tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'efi-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull EFI fixes from Thomas Gleixner:

- Enforce NX on RO data in mixed EFI mode

- Destroy workqueue in an error handling path to prevent UAF

- Stop argument parser at '--' which is the delimiter for init

- Treat a NULL command line pointer as empty instead of dereferncing it
unconditionally.

- Handle an unterminated command line correctly

- Cleanup the 32bit code leftovers and remove obsolete documentation

* tag 'efi-urgent-2020-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
Documentation: efi: remove description of efi=old_map
efi/x86: Move 32-bit code into efi_32.c
efi/libstub: Handle unterminated cmdline
efi/libstub: Handle NULL cmdline
efi/libstub: Stop parsing arguments at "--"
efi: add missed destroy_workqueue when efisubsys_init fails
efi/x86: Mark kernel rodata non-executable for mixed mode

Linus Torvalds 10c091b6 e99b2507

+52 -92
+1 -4
Documentation/admin-guide/kernel-parameters.txt
··· 1233 1233 efi= [EFI] 1234 1234 Format: { "debug", "disable_early_pci_dma", 1235 1235 "nochunk", "noruntime", "nosoftreserve", 1236 - "novamap", "no_disable_early_pci_dma", 1237 - "old_map" } 1236 + "novamap", "no_disable_early_pci_dma" } 1238 1237 debug: enable misc debug output. 1239 1238 disable_early_pci_dma: disable the busmaster bit on all 1240 1239 PCI bridges while in the EFI boot stub. ··· 1250 1251 novamap: do not call SetVirtualAddressMap(). 1251 1252 no_disable_early_pci_dma: Leave the busmaster bit set 1252 1253 on all PCI bridges while in the EFI boot stub 1253 - old_map [X86-64]: switch to the old ioremap-based EFI 1254 - runtime services mapping. [Needs CONFIG_X86_UV=y] 1255 1254 1256 1255 efi_no_storage_paranoia [EFI; X86] 1257 1256 Using this parameter you can use more than 50% of
-10
arch/x86/include/asm/efi.h
··· 81 81 kernel_fpu_end(); \ 82 82 }) 83 83 84 - 85 84 #define arch_efi_call_virt(p, f, args...) p->f(args) 86 - 87 - #define efi_ioremap(addr, size, type, attr) ioremap_cache(addr, size) 88 85 89 86 #else /* !CONFIG_X86_32 */ 90 87 ··· 122 125 kernel_fpu_end(); \ 123 126 }) 124 127 125 - extern void __iomem *__init efi_ioremap(unsigned long addr, unsigned long size, 126 - u32 type, u64 attribute); 127 - 128 128 #ifdef CONFIG_KASAN 129 129 /* 130 130 * CONFIG_KASAN may redefine memset to __memset. __memset function is present ··· 137 143 #endif /* CONFIG_X86_32 */ 138 144 139 145 extern struct efi_scratch efi_scratch; 140 - extern void __init efi_set_executable(efi_memory_desc_t *md, bool executable); 141 146 extern int __init efi_memblock_x86_reserve_range(void); 142 147 extern void __init efi_print_memmap(void); 143 - extern void __init efi_memory_uc(u64 addr, unsigned long size); 144 148 extern void __init efi_map_region(efi_memory_desc_t *md); 145 149 extern void __init efi_map_region_fixed(efi_memory_desc_t *md); 146 150 extern void efi_sync_low_kernel_mappings(void); 147 151 extern int __init efi_alloc_page_tables(void); 148 152 extern int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages); 149 - extern void __init old_map_region(efi_memory_desc_t *md); 150 - extern void __init runtime_code_page_mkexec(void); 151 153 extern void __init efi_runtime_update_mappings(void); 152 154 extern void __init efi_dump_pagetable(void); 153 155 extern void __init efi_apply_memmap_quirks(void);
-69
arch/x86/platform/efi/efi.c
··· 49 49 #include <asm/efi.h> 50 50 #include <asm/e820/api.h> 51 51 #include <asm/time.h> 52 - #include <asm/set_memory.h> 53 52 #include <asm/tlbflush.h> 54 53 #include <asm/x86_init.h> 55 54 #include <asm/uv/uv.h> ··· 494 495 if (efi_enabled(EFI_DBG)) 495 496 efi_print_memmap(); 496 497 } 497 - 498 - #if defined(CONFIG_X86_32) 499 - 500 - void __init efi_set_executable(efi_memory_desc_t *md, bool executable) 501 - { 502 - u64 addr, npages; 503 - 504 - addr = md->virt_addr; 505 - npages = md->num_pages; 506 - 507 - memrange_efi_to_native(&addr, &npages); 508 - 509 - if (executable) 510 - set_memory_x(addr, npages); 511 - else 512 - set_memory_nx(addr, npages); 513 - } 514 - 515 - void __init runtime_code_page_mkexec(void) 516 - { 517 - efi_memory_desc_t *md; 518 - 519 - /* Make EFI runtime service code area executable */ 520 - for_each_efi_memory_desc(md) { 521 - if (md->type != EFI_RUNTIME_SERVICES_CODE) 522 - continue; 523 - 524 - efi_set_executable(md, true); 525 - } 526 - } 527 - 528 - void __init efi_memory_uc(u64 addr, unsigned long size) 529 - { 530 - unsigned long page_shift = 1UL << EFI_PAGE_SHIFT; 531 - u64 npages; 532 - 533 - npages = round_up(size, page_shift) / page_shift; 534 - memrange_efi_to_native(&addr, &npages); 535 - set_memory_uc(addr, npages); 536 - } 537 - 538 - void __init old_map_region(efi_memory_desc_t *md) 539 - { 540 - u64 start_pfn, end_pfn, end; 541 - unsigned long size; 542 - void *va; 543 - 544 - start_pfn = PFN_DOWN(md->phys_addr); 545 - size = md->num_pages << PAGE_SHIFT; 546 - end = md->phys_addr + size; 547 - end_pfn = PFN_UP(end); 548 - 549 - if (pfn_range_is_mapped(start_pfn, end_pfn)) { 550 - va = __va(md->phys_addr); 551 - 552 - if (!(md->attribute & EFI_MEMORY_WB)) 553 - efi_memory_uc((u64)(unsigned long)va, size); 554 - } else 555 - va = efi_ioremap(md->phys_addr, size, 556 - md->type, md->attribute); 557 - 558 - md->virt_addr = (u64) (unsigned long) va; 559 - if (!va) 560 - pr_err("ioremap of 0x%llX failed!\n", 561 - (unsigned long long)md->phys_addr); 562 - } 563 - 564 - #endif 565 498 566 499 /* Merge contiguous regions of the same type and attribute */ 567 500 static void __init efi_merge_regions(void)
+37 -7
arch/x86/platform/efi/efi_32.c
··· 29 29 #include <asm/io.h> 30 30 #include <asm/desc.h> 31 31 #include <asm/page.h> 32 + #include <asm/set_memory.h> 32 33 #include <asm/tlbflush.h> 33 34 #include <asm/efi.h> 35 + 36 + void __init efi_map_region(efi_memory_desc_t *md) 37 + { 38 + u64 start_pfn, end_pfn, end; 39 + unsigned long size; 40 + void *va; 41 + 42 + start_pfn = PFN_DOWN(md->phys_addr); 43 + size = md->num_pages << PAGE_SHIFT; 44 + end = md->phys_addr + size; 45 + end_pfn = PFN_UP(end); 46 + 47 + if (pfn_range_is_mapped(start_pfn, end_pfn)) { 48 + va = __va(md->phys_addr); 49 + 50 + if (!(md->attribute & EFI_MEMORY_WB)) 51 + set_memory_uc((unsigned long)va, md->num_pages); 52 + } else { 53 + va = ioremap_cache(md->phys_addr, size); 54 + } 55 + 56 + md->virt_addr = (unsigned long)va; 57 + if (!va) 58 + pr_err("ioremap of 0x%llX failed!\n", md->phys_addr); 59 + } 34 60 35 61 /* 36 62 * To make EFI call EFI runtime service in physical addressing mode we need ··· 82 56 int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages) 83 57 { 84 58 return 0; 85 - } 86 - 87 - void __init efi_map_region(efi_memory_desc_t *md) 88 - { 89 - old_map_region(md); 90 59 } 91 60 92 61 void __init efi_map_region_fixed(efi_memory_desc_t *md) {} ··· 128 107 129 108 void __init efi_runtime_update_mappings(void) 130 109 { 131 - if (__supported_pte_mask & _PAGE_NX) 132 - runtime_code_page_mkexec(); 110 + if (__supported_pte_mask & _PAGE_NX) { 111 + efi_memory_desc_t *md; 112 + 113 + /* Make EFI runtime service code area executable */ 114 + for_each_efi_memory_desc(md) { 115 + if (md->type != EFI_RUNTIME_SERVICES_CODE) 116 + continue; 117 + 118 + set_memory_x(md->virt_addr, md->num_pages); 119 + } 120 + } 133 121 }
+2
arch/x86/platform/efi/efi_64.c
··· 259 259 npages = (__end_rodata - __start_rodata) >> PAGE_SHIFT; 260 260 rodata = __pa(__start_rodata); 261 261 pfn = rodata >> PAGE_SHIFT; 262 + 263 + pf = _PAGE_NX | _PAGE_ENC; 262 264 if (kernel_map_pages_in_pgd(pgd, pfn, rodata, npages, pf)) { 263 265 pr_err("Failed to map kernel rodata 1:1\n"); 264 266 return 1;
+2
drivers/firmware/efi/efi.c
··· 381 381 efi_kobj = kobject_create_and_add("efi", firmware_kobj); 382 382 if (!efi_kobj) { 383 383 pr_err("efi: Firmware registration failed.\n"); 384 + destroy_workqueue(efi_rts_wq); 384 385 return -ENOMEM; 385 386 } 386 387 ··· 425 424 generic_ops_unregister(); 426 425 err_put: 427 426 kobject_put(efi_kobj); 427 + destroy_workqueue(efi_rts_wq); 428 428 return error; 429 429 } 430 430
+10 -2
drivers/firmware/efi/libstub/efi-stub-helper.c
··· 187 187 */ 188 188 efi_status_t efi_parse_options(char const *cmdline) 189 189 { 190 - size_t len = strlen(cmdline) + 1; 190 + size_t len; 191 191 efi_status_t status; 192 192 char *str, *buf; 193 193 194 + if (!cmdline) 195 + return EFI_SUCCESS; 196 + 197 + len = strnlen(cmdline, COMMAND_LINE_SIZE - 1) + 1; 194 198 status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, len, (void **)&buf); 195 199 if (status != EFI_SUCCESS) 196 200 return status; 197 201 198 - str = skip_spaces(memcpy(buf, cmdline, len)); 202 + memcpy(buf, cmdline, len - 1); 203 + buf[len - 1] = '\0'; 204 + str = skip_spaces(buf); 199 205 200 206 while (*str) { 201 207 char *param, *val; 202 208 203 209 str = next_arg(str, &param, &val); 210 + if (!val && !strcmp(param, "--")) 211 + break; 204 212 205 213 if (!strcmp(param, "nokaslr")) { 206 214 efi_nokaslr = true;