From patchwork Thu Jan 19 19:03:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 45929 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp498803wrn; Thu, 19 Jan 2023 11:11:58 -0800 (PST) X-Google-Smtp-Source: AMrXdXsgOndNC3kyHrqu7+aVqu3IxeNU7+Q/P4hEpySKPvHniKXvQosDJddsHwC41CcLRVorb7JU X-Received: by 2002:a05:6a20:8f21:b0:b5:389e:870e with SMTP id b33-20020a056a208f2100b000b5389e870emr16463998pzk.4.1674155517805; Thu, 19 Jan 2023 11:11:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674155517; cv=none; d=google.com; s=arc-20160816; b=FM05w3P9YhvYQW4EQwjk06k+gkpvdWxJ9LUAwWIUq7XQmwc6Nna9pmC0VXaMEaA5ym PRtPEKGaTCuaQH6NuB8ERLCSv/39pUV9HOuxsDN6XuA6hIkGZUV2zQGed875kga2x+vx 0X+oPABKWjzC7tlJ4hsHtdyJFErO39Wcyvgk2tx3qintCHvIVQylhXAvg4b1YdZBnwBK A+kNqelHmE3nHVp/CYjCVKUhNG6yx36KSUCWoy+tHLKHgru3Ys7vK/0G/e4kHeRs3wjB ajhyS21vP/8CfLkEjjngz8GjIK23kmi+Xe/zxOP4L2oRT/jf8/A4hGMttFh05EuyID4n 9dUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=8PYQybIKzMnd5SaK8XAMo1/w4rYl0IXWtI6aXKByBc0=; b=hB5Dnjzuqv0bFf7QIlu7069W4nUXU0Lrp93UJyxBMA4v06/hXgd6uPpNivwd+Xs7nd +e6p6R3PA2XjKqQOqDpOs2TI040uYDADcVc8mwQS7oKgQ6zE7Fjpo0pSES/86CPo/D3V mw7ygxcdJsq/4OR/PjmHxL5fKhBWkUQxrFhXqhhRcDT6tEcVv2qVkvxm9S8iVeIbzSzG Ipib/1jLEpxG6m4QbDG69xDOw/mDXeLaBTWgFKktTv3GVpeo6I1zhm7qikoabNVRA3Ui 4aJeRxZ16eu+zHcT9WWiVDh3fNIZ/0/a5vQnOg7Jv6+T7CC6NKPeNmVsWRjrcedBMo0V yHYg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=qi7cBv5E; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=CsKXlpUl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a19-20020a656553000000b00439f026cf5dsi37573883pgw.612.2023.01.19.11.11.45; Thu, 19 Jan 2023 11:11:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=qi7cBv5E; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=CsKXlpUl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229954AbjASTG3 (ORCPT + 99 others); Thu, 19 Jan 2023 14:06:29 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48816 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231244AbjASTGC (ORCPT ); Thu, 19 Jan 2023 14:06:02 -0500 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 914539AA9A; Thu, 19 Jan 2023 11:05:13 -0800 (PST) Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.nyi.internal (Postfix) with ESMTP id 5AC755C012C; Thu, 19 Jan 2023 14:04:24 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Thu, 19 Jan 2023 14:04:24 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1674155064; x=1674241464; bh=8PYQybIKzM nd5SaK8XAMo1/w4rYl0IXWtI6aXKByBc0=; b=qi7cBv5E9SIfaud39/XzKFXIxD 5nPPEFnNFTBw7jL7O16ZBFmVHhmhhd8boL2ZbeWGOB4LmkaIgNG8BUs/Q9sSmTp3 4lJu7bOw19nmmHrAm+/qaO2M1qjeP9AWuVBPniwpeFAtgkgprTqsgmL3Bl8zdBZ3 GVMWPkSjy9nCXrEUiXu1igMZLomlw4SqAeJqdXjK99boz3GWqcfgTZSat7txJwRJ U1jmP1pp8yikBTqkfRpTkqxD372hvpmUM8fTD99wBB9QD5dz4fViyRC8yTHqoLMJ x9RIbmtClFTKUeo6wYe1gKPz/cMAXi9AenQgkYYMBIl4MS7RnYKjkQcJbTaw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1674155064; x= 1674241464; bh=8PYQybIKzMnd5SaK8XAMo1/w4rYl0IXWtI6aXKByBc0=; b=C sKXlpUlQAbhoM2+EutaCiLm/EGDsPb83Z41Y+tYAFg8Zk+cr3SHKe9elKRKcjVol E3lUjsbD/trhTbqTh6mzduGHGx8XVc3lgqIgT6QRra2xr/k0Mu8xoFNQshL4j2Ek ajLpvfQn4WIZkZBULzSTJsL8rS02hY/dqndJyc5Fj64HgHBBHvo/fIQzIMS+nKap oK3q39R/B6iMzfps7gySEySpQc2raAceEPniAnP90k1S5n5bATreSgFvaud7h7lb wSsLWuZRRJRURssuaj1S0xwC1dEu9iGGfMb1iYRE8wHPZ3UN5QAj/u+QCGOkVdGT Uc+fMoMn06Soc0Yv50hww== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddutddguddvvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvfevufffkffojghfgggtgfesthekredtredtjeenucfhrhhomhepffgv mhhiucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhih hnghhslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepledukeelleejkeevkeefgefh ffegvdeigeelieegjefffeeiveeivdejgeevteeinecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhn ghhslhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 19 Jan 2023 14:04:23 -0500 (EST) From: Demi Marie Obenour To: Ard Biesheuvel Cc: Demi Marie Obenour , =?utf-8?q?Marek_Marczy?= =?utf-8?q?kowski-G=C3=B3recki?= , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v3 1/5] efi: memmap: Disregard bogus entries instead of returning them Date: Thu, 19 Jan 2023 14:03:56 -0500 Message-Id: X-Mailer: git-send-email 2.39.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1755479295896884481?= X-GMAIL-MSGID: =?utf-8?q?1755479295896884481?= The ESRT code currently contains two consistency checks on the memory descriptor it obtains, but one of them is both incomplete and can only trigger on invalid descriptors. So let's drop these checks, and instead disregard descriptors entirely if the start address is misaligned, or if the number of pages reaches to or beyond the end of the address space. Note that the memory map as a whole could still be inconsistent: multiple entries might cover the same area, or the address could be outside of the addressable PA space, but validating that goes beyond the scope of these helpers. Also note that since the physical address space is never 64-bits wide, a descriptor that includes the last page of memory is not valid. This is fortunate, since it means that a valid physical address will never be an error pointer and that the length of a memory descriptor in bytes will fit in a 64-bit unsigned integer. Co-developed-by: Ard Biesheuvel Signed-off-by: Ard Biesheuvel Signed-off-by: Demi Marie Obenour Tested-by: Marek Marczykowski-Górecki --- drivers/firmware/efi/efi.c | 6 ++++++ drivers/firmware/efi/esrt.c | 9 +-------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index a06decee51e064d78a39752436487279d0660609..780caea594e0ffce30abb69bddcccf3bacf25382 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -474,6 +474,12 @@ int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) u64 size; u64 end; + /* skip bogus entries (including empty ones) */ + if ((md->phys_addr & (EFI_PAGE_SIZE - 1)) || + (md->num_pages <= 0) || + (md->num_pages > (U64_MAX - md->phys_addr) >> EFI_PAGE_SHIFT)) + continue; + size = md->num_pages << EFI_PAGE_SHIFT; end = md->phys_addr + size; if (phys_addr >= md->phys_addr && phys_addr < end) { diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c index 2a2f52b017e736dd995c69e8aeb5fbd7761732e5..fb9fb70e1004132eff50c712c6fca05f7aeb1d57 100644 --- a/drivers/firmware/efi/esrt.c +++ b/drivers/firmware/efi/esrt.c @@ -263,15 +263,8 @@ void __init efi_esrt_init(void) return; } - max = efi_mem_desc_end(&md); - if (max < efi.esrt) { - pr_err("EFI memory descriptor is invalid. (esrt: %p max: %p)\n", - (void *)efi.esrt, (void *)max); - return; - } - + max = efi_mem_desc_end(&md) - efi.esrt; size = sizeof(*esrt); - max -= efi.esrt; if (max < size) { pr_err("ESRT header doesn't fit on single memory map entry. (size: %zu max: %zu)\n", From patchwork Thu Jan 19 19:03:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 45930 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp498900wrn; Thu, 19 Jan 2023 11:12:10 -0800 (PST) X-Google-Smtp-Source: AMrXdXtlRZJqldBtjuleDTpEdvkMOdvy9RKJ1eMdTiAv11ZuL6GKCnGYftNiqP0MND7taXZY3wlL X-Received: by 2002:a17:903:2105:b0:189:e7ea:9ff9 with SMTP id o5-20020a170903210500b00189e7ea9ff9mr11579883ple.42.1674155530538; Thu, 19 Jan 2023 11:12:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674155530; cv=none; d=google.com; s=arc-20160816; b=GilQIS5xd1kZocryGOfIjPPAPhynMyUsOOElvrkmg1Z0vnz74JOzJPEEy1DDiIU3/9 Zk6s5I8f8CTSVZsy65qbt+yjAlgoaam62wpwfcfkCUT8KsogG4YhLsmkg9WdbkujYKNE z8oo8nihWlT0LMQF1jk0uRX8jdTLA1i/auzUJWDmJpo7JZqu3cZC7ESoIMfJ6TNW0jFe pZX+NNcrqPws7NT4a9aDdsci8AePZDTB9UBMLZKjRRd4qaD9RU5nSvdksFojsZ5jPLZY ytqzLSvf0D2iQb1GtwIdt3Hg/0pQup9oiAbRFfRqguwG5S0nj5+5yfuII3ST3rnNrka6 zEwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=JNxIP18FJGMNUYBP65b84d6ync2Tzl5LK9xIO36ews4=; b=aW10TfLX0nmrRLeOPSojruDEA9TP3GJkcNQ6rxPuvnpSkjOTgxwZdJ2yIfnM6Xxz9u RH8bz411wHnnEY6DT2VSCRu0m/kazuwYYrniA3gFOmnl95suxR20jL5o/Iis9DaJfDj5 h/XnntqugP9TESZaTt3DU8o/W7Nl9QtdIo5anRbTNbhiMag0/vhXt9Ck1Sl+pqQvwT97 7kpuUd/yQ+ihKnuVZWPVMNeo9CVd056ewwl4PT5iOa8dZOzYxpHQG6JXfzXUPXcbKG3Y ui4p16+/ggVqNTT/JuLGYy4X99JtDOP5MFzIzSnaftqeTaODU8y4Pp6yr32GjdDK+tKT epSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=V9s7TGR9; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=JyFsovdt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e6-20020a170902b78600b00194a0da96a5si9727426pls.170.2023.01.19.11.11.58; Thu, 19 Jan 2023 11:12:10 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=V9s7TGR9; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=JyFsovdt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229623AbjASTGm (ORCPT + 99 others); Thu, 19 Jan 2023 14:06:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231277AbjASTGG (ORCPT ); Thu, 19 Jan 2023 14:06:06 -0500 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 80BF194326; Thu, 19 Jan 2023 11:05:27 -0800 (PST) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id B288E5C00D8; Thu, 19 Jan 2023 14:04:26 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Thu, 19 Jan 2023 14:04:26 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1674155066; x=1674241466; bh=JNxIP18FJG MNUYBP65b84d6ync2Tzl5LK9xIO36ews4=; b=V9s7TGR9vSl2qHXadvBQ5jANqT YsH5gcQlEJ4qUFFblcTOwTDCkjYBGMTnhzWrvyP4wUxzF9P6ReX071u7Zb48fNln 9F+erC7wwWxgelTnZ45UxgcZXeIT+nRxk0JHttjDPwkpt3l5oqb7nbPi3WYNE/1F yFd76iqa2KtykXVk3IhbB08edyNj7SA1wavzMY3Kwckjvzo+dCdCsMYrcRETWzWE cSw+wqGejNlAcusrsPK1S1xXsN3HhKiXHa7JGxPmHDyruZJibrhV/bXcPk1vUcRe IJcBMsAFnb/w50ABar0rBJv0QFRh4M012F+pACaYSzQi9qNQClxGy7Y0pYFQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1674155066; x= 1674241466; bh=JNxIP18FJGMNUYBP65b84d6ync2Tzl5LK9xIO36ews4=; b=J yFsovdtn/rPqbJClnCW1NgOy8ebOXt8SCkihjpMPPf9x7G9ZOQk+5xgZw8Ebed32 nzn2Izk8PB9HN0hf4zwIiqi3L8W2cRDiYfye1ed8QadLqMbq4eIXkFg+GUJu2DCH Sy9IDdfOM3FgggnNEIOfoe9xdvEEGhcV2ATpZD4y/L/sWF7PYfOeiVohtYaCXR+H Kjm/7xuK3iAe1xGkjKdkqx2O3FkokQw//hA7Q2breO9MP4A8rzxTbopzdY/7GGB2 B/WRxIk2PnP2Q6kaDkwhGeeyEfXf0cZAxobx/IfCGbQeZcd4ws8JRirIv8xHkMXi NWWMcKT0h8WiQfokCsQvQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddutddguddvudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvfevufffkffojghfgggtgfesthekredtredtjeenucfhrhhomhepffgv mhhiucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhih hnghhslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepledukeelleejkeevkeefgefh ffegvdeigeelieegjefffeeiveeivdejgeevteeinecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhn ghhslhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 19 Jan 2023 14:04:25 -0500 (EST) From: Demi Marie Obenour To: Ard Biesheuvel , Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko Cc: Demi Marie Obenour , =?utf-8?q?Marek_Marczy?= =?utf-8?q?kowski-G=C3=B3recki?= , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, xen-devel@lists.xenproject.org Subject: [PATCH v3 2/5] efi: xen: Implement memory descriptor lookup based on hypercall Date: Thu, 19 Jan 2023 14:03:57 -0500 Message-Id: X-Mailer: git-send-email 2.39.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1755479309602819647?= X-GMAIL-MSGID: =?utf-8?q?1755479309602819647?= Xen on x86 boots dom0 in EFI mode but without providing a memory map. This means that some consistency checks we would like to perform on configuration tables or other data structures in memory are not currently possible. Xen does, however, expose EFI memory descriptor info via a Xen hypercall, so let's wire that up instead. It turns out that the returned information is not identical to what Linux's efi_mem_desc_lookup would return: the address returned is the address passed to the hypercall, and the size returned is the number of bytes remaining in the configuration table. However, none of the callers of efi_mem_desc_lookup() currently care about this. In the future, Xen may gain a hypercall that returns the actual start address, which can be used instead. Co-developed-by: Ard Biesheuvel Signed-off-by: Ard Biesheuvel Signed-off-by: Demi Marie Obenour Tested-by: Marek Marczykowski-Górecki --- drivers/firmware/efi/efi.c | 5 ++++- drivers/xen/efi.c | 36 ++++++++++++++++++++++++++++++++++++ include/linux/efi.h | 1 + 3 files changed, 41 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 780caea594e0ffce30abb69bddcccf3bacf25382..bcb848e44e7b1350b10b7c0479c0b38d980fe37d 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -456,7 +456,7 @@ void __init efi_find_mirror(void) * and if so, populate the supplied memory descriptor with the appropriate * data. */ -int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) +int __efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) { efi_memory_desc_t *md; @@ -490,6 +490,9 @@ int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) return -ENOENT; } +extern int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) + __weak __alias(__efi_mem_desc_lookup); + /* * Calculate the highest address of an efi memory descriptor. */ diff --git a/drivers/xen/efi.c b/drivers/xen/efi.c index d1ff2186ebb48a7c0981ecb6d4afcbbb25ffcea0..3c792353b7308f9c2bf0a888eda9f827aa9177f8 100644 --- a/drivers/xen/efi.c +++ b/drivers/xen/efi.c @@ -26,6 +26,7 @@ #include #include +#include #include #include @@ -292,3 +293,38 @@ void __init xen_efi_runtime_setup(void) efi.get_next_high_mono_count = xen_efi_get_next_high_mono_count; efi.reset_system = xen_efi_reset_system; } + +int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) +{ + static_assert(XEN_PAGE_SHIFT == EFI_PAGE_SHIFT, + "Mismatch between EFI_PAGE_SHIFT and XEN_PAGE_SHIFT"); + struct xen_platform_op op; + union xenpf_efi_info *info = &op.u.firmware_info.u.efi_info; + int rc; + + if (!efi_enabled(EFI_PARAVIRT) || efi_enabled(EFI_MEMMAP)) + return __efi_mem_desc_lookup(phys_addr, out_md); + phys_addr &= ~(u64)(EFI_PAGE_SIZE - 1); + op = (struct xen_platform_op) { + .cmd = XENPF_firmware_info, + .u.firmware_info = { + .type = XEN_FW_EFI_INFO, + .index = XEN_FW_EFI_MEM_INFO, + .u.efi_info.mem.addr = phys_addr, + .u.efi_info.mem.size = U64_MAX - phys_addr, + }, + }; + + rc = HYPERVISOR_platform_op(&op); + if (rc) { + pr_warn("Failed to lookup header 0x%llx in Xen memory map: error %d\n", + phys_addr, rc); + } + + out_md->phys_addr = info->mem.addr; + out_md->num_pages = info->mem.size >> EFI_PAGE_SHIFT; + out_md->type = info->mem.type; + out_md->attribute = info->mem.attr; + + return 0; +} diff --git a/include/linux/efi.h b/include/linux/efi.h index f87b2f5db9f83db6f7488648fe99a8f8fc4fdf04..b407a302b730a6cc7481afa0f582360e59faf1e0 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -724,6 +724,7 @@ extern u64 efi_mem_attribute (unsigned long phys_addr, unsigned long size); extern int __init efi_uart_console_only (void); extern u64 efi_mem_desc_end(efi_memory_desc_t *md); extern int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md); +extern int __efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md); extern void efi_mem_reserve(phys_addr_t addr, u64 size); extern int efi_mem_reserve_persistent(phys_addr_t addr, u64 size); extern void efi_initialize_iomem_resources(struct resource *code_resource, From patchwork Thu Jan 19 19:03:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 45928 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp498785wrn; Thu, 19 Jan 2023 11:11:56 -0800 (PST) X-Google-Smtp-Source: AMrXdXtV77YgRMXIoZDVs515lj5C+ZX+JBK7EJoOFBOSvpEcjxMIxc5d3NS/G2ojwbWyGFzzEqKf X-Received: by 2002:a17:902:e88d:b0:194:dd88:ea18 with SMTP id w13-20020a170902e88d00b00194dd88ea18mr1077498plg.29.1674155516118; Thu, 19 Jan 2023 11:11:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674155516; cv=none; d=google.com; s=arc-20160816; b=Af1BtTVfhRBeuZbOYooAEoxb2yeOFhbhDcfNoHZWGb3VuZPVZUx1fZqyjC4lJj7Ar1 Ht2rwZ+6gecrE6b8NFyGGefaQidw9zd9TiTzDdvDZoPjtCvsVaAaPn8ET5WsjhNSPdW9 e+nEVw06zIIdOTiqvxabQbZsE4UMv6iwBC3b8XV8AKPW5wlyI/RlmgkDLvv0GxQMuVhL B28c9y2bp1nOr/qPAzHtJOT94W4CCZ3xOrACWBkiKti1rsmbsbV+4uzmVbjfvEuigaUO GbEJGXy7m4/JBSDY5q+Fb6REpthuSBSrTSLaE1FpdN797YFRujbqvb0ZmPR8T0Srb/JM lOpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=SFELFhRBDGwxzbzozrOmTJ4SoxpryGpr1CzrXd0rbww=; b=e0OvT5SwzGex/v7NuJ667LzinuFfxkvrXTT5e5x0BnaeVqUni0lWCx/o35b3LM3blm mY66VssuvyxDsFXkVmrCrFowaQBpiC0lig1La1TzZc7LmHn9zRiG8u8AphopN2qNn9NN 5gjHA7WtSOzOq9xEWJZa0ynxwWbe3NzpXdpmVsN1vqRh8BZWtohJp0pWrLNXAPpIASYx UIpWXcTjjNSvLdF37JV6qr861ZGGYRYFagk9IzmEv9PBrlF134otHB9vSIJKzWJXe5AU aQt+TpfonX4QcBprsS21iZZ3Uzdb+sHdQD0Wws4VceRL59JqZAyVPePCXSbDN4RYOAwc h/Rg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=dyikPYdT; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=al6RegSq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q16-20020a17090311d000b00188f3bd383csi43028102plh.266.2023.01.19.11.11.44; Thu, 19 Jan 2023 11:11:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=dyikPYdT; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=al6RegSq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229834AbjASTGW (ORCPT + 99 others); Thu, 19 Jan 2023 14:06:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48156 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231241AbjASTGC (ORCPT ); Thu, 19 Jan 2023 14:06:02 -0500 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 92F4C9AA9C; Thu, 19 Jan 2023 11:05:13 -0800 (PST) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id B0BC15C0113; Thu, 19 Jan 2023 14:04:27 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Thu, 19 Jan 2023 14:04:27 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1674155067; x=1674241467; bh=SFELFhRBDG wxzbzozrOmTJ4SoxpryGpr1CzrXd0rbww=; b=dyikPYdTJzsJDOgvNb4fSLgmtt qnJsfvjF/c45Rr4UTsnxxyzyK69GemoA40vz4QqytzeVPkG9oDYl2du1BGRjmFpc XPEJiivlyIq4zuvnu+kLj+45UtBx6LDaDnk+o7jRjzsmZ2YPp7Eowyxyf1qdLoHC 5hEQH164NUO+Yl0ANLWO52jmpC1ohoUtSTH+BSn05+CIhS793scPMOcbzRjS3OS6 izj3OSXzEP0uuFdUQzi5fo4c567VcoRvDIb83wjS8Vu9S6drGXgfnhqEECBzEygm GuUPiWn9fB1spgReRKh+X2fTI+9+oEXdzOPREiKxWYQsADbXepd36tdo2T1Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1674155067; x= 1674241467; bh=SFELFhRBDGwxzbzozrOmTJ4SoxpryGpr1CzrXd0rbww=; b=a l6RegSqim7BFs3FrE6J+49XSBvpNwX107t4zIBAZYjFzk9u+s67kzoA4Bauuo7Ge IIEK16MmU7GO29hW92WRmVMKMhxJxXR/GN5dUo/lOkKUsqT9fQ0OoUOsOiJPSGpc bJLKg3oogEWdQutNk7u7FBaave353Dxka+9g/rxf23+un0kyLOTFk4qqh61iBh1A hanHl0u1JpY+Pkx6rdE4JW/qPuKX2ws2LfEaquCn95HO0K0W1papQ7uUXMRrkHGP Lyc8TmPo9RqiZumXOldUgbDvwsfqjzcIlKhNHVO4RGTk1+ns/Z7npumPRZCbuXPz 8ZdUMHlYEJhttiDx7mFjw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddutddguddvudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvfevufffkffojghfgggtgfesthekredtredtjeenucfhrhhomhepffgv mhhiucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhih hnghhslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepledukeelleejkeevkeefgefh ffegvdeigeelieegjefffeeiveeivdejgeevteeinecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhn ghhslhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 19 Jan 2023 14:04:26 -0500 (EST) From: Demi Marie Obenour To: Ard Biesheuvel , Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko Cc: Demi Marie Obenour , =?utf-8?q?Marek_Marczy?= =?utf-8?q?kowski-G=C3=B3recki?= , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, xen-devel@lists.xenproject.org Subject: [PATCH v3 3/5] efi: Apply allowlist to EFI configuration tables when running under Xen Date: Thu, 19 Jan 2023 14:03:58 -0500 Message-Id: X-Mailer: git-send-email 2.39.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1755479294766856498?= X-GMAIL-MSGID: =?utf-8?q?1755479294766856498?= As it turns out, Xen does not guarantee that EFI boot services data regions in memory are preserved, which means that EFI configuration tables pointing into such memory regions may be corrupted before the dom0 OS has had a chance to inspect them. This is causing problems for Qubes OS when it attempts to perform system firmware updates, which requires that the contents of the EFI System Resource Table are valid when the fwupd userspace program runs. However, other configuration tables such as the memory attributes table or the runtime properties table are equally affected, and so we need a comprehensive workaround that works for any table type. So when running under Xen, check the EFI memory descriptor covering the start of the table, and disregard the table if it does not reside in memory that is preserved by Xen. Co-developed-by: Ard Biesheuvel Signed-off-by: Ard Biesheuvel Signed-off-by: Demi Marie Obenour Tested-by: Marek Marczykowski-Górecki --- drivers/firmware/efi/efi.c | 7 +++++++ drivers/xen/efi.c | 25 +++++++++++++++++++++++++ include/linux/efi.h | 2 ++ 3 files changed, 34 insertions(+) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index bcb848e44e7b1350b10b7c0479c0b38d980fe37d..b49fcde06ca0ff5347047666f38b9309bd9cfe26 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -564,6 +564,13 @@ static __init int match_config_table(const efi_guid_t *guid, for (i = 0; efi_guidcmp(table_types[i].guid, NULL_GUID); i++) { if (!efi_guidcmp(*guid, table_types[i].guid)) { + if (IS_ENABLED(CONFIG_XEN_EFI) && + !xen_efi_config_table_is_usable(guid, table)) { + if (table_types[i].name[0]) + pr_cont("(%s=0x%lx) may have been clobbered by Xen ", + table_types[i].name, table); + return 1; + } *(table_types[i].ptr) = table; if (table_types[i].name[0]) pr_cont("%s=0x%lx ", diff --git a/drivers/xen/efi.c b/drivers/xen/efi.c index 3c792353b7308f9c2bf0a888eda9f827aa9177f8..fb321cd6415a40e8c4d0ad940611adcabe20ab97 100644 --- a/drivers/xen/efi.c +++ b/drivers/xen/efi.c @@ -328,3 +328,28 @@ int efi_mem_desc_lookup(u64 phys_addr, efi_memory_desc_t *out_md) return 0; } + +bool __init xen_efi_config_table_is_usable(const efi_guid_t *guid, + unsigned long table) +{ + efi_memory_desc_t md; + int rc; + + if (!efi_enabled(EFI_PARAVIRT)) + return true; + + rc = efi_mem_desc_lookup(table, &md); + if (rc) + return false; + + switch (md.type) { + case EFI_RUNTIME_SERVICES_CODE: + case EFI_RUNTIME_SERVICES_DATA: + case EFI_ACPI_RECLAIM_MEMORY: + case EFI_ACPI_MEMORY_NVS: + case EFI_RESERVED_TYPE: + return true; + default: + return false; + } +} diff --git a/include/linux/efi.h b/include/linux/efi.h index b407a302b730a6cc7481afa0f582360e59faf1e0..b210b50c4bdedaafcce6f63d44f57ff8329d1cfd 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -1322,4 +1322,6 @@ struct linux_efi_coco_secret_area { /* Header of a populated EFI secret area */ #define EFI_SECRET_TABLE_HEADER_GUID EFI_GUID(0x1e74f542, 0x71dd, 0x4d66, 0x96, 0x3e, 0xef, 0x42, 0x87, 0xff, 0x17, 0x3b) +bool xen_efi_config_table_is_usable(const efi_guid_t *guid, unsigned long table); + #endif /* _LINUX_EFI_H */ From patchwork Thu Jan 19 19:03:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 45931 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp498965wrn; Thu, 19 Jan 2023 11:12:18 -0800 (PST) X-Google-Smtp-Source: AMrXdXutykEHu5ElEB9pM6+Jg5BGk9HvZAgJxIrHGvgHtFRksK+Bov/JPyfM9dD/7LdH87aaoDP1 X-Received: by 2002:a17:902:9a82:b0:18d:d954:5f24 with SMTP id w2-20020a1709029a8200b0018dd9545f24mr12505646plp.6.1674155538280; Thu, 19 Jan 2023 11:12:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674155538; cv=none; d=google.com; s=arc-20160816; b=IK7oDcu/9UbwlSh3hPva9OUL1DuJZB9xjxXNUsmGHIUHs2CipalTarSx1n0RxgLFtg Zsm7jQWwpJrIQG37Wd6xEsrWy9JQLA8Ndhv2wniblGkXT+6DTqYwzEIminEWWr6XYEOj KCf2EjJnGHtNpT1qbron7QIf4jbSVSV/WqV693H2hZwYSHOjNAmKizUueycCz8JObsgo iqudd2z5QAPilBnDm6TXNBCqCsm/O7s7L/6S1B3nv3inHgk/bXgljchjv3ukJOt2nwri 9ujR5nWoVVvjimLhwJv2yH+Y38UjaIq/UYyzaa6SVoZQO1kYhK/nwvMhIic751ulPe6x bVlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=iAve/GqvnoUrklJx76JsPi9tOXPhkOndFsIm/wBRVc0=; b=L0G71+NAfTDcxbBnh98RCiCGcS0U4VLXEirtZzMPF1nY6alKGukx7zQ+54P5P3eaYe XoF6CM+F5v0XfHtTq/vYHVa8DY85+wfAVZ7SJWBqt5T4muk6kV58MeyOrMGiMyqGNrTd /yQCHn5QVnLbH4+hHjL+gCXh/HcwOYKcvofnOnQmv3oN1tokqQhkrWvl/I/h59FGE7zX fhzMgUsSFq+LPMBnrk2veg1Y04CH86PeNmwq1xXdHSw06kIs6QGPLuuVWnX64z8i16Wn pgEsKHOklJGF2bJeKS/8hJtKEXIf4LKcABCl4csHIAmbBbxgvsetKO8DBt3Gh+tUK8Xo HlkA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=B9VLgkfA; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=ZudXHlyl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id q23-20020a170902b11700b001932c1921c4si32588797plr.410.2023.01.19.11.12.06; Thu, 19 Jan 2023 11:12:18 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=B9VLgkfA; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=ZudXHlyl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231276AbjASTGp (ORCPT + 99 others); Thu, 19 Jan 2023 14:06:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48148 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231286AbjASTGH (ORCPT ); Thu, 19 Jan 2023 14:06:07 -0500 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5FA8766033; Thu, 19 Jan 2023 11:05:29 -0800 (PST) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id A24985C0127; Thu, 19 Jan 2023 14:04:28 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Thu, 19 Jan 2023 14:04:28 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1674155068; x=1674241468; bh=iAve/Gqvno UrklJx76JsPi9tOXPhkOndFsIm/wBRVc0=; b=B9VLgkfAr/7249QjOT39QtxfRv APPspvfWvL6fuDe6zW3+pifMYFXwfEI+IGcd6gUisGfx3fFR6zwpKDMaFcGsDYjd E313x+xuAnRGczFIKTKMOChtctBXqmc7KzKo3eKA+re/WmlYCYEzxZMxfdJMugF7 L6E5Oue7bH6z436+4IafefMY9ZYIdXrm0a0pjGxxf0FPEakxFQctWRIES4eWxWu2 Yf1bT/5jTCGixgfl+wcrkXCnFrY+jh+29T2rd3PMNmGcXJAPEtDpj/vYpx7p38Kx Av4Co/J/ZoABgjw6cChO5T5eVpQcHljE6yFPj5cg52HtU5FY7DpLpMkBhwug== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1674155068; x= 1674241468; bh=iAve/GqvnoUrklJx76JsPi9tOXPhkOndFsIm/wBRVc0=; b=Z udXHlylSgOZXsETO57hjNC/qoXFauOzCK1dNKjA2XSqYPrBllsHZT6ntMGWz2V8u BelrZMZiHOMJQ0s3hJEJLbFbg+ykRhWquY4QvBAisG5ELnH/6GAlzN7+u2BVTbjR FbQLjKCRdbVKbpASVWSl/TuT2wrbynC0GVo/e2T6+3ochP6KfXKvdw834ANEN9Xq wCuAdFe0k7K1XJVZSm6u9yL9wmGhdEj6s7F4PIkR3tc3qMjyZFxzQckvE2JnmyCM P7CYrNEsfzLupOPL+ruGD75A8cP8an4BLDTbCfW7i70MXTQ03Q7sxs/OCKAcrkPE yMSHDZ9+TMNlllnRUou0g== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddutddguddvudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvfevufffkffojghfgggtgfesthekredtredtjeenucfhrhhomhepffgv mhhiucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhih hnghhslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepledukeelleejkeevkeefgefh ffegvdeigeelieegjefffeeiveeivdejgeevteeinecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhn ghhslhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 19 Jan 2023 14:04:27 -0500 (EST) From: Demi Marie Obenour To: Ard Biesheuvel , Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko Cc: Demi Marie Obenour , =?utf-8?q?Marek_Marczy?= =?utf-8?q?kowski-G=C3=B3recki?= , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, xen-devel@lists.xenproject.org Subject: [PATCH v3 4/5] efi: Actually enable the ESRT under Xen Date: Thu, 19 Jan 2023 14:03:59 -0500 Message-Id: <26938d59bb398bea7e8f43d03a9c75189fa3b4cc.1669264419.git.demi@invisiblethingslab.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1755479317367358449?= X-GMAIL-MSGID: =?utf-8?q?1755479317367358449?= The ESRT can be parsed if EFI_PARAVIRT is enabled, even if EFI_MEMMAP is not. Also allow the ESRT to be in reclaimable memory, as that is where future Xen versions will put it. Reported-by: Marek Marczykowski-Górecki Signed-off-by: Demi Marie Obenour Tested-by: Marek Marczykowski-Górecki --- drivers/firmware/efi/esrt.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c index fb9fb70e1004132eff50c712c6fca05f7aeb1d57..87729c365be1a804bb84e0b1ab874042848327b4 100644 --- a/drivers/firmware/efi/esrt.c +++ b/drivers/firmware/efi/esrt.c @@ -247,7 +247,7 @@ void __init efi_esrt_init(void) int rc; phys_addr_t end; - if (!efi_enabled(EFI_MEMMAP)) + if (!efi_enabled(EFI_MEMMAP) && !efi_enabled(EFI_PARAVIRT)) return; pr_debug("esrt-init: loading.\n"); @@ -258,7 +258,9 @@ void __init efi_esrt_init(void) if (rc < 0 || (!(md.attribute & EFI_MEMORY_RUNTIME) && md.type != EFI_BOOT_SERVICES_DATA && - md.type != EFI_RUNTIME_SERVICES_DATA)) { + md.type != EFI_RUNTIME_SERVICES_DATA && + md.type != EFI_ACPI_RECLAIM_MEMORY && + md.type != EFI_ACPI_MEMORY_NVS)) { pr_warn("ESRT header is not in the memory map.\n"); return; } From patchwork Thu Jan 19 19:04:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Demi Marie Obenour X-Patchwork-Id: 45933 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp499252wrn; Thu, 19 Jan 2023 11:13:00 -0800 (PST) X-Google-Smtp-Source: AMrXdXsSC5jIomEfCGS97fhBjqlpTnH2VCdZQSkx8kwgi1uf9dC4d3H6OkM2q8hr/o72uxkDJaWG X-Received: by 2002:a17:90a:7347:b0:226:b52e:f1b8 with SMTP id j7-20020a17090a734700b00226b52ef1b8mr12145948pjs.24.1674155579826; Thu, 19 Jan 2023 11:12:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1674155579; cv=none; d=google.com; s=arc-20160816; b=lKPqaKMGl/3bWiy2NRYwAJYPMZ1ZMa1NepVSr41ue2Fq6mmTXERm5ivMXKir5vSGPf ZatX1eKaMuO2aWjPKIEDrm564bRr8C6QbgotfhtXT4k5KujYhagHMIEkHI5N7+HiEH6k skzGvpYbBkgNl7rcG/WHLCo9v5UaGAH5pI6byxUgNWLZ7ELvo7+Ld5S421jM04M9cso4 b71my8/Ky/PZ0F1vvTDhHk3yzpzLTSnIQ1nRqKBVv6TV5FFIxqUofsetjgpE6CBQzCwE 3B95z8SAp5PrIQhJRUUO/i4y55TWvMdbXx7ksk9si1289ziNcTXMYKXTE7wzmbhHHwVZ Oblg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :feedback-id:dkim-signature:dkim-signature; bh=xD2qxTwi/NWHKFJGn9LwYuXdkJ4R6DAu/R1nUg2IBG0=; b=l8i2CQ+8pM0cFfe5G1f6whIo/LzrfwiGkwgsrEQSbXcf7mZ9jt2a7wx1+jm9M8v3PV i0zfd2bWLCa7wnQWX2MeRw0G84n3ZE4oQDPCl/N5dtSLG9nFs4qOpl6NYyxtYLs8Uaf+ onU27o6nFQFDv87Sf/HRbKMN2WxtrJVGZRhfqzyntU+LvrN8cwvs93kxZh0dS4P8kYPl p6gow3mJWOeDkyhIP25eIKe4nmPWskgjo5jNR53dCAOvL9vNZQKfUP8nekPDaEsgbN0R 0JNXIwYSSD3HcBzYYR4csaSrmfFn7ido8UU5tJGEEjtHF0XrYkI7Ogs0Bibk5W3IxPAf /oCQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=ecpOATQX; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=o68ZJd58; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id a2-20020a17090a854200b002263ce0e2b3si101pjw.92.2023.01.19.11.12.46; Thu, 19 Jan 2023 11:12:59 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@invisiblethingslab.com header.s=fm3 header.b=ecpOATQX; dkim=pass header.i=@messagingengine.com header.s=fm3 header.b=o68ZJd58; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231161AbjASTI2 (ORCPT + 99 others); Thu, 19 Jan 2023 14:08:28 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48780 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231222AbjASTHW (ORCPT ); Thu, 19 Jan 2023 14:07:22 -0500 Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2BFFC966D6; Thu, 19 Jan 2023 11:06:31 -0800 (PST) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id AEF315C011B; Thu, 19 Jan 2023 14:04:29 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Thu, 19 Jan 2023 14:04:29 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= invisiblethingslab.com; h=cc:cc:content-transfer-encoding :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1674155069; x=1674241469; bh=xD2qxTwi/N WHKFJGn9LwYuXdkJ4R6DAu/R1nUg2IBG0=; b=ecpOATQXTQt1OzoFqAbAKuwXQ0 P3/N3pE/0VHkO79vVJS3N2J/Rd4OQ2EYsI/8JxXuur6kDGkZ6YVocJ3ySEUWk9sC K3u1L8gMGZBo+8OxBCdShJo0RDA5nrICMOoSEOaa0IxOduZBwf0q3IapL+OfngmB qq68kfN1SIuWl2sPQqLNmvwmLM5M8tKqLAQw1dPgLuhAXER+We9ER2vT/0rFHt6v VPvkPbqobs1C0lFmmpD5kzpb7eKPmgN/VbMHV3WrKL6sYlN6EnWMOoKCcGUnJf3D xIgcJQBzGbgxqP2O6HsGOPlUUUUy8A4uRmxNbK/CJUhgFUalagYHzy6T171A== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1674155069; x= 1674241469; bh=xD2qxTwi/NWHKFJGn9LwYuXdkJ4R6DAu/R1nUg2IBG0=; b=o 68ZJd58KoLnxfMYqNc6GW6TyohkNX2AMV+/mm2cYVWNaKKPdY9GDHZ0q/dF/ON7Q zpIs0v6T4J5JkJ5uH1uv5oqEaQw+leGy9yKPN/xZH2zFKj3Aq/l/+rgq3oi6pZDE sFI3UGAEbys/g6nPMWkE85PsnD0EzDp0coYn/p4D98AyZjySp4PfbCtxDvdHLEQF 47dfxn+ZiV9fqBKYXfpZz/bD310keEUiL0R8An8YPF8pw6MzxLwJQmXx5lQw4TGK PcLN/eD1pFZ6aO724/Kn+u1OjpY+U+8t+ZWykaElOSiHzxTywZuxdSjQzRwrwMvH HAeU5i7XO/EgLLO+/x6aA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedruddutddguddvudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvfevufffkffojghfgggtgfesthekredtredtjeenucfhrhhomhepffgv mhhiucforghrihgvucfqsggvnhhouhhruceouggvmhhisehinhhvihhsihgslhgvthhhih hnghhslhgrsgdrtghomheqnecuggftrfgrthhtvghrnhepledukeelleejkeevkeefgefh ffegvdeigeelieegjefffeeiveeivdejgeevteeinecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomhepuggvmhhisehinhhvihhsihgslhgvthhhihhn ghhslhgrsgdrtghomh X-ME-Proxy: Feedback-ID: iac594737:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 19 Jan 2023 14:04:28 -0500 (EST) From: Demi Marie Obenour To: Ard Biesheuvel , Juergen Gross , Stefano Stabellini , Oleksandr Tyshchenko Cc: Demi Marie Obenour , =?utf-8?q?Marek_Marczy?= =?utf-8?q?kowski-G=C3=B3recki?= , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, xen-devel@lists.xenproject.org Subject: [PATCH v3 5/5] efi: Warn if trying to reserve memory under Xen Date: Thu, 19 Jan 2023 14:04:00 -0500 Message-Id: X-Mailer: git-send-email 2.39.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1755479360913453758?= X-GMAIL-MSGID: =?utf-8?q?1755479360913453758?= Doing so cannot work and should never happen. Signed-off-by: Demi Marie Obenour Tested-by: Marek Marczykowski-Górecki --- drivers/firmware/efi/efi.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index b49fcde06ca0ff5347047666f38b9309bd9cfe26..902f323499d8acc4f2b846a78993eb201448acad 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -519,6 +519,10 @@ void __init __weak efi_arch_mem_reserve(phys_addr_t addr, u64 size) {} */ void __init efi_mem_reserve(phys_addr_t addr, u64 size) { + /* efi_mem_reserve() does not work under Xen */ + if (WARN_ON_ONCE(efi_enabled(EFI_PARAVIRT))) + return; + if (!memblock_is_region_reserved(addr, size)) memblock_reserve(addr, size);