[PATCH 5/6] x86: efistub: Prefer EFI memory attributes protocol over DXE services

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Ard Biesheuvel <ardb@kernel.org>
To: linux-efi@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
	Evgeniy Baskov <baskov@ispras.ru>, Borislav Petkov <bp@alien8.de>,
	Andy Lutomirski <luto@kernel.org>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Ingo Molnar <mingo@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	Alexey Khoroshilov <khoroshilov@ispras.ru>,
	Peter Jones <pjones@redhat.com>,
	Gerd Hoffmann <kraxel@redhat.com>, Dave Young <dyoung@redhat.com>,
	Mario Limonciello <mario.limonciello@amd.com>,
	Kees Cook <keescook@chromium.org>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Linus Torvalds <torvalds@linux-foundation.org>
Subject: [PATCH 5/6] x86: efistub: Prefer EFI memory attributes protocol over DXE services
Date: Mon, 24 Apr 2023 18:57:25 +0200	[thread overview]
Message-ID: <20230424165726.2245548-6-ardb@kernel.org> (raw)
In-Reply-To: <20230424165726.2245548-1-ardb@kernel.org>

Currently, we rely on DXE services in some cases to clear non-execute
restrictions from page allocations that need to be executable. This is
dodgy, because DXE services are not specified by UEFI but by PI, and
they are not intended for consumption by OS loaders. However, no
alternative existed at the time.

Now, there is a new UEFI protocol that should be used instead, so if it
exists, prefer it over the DXE services calls.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 drivers/firmware/efi/libstub/x86-stub.c | 28 ++++++++++++++------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c
index 7b8717cbb96a1246..ea4024a6a04e507f 100644
--- a/drivers/firmware/efi/libstub/x86-stub.c
+++ b/drivers/firmware/efi/libstub/x86-stub.c
@@ -25,6 +25,7 @@ const efi_system_table_t *efi_system_table;
 const efi_dxe_services_table_t *efi_dxe_table;
 u32 image_offset __section(".data");
 static efi_loaded_image_t *image = NULL;
+static efi_memory_attribute_protocol_t *memattr;
 
 static efi_status_t
 preserve_pci_rom_image(efi_pci_io_protocol_t *pci, struct pci_setup_rom **__rom)
@@ -221,12 +222,18 @@ adjust_memory_range_protection(unsigned long start, unsigned long size)
 	unsigned long rounded_start, rounded_end;
 	unsigned long unprotect_start, unprotect_size;
 
-	if (efi_dxe_table == NULL)
-		return;
-
 	rounded_start = rounddown(start, EFI_PAGE_SIZE);
 	rounded_end = roundup(start + size, EFI_PAGE_SIZE);
 
+	if (memattr != NULL) {
+		efi_call_proto(memattr, clear_memory_attributes, rounded_start,
+			       rounded_end - rounded_start, EFI_MEMORY_XP);
+		return;
+	}
+
+	if (efi_dxe_table == NULL)
+		return;
+
 	/*
 	 * Don't modify memory region attributes, they are
 	 * already suitable, to lower the possibility to
@@ -913,13 +920,18 @@ asmlinkage unsigned long efi_main(efi_handle_t handle,
 	if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
 		efi_exit(handle, EFI_INVALID_PARAMETER);
 
-	efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID);
-	if (efi_dxe_table &&
-	    efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) {
-		efi_warn("Ignoring DXE services table: invalid signature\n");
-		efi_dxe_table = NULL;
+	if (IS_ENABLED(CONFIG_EFI_DXE_MEM_ATTRIBUTES)) {
+		efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID);
+		if (efi_dxe_table &&
+		    efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) {
+			efi_warn("Ignoring DXE services table: invalid signature\n");
+			efi_dxe_table = NULL;
+		}
 	}
 
+	/* grab the memory attributes protocol if it exists */
+	efi_bs_call(locate_protocol, &guid, NULL, (void **)&memattr);
+
 	if (!boot_params->acpi_rsdp_addr)
 		boot_params->acpi_rsdp_addr = (unsigned long)
 				(get_efi_config_table(ACPI_20_TABLE_GUID) ?:
-- 
2.39.2

next prev parent reply	other threads:[~2023-04-24 16:58 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-04-24 16:57 [PATCH 0/6] efi/x86: Avoid legacy decompressor during EFI boot Ard Biesheuvel
2023-04-24 16:57 ` [PATCH 1/6] x86: decompressor: Move global symbol references to C code Ard Biesheuvel
2023-04-24 16:57 ` [PATCH 2/6] x86: decompressor: Factor out kernel decompression and relocation Ard Biesheuvel
2023-04-24 16:57 ` [PATCH 3/6] x86: efistub: Obtain ACPI RSDP address while running in the stub Ard Biesheuvel
2023-04-24 16:57 ` [PATCH 4/6] x86: efistub: Perform 4/5 level paging switch from " Ard Biesheuvel
2023-04-26 10:42   ` Kirill A . Shutemov
2023-04-26 21:29     ` Ard Biesheuvel
2023-04-24 16:57 ` Ard Biesheuvel [this message]
2023-04-24 16:57 ` [PATCH 6/6] x86: efistub: Avoid legacy decompressor when doing EFI boot Ard Biesheuvel
2023-04-26 10:17 ` [PATCH 0/6] efi/x86: Avoid legacy decompressor during " Borislav Petkov
2023-04-26 21:24   ` Ard Biesheuvel
2023-04-28 13:22 ` Evgeniy Baskov
2023-04-28 17:14   ` Ard Biesheuvel
2023-05-02 13:37 ` Tom Lendacky
2023-05-02 13:39   ` Ard Biesheuvel
2023-05-02 16:08     ` Tom Lendacky
2023-05-03 17:44       ` Ard Biesheuvel
2023-05-03 18:51         ` Tom Lendacky
2023-05-03 17:58       ` Tom Lendacky
2023-05-03 18:17         ` Ard Biesheuvel
2023-05-03 18:24           ` Borislav Petkov
2023-05-03 18:39             ` Ard Biesheuvel
2023-05-03 18:48           ` Tom Lendacky
2023-05-03 18:59             ` Ard Biesheuvel
2023-05-03 21:23               ` Tom Lendacky
2023-05-03 21:30                 ` Ard Biesheuvel

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:7b8717cbb96a124 dfblob:ea4024a6a04e507 )
 OR (
bs:"[PATCH 5/6] x86: efistub: Prefer EFI memory attributes protocol over DXE services" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230424165726.2245548-6-ardb@kernel.org \
    --to=ardb@kernel.org \
    --cc=baskov@ispras.ru \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=dyoung@redhat.com \
    --cc=keescook@chromium.org \
    --cc=khoroshilov@ispras.ru \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=kraxel@redhat.com \
    --cc=linux-efi@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mario.limonciello@amd.com \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=pjones@redhat.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox