diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2021-02-20 19:09:26 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2021-02-20 19:09:26 -0800 |
commit | 70cd33d34c6026cbc2efb172f8063fccb2ebeb9a (patch) | |
tree | 16c5f5a4d9c9066985977f6ed58fac61db2a158e | |
parent | 3e89c7ea7a828fec5694101e0f0ff7240e634470 (diff) | |
parent | 1c761ee9da1ac6ba7e40d14457fac94c87eaff35 (diff) |
Merge tag 'efi-next-for-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull EFI updates from Ard Biesheuvel via Borislav Petkov:
"A few cleanups left and right, some of which were part of a initrd
measured boot series that needs some more work, and so only the
cleanup patches have been included for this release"
* tag 'efi-next-for-v5.12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
efi/arm64: Update debug prints to reflect other entropy sources
efi: x86: clean up previous struct mm switching
efi: x86: move mixed mode stack PA variable out of 'efi_scratch'
efi/libstub: move TPM related prototypes into efistub.h
efi/libstub: fix prototype of efi_tcg2_protocol::get_event_log()
efi/libstub: whitespace cleanup
efi: ia64: move IA64-only declarations to new asm/efi.h header
-rw-r--r-- | arch/ia64/include/asm/efi.h | 13 | ||||
-rw-r--r-- | arch/ia64/kernel/efi.c | 1 | ||||
-rw-r--r-- | arch/ia64/kernel/machine_kexec.c | 1 | ||||
-rw-r--r-- | arch/ia64/kernel/mca.c | 1 | ||||
-rw-r--r-- | arch/ia64/kernel/smpboot.c | 1 | ||||
-rw-r--r-- | arch/ia64/kernel/time.c | 1 | ||||
-rw-r--r-- | arch/ia64/kernel/uncached.c | 4 | ||||
-rw-r--r-- | arch/ia64/mm/contig.c | 1 | ||||
-rw-r--r-- | arch/ia64/mm/discontig.c | 1 | ||||
-rw-r--r-- | arch/ia64/mm/init.c | 1 | ||||
-rw-r--r-- | arch/x86/include/asm/efi.h | 20 | ||||
-rw-r--r-- | arch/x86/platform/efi/efi_64.c | 29 | ||||
-rw-r--r-- | arch/x86/platform/efi/efi_thunk_64.S | 6 | ||||
-rw-r--r-- | drivers/firmware/efi/libstub/arm64-stub.c | 4 | ||||
-rw-r--r-- | drivers/firmware/efi/libstub/efistub.h | 11 | ||||
-rw-r--r-- | include/linux/efi.h | 19 |
16 files changed, 63 insertions, 51 deletions
diff --git a/arch/ia64/include/asm/efi.h b/arch/ia64/include/asm/efi.h new file mode 100644 index 000000000000..6a4a50d8f19a --- /dev/null +++ b/arch/ia64/include/asm/efi.h @@ -0,0 +1,13 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +#ifndef _ASM_EFI_H +#define _ASM_EFI_H + +typedef int (*efi_freemem_callback_t) (u64 start, u64 end, void *arg); + +void *efi_get_pal_addr(void); +void efi_map_pal_code(void); +void efi_memmap_walk(efi_freemem_callback_t, void *); +void efi_memmap_walk_uc(efi_freemem_callback_t, void *); +void efi_gettimeofday(struct timespec64 *ts); + +#endif diff --git a/arch/ia64/kernel/efi.c b/arch/ia64/kernel/efi.c index f932b25fb817..dd7fd750bb93 100644 --- a/arch/ia64/kernel/efi.c +++ b/arch/ia64/kernel/efi.c @@ -34,6 +34,7 @@ #include <linux/kexec.h> #include <linux/mm.h> +#include <asm/efi.h> #include <asm/io.h> #include <asm/kregs.h> #include <asm/meminit.h> diff --git a/arch/ia64/kernel/machine_kexec.c b/arch/ia64/kernel/machine_kexec.c index efc9b568401c..af310dc8a356 100644 --- a/arch/ia64/kernel/machine_kexec.c +++ b/arch/ia64/kernel/machine_kexec.c @@ -16,6 +16,7 @@ #include <linux/numa.h> #include <linux/mmzone.h> +#include <asm/efi.h> #include <asm/numa.h> #include <asm/mmu_context.h> #include <asm/setup.h> diff --git a/arch/ia64/kernel/mca.c b/arch/ia64/kernel/mca.c index 2703f7795672..0fea266b4d39 100644 --- a/arch/ia64/kernel/mca.c +++ b/arch/ia64/kernel/mca.c @@ -91,6 +91,7 @@ #include <linux/gfp.h> #include <asm/delay.h> +#include <asm/efi.h> #include <asm/meminit.h> #include <asm/page.h> #include <asm/ptrace.h> diff --git a/arch/ia64/kernel/smpboot.c b/arch/ia64/kernel/smpboot.c index 093040f7e626..49b488580939 100644 --- a/arch/ia64/kernel/smpboot.c +++ b/arch/ia64/kernel/smpboot.c @@ -45,6 +45,7 @@ #include <asm/cache.h> #include <asm/current.h> #include <asm/delay.h> +#include <asm/efi.h> #include <asm/io.h> #include <asm/irq.h> #include <asm/mca.h> diff --git a/arch/ia64/kernel/time.c b/arch/ia64/kernel/time.c index 43e8050145be..fa9c0ab8c6fc 100644 --- a/arch/ia64/kernel/time.c +++ b/arch/ia64/kernel/time.c @@ -26,6 +26,7 @@ #include <linux/sched/cputime.h> #include <asm/delay.h> +#include <asm/efi.h> #include <asm/hw_irq.h> #include <asm/ptrace.h> #include <asm/sal.h> diff --git a/arch/ia64/kernel/uncached.c b/arch/ia64/kernel/uncached.c index 0750f367837d..51883a66aeb5 100644 --- a/arch/ia64/kernel/uncached.c +++ b/arch/ia64/kernel/uncached.c @@ -20,14 +20,12 @@ #include <linux/genalloc.h> #include <linux/gfp.h> #include <linux/pgtable.h> +#include <asm/efi.h> #include <asm/page.h> #include <asm/pal.h> #include <linux/atomic.h> #include <asm/tlbflush.h> - -extern void __init efi_memmap_walk_uc(efi_freemem_callback_t, void *); - struct uncached_pool { struct gen_pool *pool; struct mutex add_chunk_mutex; /* serialize adding a converted chunk */ diff --git a/arch/ia64/mm/contig.c b/arch/ia64/mm/contig.c index bfc4ecd0a2ab..62fe80a16f42 100644 --- a/arch/ia64/mm/contig.c +++ b/arch/ia64/mm/contig.c @@ -21,6 +21,7 @@ #include <linux/swap.h> #include <linux/sizes.h> +#include <asm/efi.h> #include <asm/meminit.h> #include <asm/sections.h> #include <asm/mca.h> diff --git a/arch/ia64/mm/discontig.c b/arch/ia64/mm/discontig.c index c7311131156e..03b3a02375ff 100644 --- a/arch/ia64/mm/discontig.c +++ b/arch/ia64/mm/discontig.c @@ -24,6 +24,7 @@ #include <linux/efi.h> #include <linux/nodemask.h> #include <linux/slab.h> +#include <asm/efi.h> #include <asm/tlb.h> #include <asm/meminit.h> #include <asm/numa.h> diff --git a/arch/ia64/mm/init.c b/arch/ia64/mm/init.c index e76386a3479e..b19f47a5a305 100644 --- a/arch/ia64/mm/init.c +++ b/arch/ia64/mm/init.c @@ -27,6 +27,7 @@ #include <linux/swiotlb.h> #include <asm/dma.h> +#include <asm/efi.h> #include <asm/io.h> #include <asm/numa.h> #include <asm/patch.h> diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h index c98f78330b09..1328b7959b72 100644 --- a/arch/x86/include/asm/efi.h +++ b/arch/x86/include/asm/efi.h @@ -12,6 +12,7 @@ #include <linux/pgtable.h> extern unsigned long efi_fw_vendor, efi_config_table; +extern unsigned long efi_mixed_mode_stack_pa; /* * We map the EFI regions needed for runtime services non-contiguously, @@ -94,22 +95,12 @@ extern asmlinkage u64 __efi_call(void *fp, ...); __efi_call(__VA_ARGS__); \ }) -/* - * struct efi_scratch - Scratch space used while switching to/from efi_mm - * @phys_stack: stack used during EFI Mixed Mode - * @prev_mm: store/restore stolen mm_struct while switching to/from efi_mm - */ -struct efi_scratch { - u64 phys_stack; - struct mm_struct *prev_mm; -} __packed; - #define arch_efi_call_virt_setup() \ ({ \ efi_sync_low_kernel_mappings(); \ kernel_fpu_begin(); \ firmware_restrict_branch_speculation_start(); \ - efi_switch_mm(&efi_mm); \ + efi_enter_mm(); \ }) #define arch_efi_call_virt(p, f, args...) \ @@ -117,7 +108,7 @@ struct efi_scratch { #define arch_efi_call_virt_teardown() \ ({ \ - efi_switch_mm(efi_scratch.prev_mm); \ + efi_leave_mm(); \ firmware_restrict_branch_speculation_end(); \ kernel_fpu_end(); \ }) @@ -136,7 +127,6 @@ struct efi_scratch { #endif /* CONFIG_X86_32 */ -extern struct efi_scratch efi_scratch; extern int __init efi_memblock_x86_reserve_range(void); extern void __init efi_print_memmap(void); extern void __init efi_map_region(efi_memory_desc_t *md); @@ -149,10 +139,12 @@ extern void __init efi_dump_pagetable(void); extern void __init efi_apply_memmap_quirks(void); extern int __init efi_reuse_config(u64 tables, int nr_tables); extern void efi_delete_dummy_variable(void); -extern void efi_switch_mm(struct mm_struct *mm); extern void efi_recover_from_page_fault(unsigned long phys_addr); extern void efi_free_boot_services(void); +void efi_enter_mm(void); +void efi_leave_mm(void); + /* kexec external ABI */ struct efi_setup_data { u64 fw_vendor; diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c index 8efd003540ca..bf85db683af4 100644 --- a/arch/x86/platform/efi/efi_64.c +++ b/arch/x86/platform/efi/efi_64.c @@ -54,10 +54,7 @@ * 0xffff_ffff_0000_0000 and limit EFI VA mapping space to 64G. */ static u64 efi_va = EFI_VA_START; - -struct efi_scratch efi_scratch; - -EXPORT_SYMBOL_GPL(efi_mm); +static struct mm_struct *efi_prev_mm; /* * We need our own copy of the higher levels of the page tables @@ -237,7 +234,7 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages) return 1; } - efi_scratch.phys_stack = page_to_phys(page + 1); /* stack grows down */ + efi_mixed_mode_stack_pa = page_to_phys(page + 1); /* stack grows down */ npages = (_etext - _text) >> PAGE_SHIFT; text = __pa(_text); @@ -462,11 +459,17 @@ void __init efi_dump_pagetable(void) * can not change under us. * It should be ensured that there are no concurent calls to this function. */ -void efi_switch_mm(struct mm_struct *mm) +void efi_enter_mm(void) +{ + efi_prev_mm = current->active_mm; + current->active_mm = &efi_mm; + switch_mm(efi_prev_mm, &efi_mm, NULL); +} + +void efi_leave_mm(void) { - efi_scratch.prev_mm = current->active_mm; - current->active_mm = mm; - switch_mm(efi_scratch.prev_mm, mm, NULL); + current->active_mm = efi_prev_mm; + switch_mm(&efi_mm, efi_prev_mm, NULL); } static DEFINE_SPINLOCK(efi_runtime_lock); @@ -530,12 +533,12 @@ efi_thunk_set_virtual_address_map(unsigned long memory_map_size, efi_sync_low_kernel_mappings(); local_irq_save(flags); - efi_switch_mm(&efi_mm); + efi_enter_mm(); status = __efi_thunk(set_virtual_address_map, memory_map_size, descriptor_size, descriptor_version, virtual_map); - efi_switch_mm(efi_scratch.prev_mm); + efi_leave_mm(); local_irq_restore(flags); return status; @@ -829,7 +832,7 @@ efi_set_virtual_address_map(unsigned long memory_map_size, descriptor_size, descriptor_version, virtual_map); - efi_switch_mm(&efi_mm); + efi_enter_mm(); kernel_fpu_begin(); @@ -845,7 +848,7 @@ efi_set_virtual_address_map(unsigned long memory_map_size, /* grab the virtually remapped EFI runtime services table pointer */ efi.runtime = READ_ONCE(systab->runtime); - efi_switch_mm(efi_scratch.prev_mm); + efi_leave_mm(); return status; } diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S index 26f0da238c1c..fd3dd1708eba 100644 --- a/arch/x86/platform/efi/efi_thunk_64.S +++ b/arch/x86/platform/efi/efi_thunk_64.S @@ -33,7 +33,7 @@ SYM_CODE_START(__efi64_thunk) * Switch to 1:1 mapped 32-bit stack pointer. */ movq %rsp, %rax - movq efi_scratch(%rip), %rsp + movq efi_mixed_mode_stack_pa(%rip), %rsp push %rax /* @@ -70,3 +70,7 @@ SYM_CODE_START(__efi64_thunk) pushl %ebp lret SYM_CODE_END(__efi64_thunk) + + .bss + .balign 8 +SYM_DATA(efi_mixed_mode_stack_pa, .quad 0) diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c index 22ece1ad68a8..b69d63143e0d 100644 --- a/drivers/firmware/efi/libstub/arm64-stub.c +++ b/drivers/firmware/efi/libstub/arm64-stub.c @@ -61,10 +61,10 @@ efi_status_t handle_kernel_image(unsigned long *image_addr, status = efi_get_random_bytes(sizeof(phys_seed), (u8 *)&phys_seed); if (status == EFI_NOT_FOUND) { - efi_info("EFI_RNG_PROTOCOL unavailable, KASLR will be disabled\n"); + efi_info("EFI_RNG_PROTOCOL unavailable\n"); efi_nokaslr = true; } else if (status != EFI_SUCCESS) { - efi_err("efi_get_random_bytes() failed (0x%lx), KASLR will be disabled\n", + efi_err("efi_get_random_bytes() failed (0x%lx)\n", status); efi_nokaslr = true; } diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index b50a6c67d9bd..cde0a2ef507d 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -672,7 +672,7 @@ typedef union efi_tcg2_protocol efi_tcg2_protocol_t; union efi_tcg2_protocol { struct { void *get_capability; - efi_status_t (__efiapi *get_event_log)(efi_handle_t, + efi_status_t (__efiapi *get_event_log)(efi_tcg2_protocol_t *, efi_tcg2_event_log_format, efi_physical_addr_t *, efi_physical_addr_t *, @@ -849,4 +849,13 @@ void efi_handle_post_ebs_state(void); enum efi_secureboot_mode efi_get_secureboot(void); +#ifdef CONFIG_RESET_ATTACK_MITIGATION +void efi_enable_reset_attack_mitigation(void); +#else +static inline void +efi_enable_reset_attack_mitigation(void) { } +#endif + +void efi_retrieve_tpm2_eventlog(void); + #endif diff --git a/include/linux/efi.h b/include/linux/efi.h index 763b816ba19c..8710f5710c1d 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -29,10 +29,10 @@ #include <asm/page.h> #define EFI_SUCCESS 0 -#define EFI_LOAD_ERROR ( 1 | (1UL << (BITS_PER_LONG-1))) +#define EFI_LOAD_ERROR ( 1 | (1UL << (BITS_PER_LONG-1))) #define EFI_INVALID_PARAMETER ( 2 | (1UL << (BITS_PER_LONG-1))) #define EFI_UNSUPPORTED ( 3 | (1UL << (BITS_PER_LONG-1))) -#define EFI_BAD_BUFFER_SIZE ( 4 | (1UL << (BITS_PER_LONG-1))) +#define EFI_BAD_BUFFER_SIZE ( 4 | (1UL << (BITS_PER_LONG-1))) #define EFI_BUFFER_TOO_SMALL ( 5 | (1UL << (BITS_PER_LONG-1))) #define EFI_NOT_READY ( 6 | (1UL << (BITS_PER_LONG-1))) #define EFI_DEVICE_ERROR ( 7 | (1UL << (BITS_PER_LONG-1))) @@ -167,8 +167,6 @@ struct capsule_info { int __efi_capsule_setup_info(struct capsule_info *cap_info); -typedef int (*efi_freemem_callback_t) (u64 start, u64 end, void *arg); - /* * Types and defines for Time Services */ @@ -605,10 +603,6 @@ efi_guid_to_str(efi_guid_t *guid, char *out) } extern void efi_init (void); -extern void *efi_get_pal_addr (void); -extern void efi_map_pal_code (void); -extern void efi_memmap_walk (efi_freemem_callback_t callback, void *arg); -extern void efi_gettimeofday (struct timespec64 *ts); #ifdef CONFIG_EFI extern void efi_enter_virtual_mode (void); /* switch EFI to virtual mode, if possible */ #else @@ -1110,13 +1104,6 @@ enum efi_secureboot_mode efi_get_secureboot_mode(efi_get_variable_t *get_var) return efi_secureboot_mode_enabled; } -#ifdef CONFIG_RESET_ATTACK_MITIGATION -void efi_enable_reset_attack_mitigation(void); -#else -static inline void -efi_enable_reset_attack_mitigation(void) { } -#endif - #ifdef CONFIG_EFI_EMBEDDED_FIRMWARE void efi_check_for_embedded_firmwares(void); #else @@ -1125,8 +1112,6 @@ static inline void efi_check_for_embedded_firmwares(void) { } efi_status_t efi_random_get_seed(void); -void efi_retrieve_tpm2_eventlog(void); - /* * Arch code can implement the following three template macros, avoiding * reptition for the void/non-void return cases of {__,}efi_call_virt(): |