Re: EFI/x86 backports for v6.1

[Greg KH <greg@kroah.com>]

On Sun, Feb 25, 2024 at 11:02:50AM +0100, Ard Biesheuvel wrote:
> Please consider the patches below for backporting to v6.1. They should
> all apply cleanly in the given order.
> 
> These are prerequisites for NX compat support on x86, but the
> remaining changes do not apply cleanly and will be sent as a patch
> series at a later date.
> By themselves, these changes not only constitute a reasonable cleanup,
> they are also needed for future support of x86s [0] CPUs that are no
> longer able to transition out of long mode.
> 
>  Documentation/x86/boot.rst                 |   2 +-
>  arch/x86/Kconfig                           |  17 +
>  arch/x86/boot/compressed/Makefile          |   8 +-
>  arch/x86/boot/compressed/efi_mixed.S       | 383 +++++++++++++++++++
>  arch/x86/boot/compressed/efi_thunk_64.S    | 195 ----------
>  arch/x86/boot/compressed/head_32.S         |  25 +-
>  arch/x86/boot/compressed/head_64.S         | 566 ++++++-----------------------
>  arch/x86/boot/compressed/mem_encrypt.S     | 152 +++++++-
>  arch/x86/boot/compressed/misc.c            |  34 +-
>  arch/x86/boot/compressed/misc.h            |   2 -
>  arch/x86/boot/compressed/pgtable.h         |  10 +-
>  arch/x86/boot/compressed/pgtable_64.c      |  87 ++---
>  arch/x86/boot/header.S                     |   2 +-
>  arch/x86/boot/tools/build.c                |   2 +
>  drivers/firmware/efi/efi.c                 |  22 ++
>  drivers/firmware/efi/libstub/alignedmem.c  |   5 +-
>  drivers/firmware/efi/libstub/arm64-stub.c  |   6 +-
>  drivers/firmware/efi/libstub/efistub.h     |   6 +-
>  drivers/firmware/efi/libstub/mem.c         |   3 +-
>  drivers/firmware/efi/libstub/randomalloc.c |   5 +-
>  drivers/firmware/efi/libstub/x86-stub.c    |  53 ++-
>  drivers/firmware/efi/vars.c                |  13 +-
>  include/linux/decompress/mm.h              |   2 +-
>  23 files changed, 805 insertions(+), 795 deletions(-)
> 
> [0] https://www.intel.com/content/www/us/en/developer/articles/technical/envisioning-future-simplified-architecture.html
> 
> 
> 9cf42bca30e9 efi: libstub: use EFI_LOADER_CODE region when moving the
> kernel in memory
> cb8bda8ad443 x86/boot/compressed: Rename efi_thunk_64.S to efi-mixed.S
> e2ab9eab324c x86/boot/compressed: Move 32-bit entrypoint code into .text section
> 5c3a85f35b58 x86/boot/compressed: Move bootargs parsing out of 32-bit
> startup code
> 91592b5c0c2f x86/boot/compressed: Move efi32_pe_entry into .text section
> 73a6dec80e2a x86/boot/compressed: Move efi32_entry out of head_64.S
> 7f22ca396778 x86/boot/compressed: Move efi32_pe_entry() out of head_64.S
> 4b52016247ae x86/boot/compressed, efi: Merge multiple definitions of
> image_offset into one
> 630f337f0c4f x86/boot/compressed: Simplify IDT/GDT preserve/restore in
> the EFI thunk
> 6aac80a8da46 x86/boot/compressed: Avoid touching ECX in
> startup32_set_idt_entry()
> d73a257f7f86 x86/boot/compressed: Pull global variable reference into
> startup32_load_idt()
> c6355995ba47 x86/boot/compressed: Move startup32_load_idt() into .text section
> 9ea813be3d34 x86/boot/compressed: Move startup32_load_idt() out of head_64.S
> b5d854cd4b6a x86/boot/compressed: Move startup32_check_sev_cbit() into .text
> 9d7eaae6a071 x86/boot/compressed: Move startup32_check_sev_cbit() out
> of head_64.S
> 30c9ca16a527 x86/boot/compressed: Adhere to calling convention in
> get_sev_encryption_bit()
> 61de13df9590 x86/boot/compressed: Only build mem_encrypt.S if AMD_MEM_ENCRYPT=y
> bad267f9e18f efi: verify that variable services are supported
> 0217a40d7ba6 efi: efivars: prevent double registration
> cc3fdda2876e x86/efi: Make the deprecated EFI handover protocol optional
> 7734a0f31e99 x86/boot: Robustify calling startup_{32,64}() from the
> decompressor code
> d2d7a54f69b6 x86/efistub: Branch straight to kernel entry point from C code
> df9215f15206 x86/efistub: Simplify and clean up handover entry code
> 127920645876 x86/decompressor: Avoid magic offsets for EFI handover entrypoint
> d7156b986d4c x86/efistub: Clear BSS in EFI handover protocol entrypoint
> 8b63cba746f8 x86/decompressor: Store boot_params pointer in callee save register
> 00c6b0978ec1 x86/decompressor: Assign paging related global variables earlier
> e8972a76aa90 x86/decompressor: Call trampoline as a normal function
> 918a7a04e717 x86/decompressor: Use standard calling convention for trampoline
> bd328aa01ff7 x86/decompressor: Avoid the need for a stack in the
> 32-bit trampoline
> 64ef578b6b68 x86/decompressor: Call trampoline directly from C code
> f97b67a773cd x86/decompressor: Only call the trampoline when changing
> paging levels
> cb83cece57e1 x86/decompressor: Pass pgtable address to trampoline directly
> 03dda95137d3 x86/decompressor: Merge trampoline cleanup with switching code
> 24388292e2d7 x86/decompressor: Move global symbol references to C code
> 8217ad0a435f decompress: Use 8 byte alignment

For some reason, not all of these applied cleanly.  But they still build
with just a subset :)

Here are the ones that failed for me:
	0217a40d7ba6 ("efi: efivars: prevent double registration")
	df9215f15206 ("x86/efistub: Simplify and clean up handover entry code")
	127920645876 ("x86/decompressor: Avoid magic offsets for EFI handover entrypoint")
	d7156b986d4c ("x86/efistub: Clear BSS in EFI handover protocol entrypoint")

Can you provide working backports for these 4?  Everything else is now
queued up.

thanks,

greg k-h