From patchwork Mon Jan 13 17:22:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206624 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D34A8C33CA9 for ; Mon, 13 Jan 2020 17:24:05 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id AAC3321739 for ; Mon, 13 Jan 2020 17:24:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936245; bh=ywnXyYx3AvLj1uPsyuEwdyOKRA+9azpuVDDX701x9FU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=FsQoDlNztoHklbGGoUeooyiCqMlZnq1R8SMmO6k3Lpdksa6PHG6f+arfqvHJQPHec CEn4HqSsDd0zh7sb9U82FMXaF7M3aH4PPVuzqlyXtBP0zSKlfNnUBiMU4QU9SRN2jV tE3KMHHzMcHYXZrrJhu5DS5HlHtZclTi8OD4lvhU= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728804AbgAMRXK (ORCPT ); Mon, 13 Jan 2020 12:23:10 -0500 Received: from mail.kernel.org ([198.145.29.99]:41218 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728512AbgAMRXJ (ORCPT ); Mon, 13 Jan 2020 12:23:09 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id C0C772081E; Mon, 13 Jan 2020 17:23:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936188; bh=ywnXyYx3AvLj1uPsyuEwdyOKRA+9azpuVDDX701x9FU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Sm6BT1QpuPskrUhj/iXXK55XKmolJ7zOspIwbiFCSIX1ypWH0+jE1YjfiCyzhlXHb 5hTWc2SNKNPp9ureteaF+3cXnHSqVxTKjELOeBTepJ7bEhtnpO9qYq3wMhG5BkXyQ6 xeFHG2ackdA5eXgnOoMtBBVBSU0uMq9GPc9eNG6w= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 01/13] efi/libstub/x86: use const attribute for efi_is_64bit() Date: Mon, 13 Jan 2020 18:22:33 +0100 Message-Id: <20200113172245.27925-2-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Reshuffle the x86 stub code a bit so that we can tag the efi_is_64bit() function with the 'const' attribute, which permits the compiler to optimize away any redundant calls. Since we have two different entry points for 32 and 64 bit firmware in the startup code, this also simplifies the C code since we'll enter it with the efi_is64 variable already set. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/eboot.c | 14 ++++++-------- arch/x86/boot/compressed/head_64.S | 7 +++---- arch/x86/include/asm/efi.h | 2 +- 3 files changed, 10 insertions(+), 13 deletions(-) diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c index 4afd29eb5b34..ab3a40283db7 100644 --- a/arch/x86/boot/compressed/eboot.c +++ b/arch/x86/boot/compressed/eboot.c @@ -21,16 +21,18 @@ #include "eboot.h" static efi_system_table_t *sys_table; -static bool efi_is64 = IS_ENABLED(CONFIG_X86_64); +extern const bool efi_is64; __pure efi_system_table_t *efi_system_table(void) { return sys_table; } -__pure bool efi_is_64bit(void) +__attribute_const__ bool efi_is_64bit(void) { - return efi_is64; + if (IS_ENABLED(CONFIG_EFI_MIXED)) + return efi_is64; + return IS_ENABLED(CONFIG_X64_64); } static efi_status_t @@ -710,8 +712,7 @@ static efi_status_t exit_boot(struct boot_params *boot_params, void *handle) */ struct boot_params *efi_main(efi_handle_t handle, efi_system_table_t *sys_table_arg, - struct boot_params *boot_params, - bool is64) + struct boot_params *boot_params) { struct desc_ptr *gdt = NULL; struct setup_header *hdr = &boot_params->hdr; @@ -721,9 +722,6 @@ struct boot_params *efi_main(efi_handle_t handle, sys_table = sys_table_arg; - if (IS_ENABLED(CONFIG_EFI_MIXED)) - efi_is64 = is64; - /* Check if we were booted by the EFI firmware */ if (sys_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) goto fail; diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 44a6bb6964b5..1f1f6c8139b3 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -211,10 +211,9 @@ SYM_FUNC_START(startup_32) movl efi32_boot_args(%ebp), %edi cmp $0, %edi jz 1f - leal handover_entry(%ebp), %eax + leal efi64_stub_entry(%ebp), %eax movl %esi, %edx movl efi32_boot_args+4(%ebp), %esi - movl $0x0, %ecx 1: #endif pushl %eax @@ -242,6 +241,7 @@ SYM_FUNC_START(efi32_stub_entry) movl %ecx, efi32_boot_args(%ebp) movl %edx, efi32_boot_args+4(%ebp) sgdtl efi32_boot_gdt(%ebp) + movb $0, efi_is64(%ebp) /* Disable paging */ movl %cr0, %eax @@ -452,8 +452,6 @@ SYM_CODE_END(startup_64) .org 0x390 SYM_FUNC_START(efi64_stub_entry) SYM_FUNC_START_ALIAS(efi_stub_entry) - movq $1, %rcx -SYM_INNER_LABEL(handover_entry, SYM_L_LOCAL) and $~0xf, %rsp /* realign the stack */ call efi_main movq %rax,%rsi @@ -632,6 +630,7 @@ SYM_DATA_END_LABEL(gdt, SYM_L_LOCAL, gdt_end) #ifdef CONFIG_EFI_MIXED SYM_DATA_LOCAL(efi32_boot_args, .long 0, 0) +SYM_DATA(efi_is64, .byte 1) #endif /* diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h index 383f7a0fc170..0a58468a7203 100644 --- a/arch/x86/include/asm/efi.h +++ b/arch/x86/include/asm/efi.h @@ -221,7 +221,7 @@ efi_status_t efi_set_virtual_address_map(unsigned long memory_map_size, /* arch specific definitions used by the stub code */ -__pure bool efi_is_64bit(void); +__attribute_const__ bool efi_is_64bit(void); static inline bool efi_is_native(void) { From patchwork Mon Jan 13 17:22:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206630 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB9F5C33CA9 for ; Mon, 13 Jan 2020 17:23:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 78F3A222C2 for ; Mon, 13 Jan 2020 17:23:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936193; bh=V8FfWZwqcvkcPv0qLBBwy6zI1GWJXarK+QE6YYnWud0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=YgvsHK7/q1MEIeGmvMLKZWcEE0rOTKCpXmr5yl8I2EvRNlugoBTG1bwsXMfo5v/yn 9RqEPOacx+F2QWFjwSyXrT0kPnxqkbzbk8zWeuH6z1cNGlivydHVWlZa9jxKFMQIGf jon2saQ77k84CjnukkbmXO6p8Tlf6vgbIevZTBDc= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728827AbgAMRXM (ORCPT ); Mon, 13 Jan 2020 12:23:12 -0500 Received: from mail.kernel.org ([198.145.29.99]:41334 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728811AbgAMRXM (ORCPT ); Mon, 13 Jan 2020 12:23:12 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 188C1214AF; Mon, 13 Jan 2020 17:23:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936191; bh=V8FfWZwqcvkcPv0qLBBwy6zI1GWJXarK+QE6YYnWud0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Pv/F55+gtJTUxHqaYX/wT7LaQpEtSKcrnjZ4NTvhMYH4ofzMC0tRAZkQL0EhZrVlg tqypwMAp0v2cN83VqM4MnOH7wLkiVxzVPFnyJSms+F+duplmukubp5W1/HQbJUzjUz xMh3AV5zC/7BaIhbwzZeGbN+rJumQdIc/VbMRwGk= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 02/13] efi/libstub/x86: use mandatory 16-byte stack alignment in mixed mode Date: Mon, 13 Jan 2020 18:22:34 +0100 Message-Id: <20200113172245.27925-3-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Reduce the stack frame of the EFI stub's mixed mode thunk routine by 8 bytes, by moving the GDT and return addresses to EBP and EBX, which we need to preserve anyway, since their top halves will be cleared by the call into 32-bit firmware code. Doing so results in the UEFI code being entered with a 16 byte aligned stack, as mandated by the UEFI spec, fixing the last occurrence in the 64-bit kernel where we violate this requirement. Also, move the saved GDT from a global variable to an unused part of the stack frame, and touch up some other parts of the code. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/efi_thunk_64.S | 46 +++++++------------------ 1 file changed, 13 insertions(+), 33 deletions(-) diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S index d040ff5458e5..8fb7f6799c52 100644 --- a/arch/x86/boot/compressed/efi_thunk_64.S +++ b/arch/x86/boot/compressed/efi_thunk_64.S @@ -27,12 +27,9 @@ SYM_FUNC_START(__efi64_thunk) push %rbp push %rbx - subq $8, %rsp - leaq 1f(%rip), %rax - movl %eax, 4(%rsp) - leaq efi_gdt64(%rip), %rax - movl %eax, (%rsp) - movl %eax, 2(%rax) /* Fixup the gdt base address */ + leaq 1f(%rip), %rbp + leaq efi_gdt64(%rip), %rbx + movl %ebx, 2(%rbx) /* Fixup the gdt base address */ movl %ds, %eax push %rax @@ -48,12 +45,10 @@ SYM_FUNC_START(__efi64_thunk) movl %esi, 0x0(%rsp) movl %edx, 0x4(%rsp) movl %ecx, 0x8(%rsp) - movq %r8, %rsi - movl %esi, 0xc(%rsp) - movq %r9, %rsi - movl %esi, 0x10(%rsp) + movl %r8d, 0xc(%rsp) + movl %r9d, 0x10(%rsp) - sgdt save_gdt(%rip) + sgdt 0x14(%rsp) /* * Switch to gdt with 32-bit segments. This is the firmware GDT @@ -68,11 +63,10 @@ SYM_FUNC_START(__efi64_thunk) pushq %rax lretq -1: addq $32, %rsp +1: lgdt 0x14(%rsp) + addq $32, %rsp movq %rdi, %rax - lgdt save_gdt(%rip) - pop %rbx movl %ebx, %ss pop %rbx @@ -83,15 +77,9 @@ SYM_FUNC_START(__efi64_thunk) /* * Convert 32-bit status code into 64-bit. */ - test %rax, %rax - jz 1f - movl %eax, %ecx - andl $0x0fffffff, %ecx - andl $0xf0000000, %eax - shl $32, %rax - or %rcx, %rax -1: - addq $8, %rsp + roll $1, %eax + rorq $1, %rax + pop %rbx pop %rbp ret @@ -135,9 +123,7 @@ SYM_FUNC_START_LOCAL(efi_enter32) */ cli - movl 56(%esp), %eax - movl %eax, 2(%eax) - lgdtl (%eax) + lgdtl (%ebx) movl %cr4, %eax btsl $(X86_CR4_PAE_BIT), %eax @@ -154,9 +140,8 @@ SYM_FUNC_START_LOCAL(efi_enter32) xorl %eax, %eax lldt %ax - movl 60(%esp), %eax pushl $__KERNEL_CS - pushl %eax + pushl %ebp /* Enable paging */ movl %cr0, %eax @@ -172,11 +157,6 @@ SYM_DATA_START(efi32_boot_gdt) .quad 0 SYM_DATA_END(efi32_boot_gdt) -SYM_DATA_START_LOCAL(save_gdt) - .word 0 - .quad 0 -SYM_DATA_END(save_gdt) - SYM_DATA_START(efi_gdt64) .word efi_gdt64_end - efi_gdt64 .long 0 /* Filled out by user */ From patchwork Mon Jan 13 17:22:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206625 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E14E8C33CAF for ; Mon, 13 Jan 2020 17:24:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B73BF21739 for ; Mon, 13 Jan 2020 17:24:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936240; bh=cg/rGZ6nIeh2leUh4xr8p6ii7cYV/TifdRIjaYF2Fp4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=K72Y8cE/NWQdN79PU7mnACkasQZM1b5W031QHSXYtZ787+0M7dvk2cPdHWh4qfqnb hyJmINIjf5la5pEDMiAtbhEwBl9zfzlpjjkKdlVz05n+lP3Gin1sAO1JKQW5yDvayU Aj2EuJ/QH8/mX9AVPZnX2zvx7dQqRMhgLmtdouFQ= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728853AbgAMRXS (ORCPT ); Mon, 13 Jan 2020 12:23:18 -0500 Received: from mail.kernel.org ([198.145.29.99]:41444 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728833AbgAMRXN (ORCPT ); Mon, 13 Jan 2020 12:23:13 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 658BD21739; Mon, 13 Jan 2020 17:23:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936193; bh=cg/rGZ6nIeh2leUh4xr8p6ii7cYV/TifdRIjaYF2Fp4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=xOq5LAOWRIl553Q0Gav37/vxEKieAlUyNkbOx99PyI0fxTK78htNEUC7HOlIxWAW2 18+UcwM6DGRz4ARZTzyiJ6kGqUHjdHuI+EKQv+HE7OrrWaJCIJyDVI9DadtEAFk33Y H01skN+HlgG5l6BhSLDqv2DnoOeVRmZdIwJFi7rs= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 03/13] efi/libstub/x86: fix unused-variable warning Date: Mon, 13 Jan 2020 18:22:35 +0100 Message-Id: <20200113172245.27925-4-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Arnd Bergmann The only users of these got removed, so they also need to be removed to avoid warnings: arch/x86/boot/compressed/eboot.c: In function 'setup_efi_pci': arch/x86/boot/compressed/eboot.c:117:16: error: unused variable 'nr_pci' [-Werror=unused-variable] unsigned long nr_pci; ^~~~~~ arch/x86/boot/compressed/eboot.c: In function 'setup_uga': arch/x86/boot/compressed/eboot.c:244:16: error: unused variable 'nr_ugas' [-Werror=unused-variable] unsigned long nr_ugas; ^~~~~~~ Fixes: 2732ea0d5c0a ("efi/libstub: Use a helper to iterate over a EFI handle array") Signed-off-by: Arnd Bergmann Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/eboot.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c index ab3a40283db7..82e26d0ff075 100644 --- a/arch/x86/boot/compressed/eboot.c +++ b/arch/x86/boot/compressed/eboot.c @@ -118,7 +118,6 @@ static void setup_efi_pci(struct boot_params *params) void **pci_handle = NULL; efi_guid_t pci_proto = EFI_PCI_IO_PROTOCOL_GUID; unsigned long size = 0; - unsigned long nr_pci; struct setup_data *data; efi_handle_t h; int i; @@ -245,7 +244,6 @@ setup_uga(struct screen_info *si, efi_guid_t *uga_proto, unsigned long size) u32 width, height; void **uga_handle = NULL; efi_uga_draw_protocol_t *uga = NULL, *first_uga; - unsigned long nr_ugas; efi_handle_t handle; int i; From patchwork Mon Jan 13 17:22:38 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206626 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8B61C33CA9 for ; Mon, 13 Jan 2020 17:23:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id BD9AD206DA for ; Mon, 13 Jan 2020 17:23:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936232; bh=MVe9e5VC7SvtShd7dyIhPx2HpG1JLgDlBrxjy8ZUlSk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=C6eVHPq95PNVXcYdY+BQQi6/DV+Xj5byYsTrmRZvzlofxo9jLHErcCLqoKF2jD+CM IRJYRHUpFffH/JjMOahA8rUjPfMH0aG4ECAD3M+bxUhNHnDRycFsMwG/FKv3Utxw1Q Iei4L+ZFg0Olxlh5EIH0bNFVeiUWo74vo/YsQHrs= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728885AbgAMRXY (ORCPT ); Mon, 13 Jan 2020 12:23:24 -0500 Received: from mail.kernel.org ([198.145.29.99]:41888 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728873AbgAMRXU (ORCPT ); Mon, 13 Jan 2020 12:23:20 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5C959214AF; Mon, 13 Jan 2020 17:23:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936200; bh=MVe9e5VC7SvtShd7dyIhPx2HpG1JLgDlBrxjy8ZUlSk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Ac1KvcWjdAcdmg5YbZ+vsNC+isxtg0/6KrqTVTKwCbz+P6pIJNBWaKnGtOzgA3qR4 p9fKwtbtdeNgghon2V3vV0t0zqgPwXm39AC2QjadIAE4RF7DrlYjDdupxMz1W+Hjz6 HHc+PvxprBSZ1piJ+w7HLeCFrI03Y1JudFJdg+HY= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 06/13] efi/x86: avoid RWX mappings for all of DRAM Date: Mon, 13 Jan 2020 18:22:38 +0100 Message-Id: <20200113172245.27925-7-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The EFI code creates RWX mappings for all memory regions that are occupied after the stub completes, and in the mixed mode case, it even creates RWX mappings for all of the remaining DRAM as well. Let's try to avoid this, by setting the NX bit for all memory regions except the ones that are marked as EFI runtime services code [which means text+rodata+data in practice, so we cannot mark them read-only right away]. For cases of buggy firmware where boot services code is called during SetVirtualAddressMap(), map those regions with exec permissions as well - they will be unmapped in efi_free_boot_services(). Signed-off-by: Ard Biesheuvel --- arch/x86/platform/efi/efi_64.c | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c index 6ec58ff60b56..3eb23966e30a 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c @@ -365,10 +365,6 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages) * as trim_bios_range() will reserve the first page and isolate it away * from memory allocators anyway. */ - pf = _PAGE_RW; - if (sev_active()) - pf |= _PAGE_ENC; - if (kernel_map_pages_in_pgd(pgd, 0x0, 0x0, 1, pf)) { pr_err("Failed to create 1:1 mapping for the first page!\n"); return 1; @@ -410,6 +406,22 @@ static void __init __map_region(efi_memory_desc_t *md, u64 va) unsigned long pfn; pgd_t *pgd = efi_mm.pgd; + /* + * EFI_RUNTIME_SERVICES_CODE regions typically cover PE/COFF + * executable images in memory that consist of both R-X and + * RW- sections, so we cannot apply read-only or non-exec + * permissions just yet. However, modern EFI systems provide + * a memory attributes table that describes those sections + * with the appropriate restricted permissions, which are + * applied in efi_runtime_update_mappings() below. All other + * regions can be mapped non-executable at this point, with + * the exception of boot services code regions, but those will + * be unmapped again entirely in efi_free_boot_services(). + */ + if (md->type != EFI_BOOT_SERVICES_CODE && + md->type != EFI_RUNTIME_SERVICES_CODE) + flags |= _PAGE_NX; + if (!(md->attribute & EFI_MEMORY_WB)) flags |= _PAGE_PCD; From patchwork Mon Jan 13 17:22:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206629 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8472C33CAE for ; Mon, 13 Jan 2020 17:23:31 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B3D13206DA for ; Mon, 13 Jan 2020 17:23:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936211; bh=niQyp4EepwCvKwoSufe5yiv+s5x2vxpqwbY5ju16TJg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=j4nSEfwztIgy6YUn0lz8FxQD8GOQYE6fbZBG/0dUfyPmtSk7fpA/LmQ0L4kkZpQMv wwDFacBcZ1miB0fzm428NFnQLYVteW1smJZtlVNtYI0aB+XIE5EAfvMKA6FYFNz1ov 3vVnZPfJ9cH6EfKEQTjfkzAgF9+rtN6S5dHpRGvA= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728909AbgAMRX0 (ORCPT ); Mon, 13 Jan 2020 12:23:26 -0500 Received: from mail.kernel.org ([198.145.29.99]:42168 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728896AbgAMRX0 (ORCPT ); Mon, 13 Jan 2020 12:23:26 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 0A7362081E; Mon, 13 Jan 2020 17:23:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936204; bh=niQyp4EepwCvKwoSufe5yiv+s5x2vxpqwbY5ju16TJg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ihGdTwRnrXKCjNJa1vpmzhFgqBGE410liZy96yELhFVNl0SAKU6zFIe1QYJqOQ4wK 0TCrsVYbBNzL+1l6TiNvNzZ7TJcR16b71tZAxIF8UPqHANh/haWrC9XvhjkTQWSpsf ayz1+HQb5xlpGf0n47ba7hhNHb1I8HQAd+g3EXoA= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 08/13] efi/arm: defer probe of PCIe backed efifb on DT systems Date: Mon, 13 Jan 2020 18:22:40 +0100 Message-Id: <20200113172245.27925-9-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The new of_devlink support breaks PCIe probing on ARM platforms booting via UEFI if the firmware exposes a EFI framebuffer that is backed by a PCI device. The reason is that the probing order gets reversed, resulting in a resource conflict on the framebuffer memory window when the PCIe probes last, causing it to give up entirely. Given that we rely on PCI quirks to deal with EFI framebuffers that get moved around in memory, we cannot simply drop the memory reservation, so instead, let's use the device link infrastructure to register this dependency, and force the probing to occur in the expected order. Co-developed-by: Saravana Kannan Signed-off-by: Saravana Kannan Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/arm-init.c | 107 ++++++++++++++++++++++++++++++-- 1 file changed, 103 insertions(+), 4 deletions(-) diff --git a/drivers/firmware/efi/arm-init.c b/drivers/firmware/efi/arm-init.c index 904fa09e6a6b..d99f5b0c8a09 100644 --- a/drivers/firmware/efi/arm-init.c +++ b/drivers/firmware/efi/arm-init.c @@ -10,10 +10,12 @@ #define pr_fmt(fmt) "efi: " fmt #include +#include #include #include #include #include +#include #include #include #include @@ -276,15 +278,112 @@ void __init efi_init(void) efi_memmap_unmap(); } +static bool efifb_overlaps_pci_range(const struct of_pci_range *range) +{ + u64 fb_base = screen_info.lfb_base; + + if (screen_info.capabilities & VIDEO_CAPABILITY_64BIT_BASE) + fb_base |= (u64)(unsigned long)screen_info.ext_lfb_base << 32; + + return fb_base >= range->cpu_addr && + fb_base < (range->cpu_addr + range->size); +} + +static struct device_node *find_pci_overlap_node(void) +{ + struct device_node *np; + + for_each_node_by_type(np, "pci") { + struct of_pci_range_parser parser; + struct of_pci_range range; + int err; + + err = of_pci_range_parser_init(&parser, np); + if (err) { + pr_warn("of_pci_range_parser_init() failed: %d\n", err); + continue; + } + + for_each_of_pci_range(&parser, &range) + if (efifb_overlaps_pci_range(&range)) + return np; + } + return NULL; +} + +/* + * If the efifb framebuffer is backed by a PCI graphics controller, we have + * to ensure that this relation is expressed using a device link when + * running in DT mode, or the probe order may be reversed, resulting in a + * resource reservation conflict on the memory window that the efifb + * framebuffer steals from the PCIe host bridge. + */ +static int efifb_add_links(const struct fwnode_handle *fwnode, + struct device *dev) +{ + struct device_node *sup_np; + struct device *sup_dev; + + sup_np = find_pci_overlap_node(); + + /* + * If there's no PCI graphics controller backing the efifb, we are + * done here. + */ + if (!sup_np) + return 0; + + sup_dev = get_dev_from_fwnode(&sup_np->fwnode); + of_node_put(sup_np); + + /* + * Return -ENODEV if the PCI graphics controller device hasn't been + * registered yet. This ensures that efifb isn't allowed to probe + * and this function is retried again when new devices are + * registered. + */ + if (!sup_dev) + return -ENODEV; + + /* + * If this fails, retrying this function at a later point won't + * change anything. So, don't return an error after this. + */ + if (!device_link_add(dev, sup_dev, 0)) + dev_warn(dev, "device_link_add() failed\n"); + + put_device(sup_dev); + + return 0; +} + +static const struct fwnode_operations efifb_fwnode_ops = { + .add_links = efifb_add_links, +}; + +static struct fwnode_handle efifb_fwnode = { + .ops = &efifb_fwnode_ops, +}; + static int __init register_gop_device(void) { - void *pd; + struct platform_device *pd; + int err; if (screen_info.orig_video_isVGA != VIDEO_TYPE_EFI) return 0; - pd = platform_device_register_data(NULL, "efi-framebuffer", 0, - &screen_info, sizeof(screen_info)); - return PTR_ERR_OR_ZERO(pd); + pd = platform_device_alloc("efi-framebuffer", 0); + if (!pd) + return -ENOMEM; + + if (IS_ENABLED(CONFIG_PCI)) + pd->dev.fwnode = &efifb_fwnode; + + err = platform_device_add_data(pd, &screen_info, sizeof(screen_info)); + if (err) + return err; + + return platform_device_add(pd); } subsys_initcall(register_gop_device); From patchwork Mon Jan 13 17:22:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206627 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0897CC33CAE for ; Mon, 13 Jan 2020 17:23:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id C43F8206DA for ; Mon, 13 Jan 2020 17:23:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936230; bh=QXAFow90TXpQpVXBYyg/tv1msUu2tgyGsGuZS3NkbQ8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=VzYgAwYWcZaoibeN6sAYn6OQAAC9qt7IrMuHxqsFLOIavLVseeE7NY+56bHU6Czdi UFEG7O5NzzDqCQ/0cL9FbYv0TNPva/Pwc1IjWC1mh52zOH8nOSVV16d0ykCEig9VE8 FjhYAsyKzEqrpNCfyaLzgr7mybfxkklp1LBFpRSs= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728674AbgAMRXq (ORCPT ); Mon, 13 Jan 2020 12:23:46 -0500 Received: from mail.kernel.org ([198.145.29.99]:42610 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728827AbgAMRXd (ORCPT ); Mon, 13 Jan 2020 12:23:33 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id F309821744; Mon, 13 Jan 2020 17:23:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936211; bh=QXAFow90TXpQpVXBYyg/tv1msUu2tgyGsGuZS3NkbQ8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=l/5FDd/njhHGzodo+wIy9gLJhVCfJ4m1olWZ8tDp1OHmun040bC1qcnM4V61WDcJ7 8Fr0bm+H9QdZ2sOVcxllvHCnM9vZy8CHhL/5/iKuxDq6C9n1iLb+zBMCuPwxr+N8WE xbe9mNYD+SqzgYL0UV65IUIYPyEhTy5a/AqYPkgc= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 11/13] efi: Add tracking for dynamically allocated memmaps Date: Mon, 13 Jan 2020 18:22:43 +0100 Message-Id: <20200113172245.27925-12-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Dan Williams In preparation for fixing efi_memmap_alloc() leaks, add support for recording whether the memmap was dynamically allocated from slab, memblock, or is the original physical memmap provided by the platform. Given this tracking is established in efi_memmap_alloc() and needs to be carried to efi_memmap_install(), use 'struct efi_memory_map_data' to convey the flags. Some small cleanups result from this reorganization, specifically the removal of local variables for 'phys' and 'size' that are already tracked in @data. Signed-off-by: Dan Williams Signed-off-by: Ard Biesheuvel --- arch/x86/platform/efi/efi.c | 10 +++++-- arch/x86/platform/efi/quirks.c | 23 +++++++--------- drivers/firmware/efi/fake_mem.c | 14 +++++----- drivers/firmware/efi/memmap.c | 47 ++++++++++++++++++--------------- include/linux/efi.h | 11 +++++--- 5 files changed, 56 insertions(+), 49 deletions(-) diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c index 4e46d2d24352..59f7f6d60cf6 100644 --- a/arch/x86/platform/efi/efi.c +++ b/arch/x86/platform/efi/efi.c @@ -304,10 +304,16 @@ static void __init efi_clean_memmap(void) } if (n_removal > 0) { - u64 size = efi.memmap.nr_map - n_removal; + struct efi_memory_map_data data = { + .phys_map = efi.memmap.phys_map, + .desc_version = efi.memmap.desc_version, + .desc_size = efi.memmap.desc_size, + .size = data.desc_size * (efi.memmap.nr_map - n_removal), + .flags = 0, + }; pr_warn("Removing %d invalid memory map entries.\n", n_removal); - efi_memmap_install(efi.memmap.phys_map, size); + efi_memmap_install(&data); } } diff --git a/arch/x86/platform/efi/quirks.c b/arch/x86/platform/efi/quirks.c index fe46ddf6c761..46807b7606da 100644 --- a/arch/x86/platform/efi/quirks.c +++ b/arch/x86/platform/efi/quirks.c @@ -243,7 +243,7 @@ EXPORT_SYMBOL_GPL(efi_query_variable_store); */ void __init efi_arch_mem_reserve(phys_addr_t addr, u64 size) { - phys_addr_t new_phys, new_size; + struct efi_memory_map_data data = { 0 }; struct efi_mem_range mr; efi_memory_desc_t md; int num_entries; @@ -271,24 +271,21 @@ void __init efi_arch_mem_reserve(phys_addr_t addr, u64 size) num_entries = efi_memmap_split_count(&md, &mr.range); num_entries += efi.memmap.nr_map; - new_size = efi.memmap.desc_size * num_entries; - - new_phys = efi_memmap_alloc(num_entries); - if (!new_phys) { + if (efi_memmap_alloc(num_entries, &data) != 0) { pr_err("Could not allocate boot services memmap\n"); return; } - new = early_memremap(new_phys, new_size); + new = early_memremap(data.phys_map, data.size); if (!new) { pr_err("Failed to map new boot services memmap\n"); return; } efi_memmap_insert(&efi.memmap, new, &mr); - early_memunmap(new, new_size); + early_memunmap(new, data.size); - efi_memmap_install(new_phys, num_entries); + efi_memmap_install(&data); e820__range_update(addr, size, E820_TYPE_RAM, E820_TYPE_RESERVED); e820__update_table(e820_table); } @@ -407,7 +404,7 @@ static void __init efi_unmap_pages(efi_memory_desc_t *md) void __init efi_free_boot_services(void) { - phys_addr_t new_phys, new_size; + struct efi_memory_map_data data = { 0 }; efi_memory_desc_t *md; int num_entries = 0; void *new, *new_md; @@ -462,14 +459,12 @@ void __init efi_free_boot_services(void) if (!num_entries) return; - new_size = efi.memmap.desc_size * num_entries; - new_phys = efi_memmap_alloc(num_entries); - if (!new_phys) { + if (efi_memmap_alloc(num_entries, &data) != 0) { pr_err("Failed to allocate new EFI memmap\n"); return; } - new = memremap(new_phys, new_size, MEMREMAP_WB); + new = memremap(data.phys_map, data.size, MEMREMAP_WB); if (!new) { pr_err("Failed to map new EFI memmap\n"); return; @@ -493,7 +488,7 @@ void __init efi_free_boot_services(void) memunmap(new); - if (efi_memmap_install(new_phys, num_entries)) { + if (efi_memmap_install(&data) != 0) { pr_err("Could not install new EFI memmap\n"); return; } diff --git a/drivers/firmware/efi/fake_mem.c b/drivers/firmware/efi/fake_mem.c index bb9fc70d0cfa..a8d20568d532 100644 --- a/drivers/firmware/efi/fake_mem.c +++ b/drivers/firmware/efi/fake_mem.c @@ -36,9 +36,9 @@ static int __init cmp_fake_mem(const void *x1, const void *x2) void __init efi_fake_memmap(void) { + struct efi_memory_map_data data = { 0 }; int new_nr_map = efi.memmap.nr_map; efi_memory_desc_t *md; - phys_addr_t new_memmap_phy; void *new_memmap; int i; @@ -55,15 +55,13 @@ void __init efi_fake_memmap(void) } /* allocate memory for new EFI memmap */ - new_memmap_phy = efi_memmap_alloc(new_nr_map); - if (!new_memmap_phy) + if (efi_memmap_alloc(new_nr_map, &data) != 0) return; /* create new EFI memmap */ - new_memmap = early_memremap(new_memmap_phy, - efi.memmap.desc_size * new_nr_map); + new_memmap = early_memremap(data.phys_map, data.size); if (!new_memmap) { - memblock_free(new_memmap_phy, efi.memmap.desc_size * new_nr_map); + memblock_free(data.phys_map, data.size); return; } @@ -71,9 +69,9 @@ void __init efi_fake_memmap(void) efi_memmap_insert(&efi.memmap, new_memmap, &efi_fake_mems[i]); /* swap into new EFI memmap */ - early_memunmap(new_memmap, efi.memmap.desc_size * new_nr_map); + early_memunmap(new_memmap, data.size); - efi_memmap_install(new_memmap_phy, new_nr_map); + efi_memmap_install(&data); /* print new EFI memmap */ efi_print_memmap(); diff --git a/drivers/firmware/efi/memmap.c b/drivers/firmware/efi/memmap.c index 4f98eb12c172..04dfa56b994b 100644 --- a/drivers/firmware/efi/memmap.c +++ b/drivers/firmware/efi/memmap.c @@ -32,6 +32,7 @@ static phys_addr_t __init __efi_memmap_alloc_late(unsigned long size) /** * efi_memmap_alloc - Allocate memory for the EFI memory map * @num_entries: Number of entries in the allocated map. + * @data: efi memmap installation parameters * * Depending on whether mm_init() has already been invoked or not, * either memblock or "normal" page allocation is used. @@ -39,14 +40,29 @@ static phys_addr_t __init __efi_memmap_alloc_late(unsigned long size) * Returns the physical address of the allocated memory map on * success, zero on failure. */ -phys_addr_t __init efi_memmap_alloc(unsigned int num_entries) +int __init efi_memmap_alloc(unsigned int num_entries, + struct efi_memory_map_data *data) { - unsigned long size = num_entries * efi.memmap.desc_size; - - if (slab_is_available()) - return __efi_memmap_alloc_late(size); + /* Expect allocation parameters are zero initialized */ + WARN_ON(data->phys_map || data->size); + + data->size = num_entries * efi.memmap.desc_size; + data->desc_version = efi.memmap.desc_version; + data->desc_size = efi.memmap.desc_size; + data->flags &= ~(EFI_MEMMAP_SLAB | EFI_MEMMAP_MEMBLOCK); + data->flags |= efi.memmap.flags & EFI_MEMMAP_LATE; + + if (slab_is_available()) { + data->flags |= EFI_MEMMAP_SLAB; + data->phys_map = __efi_memmap_alloc_late(data->size); + } else { + data->flags |= EFI_MEMMAP_MEMBLOCK; + data->phys_map = __efi_memmap_alloc_early(data->size); + } - return __efi_memmap_alloc_early(size); + if (!data->phys_map) + return -ENOMEM; + return 0; } /** @@ -64,8 +80,7 @@ phys_addr_t __init efi_memmap_alloc(unsigned int num_entries) * * Returns zero on success, a negative error code on failure. */ -static int __init -__efi_memmap_init(struct efi_memory_map_data *data) +static int __init __efi_memmap_init(struct efi_memory_map_data *data) { struct efi_memory_map map; phys_addr_t phys_map; @@ -184,8 +199,7 @@ int __init efi_memmap_init_late(phys_addr_t addr, unsigned long size) /** * efi_memmap_install - Install a new EFI memory map in efi.memmap - * @addr: Physical address of the memory map - * @nr_map: Number of entries in the memory map + * @ctx: map allocation parameters (address, size, flags) * * Unlike efi_memmap_init_*(), this function does not allow the caller * to switch from early to late mappings. It simply uses the existing @@ -193,20 +207,11 @@ int __init efi_memmap_init_late(phys_addr_t addr, unsigned long size) * * Returns zero on success, a negative error code on failure. */ -int __init efi_memmap_install(phys_addr_t addr, unsigned int nr_map) +int __init efi_memmap_install(struct efi_memory_map_data *data) { - struct efi_memory_map_data data; - unsigned long flags; - efi_memmap_unmap(); - data.phys_map = addr; - data.size = efi.memmap.desc_size * nr_map; - data.desc_version = efi.memmap.desc_version; - data.desc_size = efi.memmap.desc_size; - data.flags = efi.memmap.flags & EFI_MEMMAP_LATE; - - return __efi_memmap_init(&data); + return __efi_memmap_init(data); } /** diff --git a/include/linux/efi.h b/include/linux/efi.h index f117d68c314e..adbe421835c1 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -759,8 +759,8 @@ typedef union { /* * Architecture independent structure for describing a memory map for the - * benefit of efi_memmap_init_early(), saving us the need to pass four - * parameters. + * benefit of efi_memmap_init_early(), and for passing context between + * efi_memmap_alloc() and efi_memmap_install(). */ struct efi_memory_map_data { phys_addr_t phys_map; @@ -778,6 +778,8 @@ struct efi_memory_map { unsigned long desc_version; unsigned long desc_size; #define EFI_MEMMAP_LATE (1UL << 0) +#define EFI_MEMMAP_MEMBLOCK (1UL << 1) +#define EFI_MEMMAP_SLAB (1UL << 2) unsigned long flags; }; @@ -972,11 +974,12 @@ static inline efi_status_t efi_query_variable_store(u32 attributes, #endif extern void __iomem *efi_lookup_mapped_addr(u64 phys_addr); -extern phys_addr_t __init efi_memmap_alloc(unsigned int num_entries); +extern int __init efi_memmap_alloc(unsigned int num_entries, + struct efi_memory_map_data *data); extern int __init efi_memmap_init_early(struct efi_memory_map_data *data); extern int __init efi_memmap_init_late(phys_addr_t addr, unsigned long size); extern void __init efi_memmap_unmap(void); -extern int __init efi_memmap_install(phys_addr_t addr, unsigned int nr_map); +extern int __init efi_memmap_install(struct efi_memory_map_data *data); extern int __init efi_memmap_split_count(efi_memory_desc_t *md, struct range *range); extern void __init efi_memmap_insert(struct efi_memory_map *old_memmap, From patchwork Mon Jan 13 17:22:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 206628 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, INCLUDES_PATCH, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6B1B0C33CAE for ; Mon, 13 Jan 2020 17:23:39 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3ED8F214AF for ; Mon, 13 Jan 2020 17:23:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936219; bh=yqJTpElEIc8QobaR9Uk2pT2ef9Mek7Pwo/n6rRWT4jA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=VZQbupyrx0YAFvQcEDgscIxHlWaSiE5qM8rkT7rU6A7fZboGswnyQlr9Q72H6hOX0 HXDi9kDA3vJ0kxzixYNvBlYQBm0SkxD9P+9tG6fEdLbqHS5SviD8MfkYpXw389k3gk 8PqkQYYnVgDcWuuVl8MwGE53rySwYHnfOBNxwBOQ= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728951AbgAMRXi (ORCPT ); Mon, 13 Jan 2020 12:23:38 -0500 Received: from mail.kernel.org ([198.145.29.99]:42924 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728946AbgAMRXh (ORCPT ); Mon, 13 Jan 2020 12:23:37 -0500 Received: from dogfood.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 97FA1206DA; Mon, 13 Jan 2020 17:23:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1578936216; bh=yqJTpElEIc8QobaR9Uk2pT2ef9Mek7Pwo/n6rRWT4jA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Qmq1FoVI08ZLfnqiF3oSV422/cURLUqT2913jMeAoQo3ad60QBEOvWhmXU3xhBQ0v MQMGlvqlPIlEgVnFRLFIbuETXK/zM+sdWj22swh/5CeEinkF245zHzirgsIYlAXvwj uxlS0Z5vGnh7G1O3fumS8AgU2ulP30KVPdFWOtr4= From: Ard Biesheuvel To: linux-efi@vger.kernel.org, Ingo Molnar , Thomas Gleixner Cc: Ard Biesheuvel , linux-kernel@vger.kernel.org, Anshuman Khandual , Arnd Bergmann , Dan Williams , Dave Young , Saravana Kannan Subject: [PATCH 13/13] efi: Fix handling of multiple efi_fake_mem= entries Date: Mon, 13 Jan 2020 18:22:45 +0100 Message-Id: <20200113172245.27925-14-ardb@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200113172245.27925-1-ardb@kernel.org> References: <20200113172245.27925-1-ardb@kernel.org> MIME-Version: 1.0 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Dan Williams Dave noticed that when specifying multiple efi_fake_mem= entries only the last entry was successfully being reflected in the efi memory map. This is due to the fact that the efi_memmap_insert() is being called multiple times, but on successive invocations the insertion should be applied to the last new memmap rather than the original map at efi_fake_memmap() entry. Rework efi_fake_memmap() to install the new memory map after each efi_fake_mem= entry is parsed. This also fixes an issue in efi_fake_memmap() that caused it to litter emtpy entries into the end of the efi memory map. An empty entry causes efi_memmap_insert() to attempt more memmap splits / copies than efi_memmap_split_count() accounted for when sizing the new map. When that happens efi_memmap_insert() may overrun its allocation, and if you are lucky will spill over to an unmapped page leading to crash signature like the following rather than silent corruption: BUG: unable to handle page fault for address: ffffffffff281000 [..] RIP: 0010:efi_memmap_insert+0x11d/0x191 [..] Call Trace: ? bgrt_init+0xbe/0xbe ? efi_arch_mem_reserve+0x1cb/0x228 ? acpi_parse_bgrt+0xa/0xd ? acpi_table_parse+0x86/0xb8 ? acpi_boot_init+0x494/0x4e3 ? acpi_parse_x2apic+0x87/0x87 ? setup_acpi_sci+0xa2/0xa2 ? setup_arch+0x8db/0x9e1 ? start_kernel+0x6a/0x547 ? secondary_startup_64+0xb6/0xc0 Commit af1648984828 "x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage" introduced more occurrences where efi_memmap_insert() is invoked after an efi_fake_mem= configuration has been parsed. Previously the side effects of vestigial empty entries were benign, but with commit af1648984828 that follow-on efi_memmap_insert() invocation triggers efi_memmap_insert() overruns. Link: https://lore.kernel.org/r/20191231014630.GA24942@dhcp-128-65.nay.redhat.com Reported-by: Dave Young Signed-off-by: Dan Williams Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/fake_mem.c | 31 ++++++++++++++++--------------- drivers/firmware/efi/memmap.c | 2 +- include/linux/efi.h | 2 ++ 3 files changed, 19 insertions(+), 16 deletions(-) diff --git a/drivers/firmware/efi/fake_mem.c b/drivers/firmware/efi/fake_mem.c index a8d20568d532..6e0f34a38171 100644 --- a/drivers/firmware/efi/fake_mem.c +++ b/drivers/firmware/efi/fake_mem.c @@ -34,25 +34,16 @@ static int __init cmp_fake_mem(const void *x1, const void *x2) return 0; } -void __init efi_fake_memmap(void) +static void __init efi_fake_range(struct efi_mem_range *efi_range) { struct efi_memory_map_data data = { 0 }; int new_nr_map = efi.memmap.nr_map; efi_memory_desc_t *md; void *new_memmap; - int i; - - if (!efi_enabled(EFI_MEMMAP) || !nr_fake_mem) - return; /* count up the number of EFI memory descriptor */ - for (i = 0; i < nr_fake_mem; i++) { - for_each_efi_memory_desc(md) { - struct range *r = &efi_fake_mems[i].range; - - new_nr_map += efi_memmap_split_count(md, r); - } - } + for_each_efi_memory_desc(md) + new_nr_map += efi_memmap_split_count(md, &efi_range->range); /* allocate memory for new EFI memmap */ if (efi_memmap_alloc(new_nr_map, &data) != 0) @@ -61,17 +52,27 @@ void __init efi_fake_memmap(void) /* create new EFI memmap */ new_memmap = early_memremap(data.phys_map, data.size); if (!new_memmap) { - memblock_free(data.phys_map, data.size); + __efi_memmap_free(data.phys_map, data.size, data.flags); return; } - for (i = 0; i < nr_fake_mem; i++) - efi_memmap_insert(&efi.memmap, new_memmap, &efi_fake_mems[i]); + efi_memmap_insert(&efi.memmap, new_memmap, efi_range); /* swap into new EFI memmap */ early_memunmap(new_memmap, data.size); efi_memmap_install(&data); +} + +void __init efi_fake_memmap(void) +{ + int i; + + if (!efi_enabled(EFI_MEMMAP) || !nr_fake_mem) + return; + + for (i = 0; i < nr_fake_mem; i++) + efi_fake_range(&efi_fake_mems[i]); /* print new EFI memmap */ efi_print_memmap(); diff --git a/drivers/firmware/efi/memmap.c b/drivers/firmware/efi/memmap.c index 501672166502..2ff1883dc788 100644 --- a/drivers/firmware/efi/memmap.c +++ b/drivers/firmware/efi/memmap.c @@ -29,7 +29,7 @@ static phys_addr_t __init __efi_memmap_alloc_late(unsigned long size) return PFN_PHYS(page_to_pfn(p)); } -static void __init __efi_memmap_free(u64 phys, unsigned long size, unsigned long flags) +void __init __efi_memmap_free(u64 phys, unsigned long size, unsigned long flags) { if (flags & EFI_MEMMAP_MEMBLOCK) { if (slab_is_available()) diff --git a/include/linux/efi.h b/include/linux/efi.h index adbe421835c1..7efd7072cca5 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -976,6 +976,8 @@ extern void __iomem *efi_lookup_mapped_addr(u64 phys_addr); extern int __init efi_memmap_alloc(unsigned int num_entries, struct efi_memory_map_data *data); +extern void __efi_memmap_free(u64 phys, unsigned long size, + unsigned long flags); extern int __init efi_memmap_init_early(struct efi_memory_map_data *data); extern int __init efi_memmap_init_late(phys_addr_t addr, unsigned long size); extern void __init efi_memmap_unmap(void);