From patchwork Tue Aug 8 08:44:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner X-Patchwork-Id: 132740 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:c44e:0:b0:3f2:4152:657d with SMTP id w14csp2329257vqr; Tue, 8 Aug 2023 11:56:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH97MDmwhgR+GM0VKj58HXdY6+fR2h8rl2rAmX+ufneTusQiqgyaE+Dr34uDkCzK696ATMF X-Received: by 2002:a17:902:ce90:b0:1b8:94e9:e7b0 with SMTP id f16-20020a170902ce9000b001b894e9e7b0mr610815plg.9.1691520997055; Tue, 08 Aug 2023 11:56:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691520997; cv=none; d=google.com; s=arc-20160816; b=hIssoPMxY9Cznywg+Caa+1DzQgvYfQLH6tx5ZRIBOJdEAdcBwQQd2alxZ4cArb3oui iQnxVWn173GcF9++ELXD8psYmsJl6/sqsCEn1KcifuxDEHmIq4du73b11e1Uf88gmOjs JEy96yijGqGotRRc1OoxWMsxpxcuklb/+8z/2vZk3xZ4yW4fa3fvF3zG9G0StJ5OjYsj uCpL/0MlK3cNn/eN6s7vpptUxMJUko7FljcxZLGCloXRKREBjNA73RuiuN+O20296kIi Jg//QHYvEEpNG9vx7C6POmX5H16HUmtaeeeD42JqvZQ1QSmDbYjXq+rEeGv1o3p/FJVR +3rw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:robot-unsubscribe :robot-id:message-id:mime-version:references:in-reply-to:cc:subject :to:reply-to:sender:from:dkim-signature:dkim-signature:date; bh=M0BvrQvqMSSJHj4LC7zMyeoB/NTCNR6U66Wzhqm4D/M=; fh=upm4t26Ojn/J6N+Q9k8Qqzx52VymNDAlYlARzLeNh5s=; b=YeDWr1OE0OIFPPVX5vlA4n8YX/XMnFEJusNAhNQh4HHpc+8UpQeFbgYf2x9KVF1b99 Xvy8CXzDjcNSkndxtPHesDuMZHH3+G3YOGxkM9wJi0LOoYT4ls9AVvkTz/EV9B6E+UJz vMN7YIcKOjeroH34gUDJeLSKmT8guvJcxkWk64xkyJW5G9zF8qv4MUKx2QHfpsVA5oAF ur3F1kFn9hkJYt1IeIRbh/TdSclxmid/n5aiShsKJ3ZJYsFLqLNPX4LxrIw5OJfA0ykC rk3033wy6QwIVIvBtpmXVlRF5pJd0PqgjpyeOFIDMyWaDr92rr5KyjMA/8ZPMW8uIQyw YLIg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=f5pE9sGZ; dkim=neutral (no key) header.i=@linutronix.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e3-20020a17090301c300b001b7f849cd12si7806117plh.81.2023.08.08.11.56.23; Tue, 08 Aug 2023 11:56:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linutronix.de header.s=2020 header.b=f5pE9sGZ; dkim=neutral (no key) header.i=@linutronix.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233088AbjHHQfH (ORCPT + 99 others); Tue, 8 Aug 2023 12:35:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48058 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233056AbjHHQeK (ORCPT ); Tue, 8 Aug 2023 12:34:10 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 461869096; Tue, 8 Aug 2023 08:52:26 -0700 (PDT) Date: Tue, 08 Aug 2023 08:44:00 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1691484240; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=M0BvrQvqMSSJHj4LC7zMyeoB/NTCNR6U66Wzhqm4D/M=; b=f5pE9sGZlytbtraJj8zd82nYJ8nFp0h4xWNsN2eIVrN1Sl9AB0yJ8hFCSYMARfFMigVeZI qzlH0RvgpYLxki3qlgk/Zn0ebu5Im47k8mpSCjoWDzRMYgaey1arxpYRneG/is71S1EQs3 bOST4thZhRnoGSFCdE6E07278dv/QU9klhrC4T01GtNvS3gvbfH+Gy2VLjdMAD+IPSgHFH aPWtV1FaP/5525mLn1B6kgAatYrKYkTsiFsNYLmu1YSeH9mnyrsX7tbWdgyQf1FPNEmpbg IpBKgm81seRWaJsouJVJoSbJ80zvcumHRoWeYXCfsl0a7TagnDfgD817k4Bqtw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1691484240; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=M0BvrQvqMSSJHj4LC7zMyeoB/NTCNR6U66Wzhqm4D/M=; b=X3iWX8SX4DkCUCCAlbLopOZjFDMElh4lxVCWYZZx+1oEvpmwKfvCoyaf1QCUQFUbc8IBy2 w8/XgtdOY/FasTAQ== From: "tip-bot2 for Ard Biesheuvel" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/boot] x86/efistub: Prefer EFI memory attributes protocol over DXE services Cc: Ard Biesheuvel , "Borislav Petkov (AMD)" , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: <20230807162720.545787-18-ardb@kernel.org> References: <20230807162720.545787-18-ardb@kernel.org> MIME-Version: 1.0 Message-ID: <169148424042.27769.129666689958946834.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails X-Spam-Status: No, score=-0.6 required=5.0 tests=BAYES_00,DATE_IN_PAST_06_12, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773590047766457028 X-GMAIL-MSGID: 1773688320840880642 The following commit has been merged into the x86/boot branch of tip: Commit-ID: 11078876b7a6a1b7226344fecab968945c806832 Gitweb: https://git.kernel.org/tip/11078876b7a6a1b7226344fecab968945c806832 Author: Ard Biesheuvel AuthorDate: Mon, 07 Aug 2023 18:27:14 +02:00 Committer: Borislav Petkov (AMD) CommitterDate: Mon, 07 Aug 2023 20:54:15 +02:00 x86/efistub: Prefer EFI memory attributes protocol over DXE services Currently, the EFI stub relies on DXE services in some cases to clear non-execute restrictions from page allocations that need to be executable. This is dodgy, because DXE services are not specified by UEFI but by PI, and they are not intended for consumption by OS loaders. However, no alternative existed at the time. Now, there is a new UEFI protocol that should be used instead, so if it exists, prefer it over the DXE services calls. Signed-off-by: Ard Biesheuvel Signed-off-by: Borislav Petkov (AMD) Link: https://lore.kernel.org/r/20230807162720.545787-18-ardb@kernel.org --- drivers/firmware/efi/libstub/x86-stub.c | 29 +++++++++++++++++------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index af5f506..acb1c65 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -26,6 +26,7 @@ const efi_system_table_t *efi_system_table; const efi_dxe_services_table_t *efi_dxe_table; u32 image_offset __section(".data"); static efi_loaded_image_t *image = NULL; +static efi_memory_attribute_protocol_t *memattr; typedef union sev_memory_acceptance_protocol sev_memory_acceptance_protocol_t; union sev_memory_acceptance_protocol { @@ -233,12 +234,18 @@ void efi_adjust_memory_range_protection(unsigned long start, unsigned long rounded_start, rounded_end; unsigned long unprotect_start, unprotect_size; - if (efi_dxe_table == NULL) - return; - rounded_start = rounddown(start, EFI_PAGE_SIZE); rounded_end = roundup(start + size, EFI_PAGE_SIZE); + if (memattr != NULL) { + efi_call_proto(memattr, clear_memory_attributes, rounded_start, + rounded_end - rounded_start, EFI_MEMORY_XP); + return; + } + + if (efi_dxe_table == NULL) + return; + /* * Don't modify memory region attributes, they are * already suitable, to lower the possibility to @@ -801,6 +808,7 @@ void __noreturn efi_stub_entry(efi_handle_t handle, efi_system_table_t *sys_table_arg, struct boot_params *boot_params) { + efi_guid_t guid = EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID; unsigned long bzimage_addr = (unsigned long)startup_32; unsigned long buffer_start, buffer_end; struct setup_header *hdr = &boot_params->hdr; @@ -812,13 +820,18 @@ void __noreturn efi_stub_entry(efi_handle_t handle, if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE) efi_exit(handle, EFI_INVALID_PARAMETER); - efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID); - if (efi_dxe_table && - efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) { - efi_warn("Ignoring DXE services table: invalid signature\n"); - efi_dxe_table = NULL; + if (IS_ENABLED(CONFIG_EFI_DXE_MEM_ATTRIBUTES)) { + efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID); + if (efi_dxe_table && + efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) { + efi_warn("Ignoring DXE services table: invalid signature\n"); + efi_dxe_table = NULL; + } } + /* grab the memory attributes protocol if it exists */ + efi_bs_call(locate_protocol, &guid, NULL, (void **)&memattr); + status = efi_setup_5level_paging(); if (status != EFI_SUCCESS) { efi_err("efi_setup_5level_paging() failed!\n");