From: tip-bot for Ard Biesheuvel <tipbot@zytor.com>
To: linux-tip-commits@vger.kernel.org
Cc: peterz@infradead.org, linux-kernel@vger.kernel.org,
matt@codeblueprint.co.uk, will.deacon@arm.com, mingo@kernel.org,
tglx@linutronix.de, hpa@zytor.com, ard.biesheuvel@linaro.org,
torvalds@linux-foundation.org
Subject: [tip:efi/core] efi/arm64: Check whether x18 is preserved by runtime services calls
Date: Fri, 9 Mar 2018 01:12:51 -0800 [thread overview]
Message-ID: <tip-7e611e7dbb235938fca1dd359bad5e5f86ceabcb@git.kernel.org> (raw)
In-Reply-To: <20180308080020.22828-6-ard.biesheuvel@linaro.org>
Commit-ID: 7e611e7dbb235938fca1dd359bad5e5f86ceabcb
Gitweb: https://git.kernel.org/tip/7e611e7dbb235938fca1dd359bad5e5f86ceabcb
Author: Ard Biesheuvel <ard.biesheuvel@linaro.org>
AuthorDate: Thu, 8 Mar 2018 08:00:13 +0000
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 9 Mar 2018 08:58:22 +0100
efi/arm64: Check whether x18 is preserved by runtime services calls
Whether or not we will ever decide to start using x18 as a platform
register in Linux is uncertain, but by that time, we will need to
ensure that UEFI runtime services calls don't corrupt it.
So let's start issuing warnings now for this, and increase the
likelihood that these firmware images have all been replaced by that time.
This has been fixed on the EDK2 side in commit:
6d73863b5464 ("BaseTools/tools_def AARCH64: mark register x18 as reserved")
dated July 13, 2017.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20180308080020.22828-6-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/arm64/include/asm/efi.h | 4 +++-
arch/arm64/kernel/Makefile | 3 ++-
arch/arm64/kernel/efi-rt-wrapper.S | 41 ++++++++++++++++++++++++++++++++++++++
arch/arm64/kernel/efi.c | 6 ++++++
4 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h
index 8389050328bb..192d791f1103 100644
--- a/arch/arm64/include/asm/efi.h
+++ b/arch/arm64/include/asm/efi.h
@@ -31,7 +31,7 @@ int efi_set_mapping_permissions(struct mm_struct *mm, efi_memory_desc_t *md);
({ \
efi_##f##_t *__f; \
__f = p->f; \
- __f(args); \
+ __efi_rt_asm_wrapper(__f, #f, args); \
})
#define arch_efi_call_virt_teardown() \
@@ -40,6 +40,8 @@ int efi_set_mapping_permissions(struct mm_struct *mm, efi_memory_desc_t *md);
efi_virtmap_unload(); \
})
+efi_status_t __efi_rt_asm_wrapper(void *, const char *, ...);
+
#define ARCH_EFI_IRQ_FLAGS_MASK (PSR_D_BIT | PSR_A_BIT | PSR_I_BIT | PSR_F_BIT)
/* arch specific definitions used by the stub code */
diff --git a/arch/arm64/kernel/Makefile b/arch/arm64/kernel/Makefile
index b87541360f43..6a4bd80c75bd 100644
--- a/arch/arm64/kernel/Makefile
+++ b/arch/arm64/kernel/Makefile
@@ -38,7 +38,8 @@ arm64-obj-$(CONFIG_CPU_PM) += sleep.o suspend.o
arm64-obj-$(CONFIG_CPU_IDLE) += cpuidle.o
arm64-obj-$(CONFIG_JUMP_LABEL) += jump_label.o
arm64-obj-$(CONFIG_KGDB) += kgdb.o
-arm64-obj-$(CONFIG_EFI) += efi.o efi-entry.stub.o
+arm64-obj-$(CONFIG_EFI) += efi.o efi-entry.stub.o \
+ efi-rt-wrapper.o
arm64-obj-$(CONFIG_PCI) += pci.o
arm64-obj-$(CONFIG_ARMV8_DEPRECATED) += armv8_deprecated.o
arm64-obj-$(CONFIG_ACPI) += acpi.o
diff --git a/arch/arm64/kernel/efi-rt-wrapper.S b/arch/arm64/kernel/efi-rt-wrapper.S
new file mode 100644
index 000000000000..05235ebb336d
--- /dev/null
+++ b/arch/arm64/kernel/efi-rt-wrapper.S
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2018 Linaro Ltd <ard.biesheuvel@linaro.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include <linux/linkage.h>
+
+ENTRY(__efi_rt_asm_wrapper)
+ stp x29, x30, [sp, #-32]!
+ mov x29, sp
+
+ /*
+ * Register x18 is designated as the 'platform' register by the AAPCS,
+ * which means firmware running at the same exception level as the OS
+ * (such as UEFI) should never touch it.
+ */
+ stp x1, x18, [sp, #16]
+
+ /*
+ * We are lucky enough that no EFI runtime services take more than
+ * 5 arguments, so all are passed in registers rather than via the
+ * stack.
+ */
+ mov x8, x0
+ mov x0, x2
+ mov x1, x3
+ mov x2, x4
+ mov x3, x5
+ mov x4, x6
+ blr x8
+
+ ldp x1, x2, [sp, #16]
+ cmp x2, x18
+ ldp x29, x30, [sp], #32
+ b.ne 0f
+ ret
+0: b efi_handle_corrupted_x18 // tail call
+ENDPROC(__efi_rt_asm_wrapper)
diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index a8bf1c892b90..4f9acb5fbe97 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -126,3 +126,9 @@ bool efi_poweroff_required(void)
{
return efi_enabled(EFI_RUNTIME_SERVICES);
}
+
+asmlinkage efi_status_t efi_handle_corrupted_x18(efi_status_t s, const char *f)
+{
+ pr_err_ratelimited(FW_BUG "register x18 corrupted by EFI %s\n", f);
+ return s;
+}
next prev parent reply other threads:[~2018-03-09 9:13 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-08 8:00 [GIT PULL 00/12] first batch of EFI changes for v4.17 Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 01/12] efi/arm*: Only register page tables when they exist Ard Biesheuvel
2018-03-09 9:11 ` [tip:efi/core] " tip-bot for Mark Rutland
2018-03-08 8:00 ` [PATCH 02/12] efi/apple-properties: Device core takes care of empty properties Ard Biesheuvel
2018-03-09 9:11 ` [tip:efi/core] efi/apple-properties: Remove redundant attribute initialization from unmarshal_key_value_pairs() tip-bot for Andy Shevchenko
2018-03-08 8:00 ` [PATCH 03/12] efi/arm*: Stop printing addresses of virtual mappings Ard Biesheuvel
2018-03-09 9:12 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 04/12] efi/x86: Fix trailing semicolons Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 05/12] efi: arm64: Check whether x18 is preserved by runtime services calls Ard Biesheuvel
2018-03-09 9:12 ` tip-bot for Ard Biesheuvel [this message]
2018-03-08 8:00 ` [PATCH 06/12] x86: efi: Replace GFP_ATOMIC with GFP_KERNEL in efi_query_variable_store Ard Biesheuvel
2018-03-09 7:54 ` Ingo Molnar
2018-03-09 9:13 ` [tip:efi/core] x86/efi: Replace GFP_ATOMIC with GFP_KERNEL in efi_query_variable_store() tip-bot for Jia-Ju Bai
2018-03-08 8:00 ` [PATCH 07/12] efi: Use efi_mm in x86 as well as ARM Ard Biesheuvel
2018-03-09 7:40 ` Ingo Molnar
2018-03-09 8:37 ` Prakhya, Sai Praneeth
2018-03-09 9:56 ` Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 08/12] x86/efi: Replace efi_pgd with efi_mm.pgd Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 09/12] x86/efi: Use efi_switch_mm() rather than manually twiddling with %cr3 Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 10/12] efi: reorder pr_notice() with add_device_randomness() call Ard Biesheuvel
2018-03-09 9:13 ` [tip:efi/core] efi: Reorder " tip-bot for Ard Biesheuvel
2018-03-08 8:00 ` [PATCH 11/12] efi/apple-properties: Use memremap() instead of ioremap() Ard Biesheuvel
2018-03-09 9:14 ` [tip:efi/core] " tip-bot for Andy Shevchenko
2018-03-08 8:00 ` [PATCH 12/12] efi: make const array 'apple' static Ard Biesheuvel
2018-03-08 11:05 ` Joe Perches
2018-03-09 7:43 ` Ard Biesheuvel
2018-03-09 7:44 ` Ard Biesheuvel
2018-03-09 9:37 ` Joe Perches
2018-03-09 7:47 ` Ingo Molnar
2018-03-09 7:52 ` Ard Biesheuvel
2018-03-09 8:04 ` Ingo Molnar
2018-03-09 8:07 ` Ard Biesheuvel
2018-03-09 8:19 ` Ard Biesheuvel
2018-03-09 8:31 ` Ingo Molnar
2018-03-09 8:29 ` Lukas Wunner
2018-03-09 8:33 ` Ard Biesheuvel
2018-03-09 9:16 ` [tip:efi/core] efi: Make " tip-bot for Colin Ian King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-7e611e7dbb235938fca1dd359bad5e5f86ceabcb@git.kernel.org \
--to=tipbot@zytor.com \
--cc=ard.biesheuvel@linaro.org \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).