index 67d26949fd26..62943992f02f 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -92,6 +92,19 @@ extern __pure efi_system_table_t *efi_system_table(void); #define EFI_LOCATE_BY_REGISTER_NOTIFY 1 #define EFI_LOCATE_BY_PROTOCOL 2 +/* + * An efi_boot_memmap is used by efi_get_memory_map() to return the + * EFI memory map in a dynamically allocated buffer. + * + * The buffer allocated for the EFI memory map includes extra room for + * a minimum of EFI_MMAP_NR_SLACK_SLOTS additional EFI memory descriptors. + * This facilitates the reuse of the EFI memory map buffer when a second + * call to ExitBootServices() is needed because of intervening changes to + * the EFI memory map. Other related structures, e.g. x86 e820ext, need + * to factor in this headroom requirement as well. + */ +#define EFI_MMAP_NR_SLACK_SLOTS 8 + struct efi_boot_memmap { efi_memory_desc_t **map; unsigned long *map_size; diff --git a/drivers/firmware/efi/libstub/mem.c b/drivers/firmware/efi/libstub/mem.c index 869a79c8946f..09f4fa01914e 100644 --- a/drivers/firmware/efi/libstub/mem.c +++ b/drivers/firmware/efi/libstub/mem.c @@ -5,8 +5,6 @@ #include "efistub.h" -#define EFI_MMAP_NR_SLACK_SLOTS 8 - static inline bool mmap_has_headroom(unsigned long buff_size, unsigned long map_size, unsigned long desc_size) diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index 05ccb229fb45..f0339b5d3658 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -606,24 +606,18 @@ static efi_status_t allocate_e820(struct boot_params *params, struct setup_data **e820ext, u32 *e820ext_size) { - unsigned long map_size, desc_size, buff_size; - struct efi_boot_memmap boot_map; - efi_memory_desc_t *map; + unsigned long map_size, desc_size, map_key; efi_status_t status; - __u32 nr_desc; + __u32 nr_desc, desc_version; - boot_map.map = ↦ - boot_map.map_size = &map_size; - boot_map.desc_size = &desc_size; - boot_map.desc_ver = NULL; - boot_map.key_ptr = NULL; - boot_map.buff_size = &buff_size; + /* Only need the size of the mem map and size of each mem descriptor */ + map_size = 0; + status = efi_bs_call(get_memory_map, &map_size, NULL, &map_key, + &desc_size, &desc_version); + if (status != EFI_BUFFER_TOO_SMALL) + return (status != EFI_SUCCESS) ? status : EFI_UNSUPPORTED; - status = efi_get_memory_map(&boot_map); - if (status != EFI_SUCCESS) - return status; - - nr_desc = buff_size / desc_size; + nr_desc = map_size / desc_size + EFI_MMAP_NR_SLACK_SLOTS; if (nr_desc > ARRAY_SIZE(params->e820_table)) { u32 nr_e820ext = nr_desc - ARRAY_SIZE(params->e820_table); From patchwork Sun May 17 12:57:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206333 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 532F0C433E0 for ; Sun, 17 May 2020 12:58:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 2E0B3204EC for ; Sun, 17 May 2020 12:58:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720335; bh=6E68aEPOceXY2JUM2lcRV5fat0r6tb4MJlYatfkYf+Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=nFbwBc9+3pBlyPfFnRDrBmsRGjB/kRmoKK6dMw2paBVI8ssul6lXPRcu9dTfl9k0a Giz+yL9OOYpH3ajVqs2KhehZBfyvzSd/1vkde12tk1nnOVAtz5if8wWSgiRyHxkGLN dmpyVkDDc7INVx7JxZ/D74Es0CHK5hpuMzo0HGU8= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728079AbgEQM6y (ORCPT ); Sun, 17 May 2020 08:58:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:51868 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728035AbgEQM6y (ORCPT ); Sun, 17 May 2020 08:58:54 -0400 Received: from e123331-lin.nice.arm.com (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id CE478207D4; Sun, 17 May 2020 12:58:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720332; bh=6E68aEPOceXY2JUM2lcRV5fat0r6tb4MJlYatfkYf+Y=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=laqU9gqtBPCstQAPd6rlju5HVorbAE8W/dqgIdLM2JS5SeH9YIH8o9HlceqtZwo5u JYs/MMdlkgD7hZEaC4N0M9/DtJ3XYeFyPhec9A285n3jJUK0kPkULQ11ImNQUkpRDG mmAs2RG3zWCFq7g7hTPWOYdm58sUkzrWe2J3tpRc= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Arvind Sankar , Benjamin Thiel , Borislav Petkov , Dave Young , Heinrich Schuchardt , Javier Martinez Canillas , Jerry Snitselaar , Lenny Szubowicz , linux-acpi@vger.kernel.org, Loic Yhuel , Matthew Garrett , Mike Lothian , Punit Agrawal Subject: [PATCH 5/7] x86/boot: Mark global variables as static Date: Sun, 17 May 2020 14:57:52 +0200 Message-Id: <20200517125754.8934-6-ardb@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200517125754.8934-1-ardb@kernel.org> References: <20200517125754.8934-1-ardb@kernel.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Arvind Sankar Mike Lothian reports that after commit 964124a97b97 ("efi/x86: Remove extra headroom for setup block") gcc 10.1.0 fails with HOSTCC arch/x86/boot/tools/build /usr/lib/gcc/x86_64-pc-linux-gnu/10.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: error: linker defined: multiple definition of '_end' /usr/lib/gcc/x86_64-pc-linux-gnu/10.1.0/../../../../x86_64-pc-linux-gnu/bin/ld: /tmp/ccEkW0jM.o: previous definition here collect2: error: ld returned 1 exit status make[1]: *** [scripts/Makefile.host:103: arch/x86/boot/tools/build] Error 1 make: *** [arch/x86/Makefile:303: bzImage] Error 2 The issue is with the _end variable that was added, to hold the end of the compressed kernel from zoffsets.h (ZO__end). The name clashes with the linker-defined _end symbol that indicates the end of the build program itself. Even when there is no compile-time error, this causes build to use memory past the end of its .bss section. To solve this, mark _end as static, and for symmetry, mark the rest of the variables that keep track of symbols from the compressed kernel as static as well. Fixes: 964124a97b97 ("efi/x86: Remove extra headroom for setup block") Reported-by: Mike Lothian Tested-by: Mike Lothian Signed-off-by: Arvind Sankar Link: https://lore.kernel.org/r/20200511225849.1311869-1-nivedita@alum.mit.edu Signed-off-by: Ard Biesheuvel --- arch/x86/boot/tools/build.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index 8f8c8e386cea..c8b8c1a8d1fc 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -59,14 +59,14 @@ u8 buf[SETUP_SECT_MAX*512]; #define PECOFF_COMPAT_RESERVE 0x0 #endif -unsigned long efi32_stub_entry; -unsigned long efi64_stub_entry; -unsigned long efi_pe_entry; -unsigned long efi32_pe_entry; -unsigned long kernel_info; -unsigned long startup_64; -unsigned long _ehead; -unsigned long _end; +static unsigned long efi32_stub_entry; +static unsigned long efi64_stub_entry; +static unsigned long efi_pe_entry; +static unsigned long efi32_pe_entry; +static unsigned long kernel_info; +static unsigned long startup_64; +static unsigned long _ehead; +static unsigned long _end; /*----------------------------------------------------------------------*/ From patchwork Sun May 17 12:57:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206332 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 16121C433DF for ; Sun, 17 May 2020 12:59:03 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id E5E7620735 for ; Sun, 17 May 2020 12:59:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720342; bh=K4bW9SUbhJFwMKYXQlU1RiO8Sw6g6tGuIMcVLffkWtQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=CFwWtnozajXA5TEyZwoOt0DTdn94LrwRUTp+ZuQXA+vCx7VvntsCKhbd2iW8keN9N ozIx0WALPLAw1vbHa6V3TePIv3ZjfraSWlNNzXs6Ua+2k8SjjvUUXvra/1HWENn/v9 CsMH5iH2GhkWbuPqkMMDc86cDo+8424TLaNFPGdo= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728109AbgEQM7C (ORCPT ); Sun, 17 May 2020 08:59:02 -0400 Received: from mail.kernel.org ([198.145.29.99]:52090 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728035AbgEQM7C (ORCPT ); Sun, 17 May 2020 08:59:02 -0400 Received: from e123331-lin.nice.arm.com (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 57FEC204EC; Sun, 17 May 2020 12:58:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1589720341; bh=K4bW9SUbhJFwMKYXQlU1RiO8Sw6g6tGuIMcVLffkWtQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=18z8pliLqz4DFmOz9J9BnY3COarwmndS4ufpOhNNlGWHJCAL/O4I7tbGdc2Jqp+ZI pgolYbCZG9MVlLz39aLLLZhL+JouD7SH2Ot+n3aAMdbFCzoGMCnYl0bo08ZcGA8dH/ n9BOSSHYbE9UG3DOTmMwS9ZeZ1+iEdFHrtjsW794= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Arvind Sankar , Benjamin Thiel , Borislav Petkov , Dave Young , Heinrich Schuchardt , Javier Martinez Canillas , Jerry Snitselaar , Lenny Szubowicz , linux-acpi@vger.kernel.org, Loic Yhuel , Matthew Garrett , Mike Lothian , Punit Agrawal Subject: [PATCH 7/7] tpm: check event log version before reading final events Date: Sun, 17 May 2020 14:57:54 +0200 Message-Id: <20200517125754.8934-8-ardb@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200517125754.8934-1-ardb@kernel.org> References: <20200517125754.8934-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Loic Yhuel This fixes the boot issues since 5.3 on several Dell models when the TPM is enabled. Depending on the exact grub binary, booting the kernel would freeze early, or just report an error parsing the final events log. We get an event log in the SHA-1 format, which doesn't have a tcg_efi_specid_event_head in the first event, and there is a final events table which doesn't match the crypto agile format. __calc_tpm2_event_size reads bad "count" and "efispecid->num_algs", and either fails, or loops long enough for the machine to be appear frozen. So we now only parse the final events table, which is per the spec always supposed to be in the crypto agile format, when we got a event log in this format. Fixes: c46f3405692de ("tpm: Reserve the TPM final events table") Fixes: 166a2809d65b2 ("tpm: Don't duplicate events from the final event log in the TCG2 log") Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1779611 Signed-off-by: Loïc Yhuel Link: https://lore.kernel.org/r/20200512040113.277768-1-loic.yhuel@gmail.com Reviewed-by: Javier Martinez Canillas Reviewed-by: Jerry Snitselaar Reviewed-by: Matthew Garrett [ardb: warn when final events table is missing or in the wrong format] Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/tpm.c | 5 +++-- drivers/firmware/efi/tpm.c | 5 ++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/efi/libstub/tpm.c b/drivers/firmware/efi/libstub/tpm.c index 1d59e103a2e3..e9a684637b70 100644 --- a/drivers/firmware/efi/libstub/tpm.c +++ b/drivers/firmware/efi/libstub/tpm.c @@ -54,7 +54,7 @@ void efi_retrieve_tpm2_eventlog(void) efi_status_t status; efi_physical_addr_t log_location = 0, log_last_entry = 0; struct linux_efi_tpm_eventlog *log_tbl = NULL; - struct efi_tcg2_final_events_table *final_events_table; + struct efi_tcg2_final_events_table *final_events_table = NULL; unsigned long first_entry_addr, last_entry_addr; size_t log_size, last_entry_size; efi_bool_t truncated; @@ -127,7 +127,8 @@ void efi_retrieve_tpm2_eventlog(void) * Figure out whether any events have already been logged to the * final events structure, and if so how much space they take up */ - final_events_table = get_efi_config_table(LINUX_EFI_TPM_FINAL_LOG_GUID); + if (version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) + final_events_table = get_efi_config_table(LINUX_EFI_TPM_FINAL_LOG_GUID); if (final_events_table && final_events_table->nr_events) { struct tcg_pcr_event2_head *header; int offset; diff --git a/drivers/firmware/efi/tpm.c b/drivers/firmware/efi/tpm.c index 31f9f0e369b9..0543fbf60222 100644 --- a/drivers/firmware/efi/tpm.c +++ b/drivers/firmware/efi/tpm.c @@ -62,8 +62,11 @@ int __init efi_tpm_eventlog_init(void) tbl_size = sizeof(*log_tbl) + log_tbl->size; memblock_reserve(efi.tpm_log, tbl_size); - if (efi.tpm_final_log == EFI_INVALID_TABLE_ADDR) + if (efi.tpm_final_log == EFI_INVALID_TABLE_ADDR || + log_tbl->version != EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) { + pr_warn(FW_BUG "TPM Final Events table missing or invalid\n"); goto out; + } final_tbl = early_memremap(efi.tpm_final_log, sizeof(*final_tbl));