On Thu, 6 Oct 2022 at 13:13, Borislav Petkov <bp@xxxxxxxxx> wrote: > > On Thu, Oct 06, 2022 at 12:56:09PM +0200, Ard Biesheuvel wrote: > > efi32_pe_entry() preserves and restores the caller's value of %ebx, > > because from there, we might actually return control to the firmware. > > The value it keeps in %ebx itself is not live when it jumps to > > efi32_entry - it stores its value into image_offset, which is reloaded > > from memory at a later point. > > Hmm, might be prudent to have a comment there because it is using %ebx a > couple of insns before the JMP: > > subl %esi, %ebx > ^^^^ > movl %ebx, rva(image_offset)(%ebp) // save image_offset > > <--- I think you mean that after this, %ebx is not needed anymore? > Exactly. > xorl %esi, %esi > jmp efi32_entry > > 2: popl %edi // restore callee-save registers > popl %ebx > > and this restores its original value ofc. > > > efi32_stub_entry() is the 'EFI handover protocol' entry point, which > > cannot return to the firmware (and we discard the return address > > already) so %ebx can be clobbered. > > That info would be good to have in a comment above it. > Fair enough.
