This is a note to let you know that I've just added the patch titled
x86/efistub: Prefer EFI memory attributes protocol over DXE services
to the 6.1-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
x86-efistub-prefer-efi-memory-attributes-protocol-over-dxe-services.patch
and it can be found in the queue-6.1 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From stable+bounces-25904-greg=kroah.com@xxxxxxxxxxxxxxx Mon Mar 4 12:21:04 2024
From: Ard Biesheuvel <ardb+git@xxxxxxxxxx>
Date: Mon, 4 Mar 2024 12:19:49 +0100
Subject: x86/efistub: Prefer EFI memory attributes protocol over DXE services
To: stable@xxxxxxxxxxxxxxx
Cc: linux-efi@xxxxxxxxxxxxxxx, Ard Biesheuvel <ardb@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>
Message-ID: <20240304111937.2556102-31-ardb+git@xxxxxxxxxx>
From: Ard Biesheuvel <ardb+git@xxxxxxxxxx>
From: Ard Biesheuvel <ardb@xxxxxxxxxx>
[ Commit 11078876b7a6a1b7226344fecab968945c806832 upstream ]
Currently, the EFI stub relies on DXE services in some cases to clear
non-execute restrictions from page allocations that need to be
executable. This is dodgy, because DXE services are not specified by
UEFI but by PI, and they are not intended for consumption by OS loaders.
However, no alternative existed at the time.
Now, there is a new UEFI protocol that should be used instead, so if it
exists, prefer it over the DXE services calls.
Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
Signed-off-by: Borislav Petkov (AMD) <bp@xxxxxxxxx>
Link: https://lore.kernel.org/r/20230807162720.545787-18-ardb@xxxxxxxxxx
Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/firmware/efi/libstub/x86-stub.c | 29 +++++++++++++++++++++--------
1 file changed, 21 insertions(+), 8 deletions(-)
--- a/drivers/firmware/efi/libstub/x86-stub.c
+++ b/drivers/firmware/efi/libstub/x86-stub.c
@@ -26,6 +26,7 @@ const efi_system_table_t *efi_system_tab
const efi_dxe_services_table_t *efi_dxe_table;
u32 image_offset __section(".data");
static efi_loaded_image_t *image = NULL;
+static efi_memory_attribute_protocol_t *memattr;
static efi_status_t
preserve_pci_rom_image(efi_pci_io_protocol_t *pci, struct pci_setup_rom **__rom)
@@ -222,12 +223,18 @@ void efi_adjust_memory_range_protection(
unsigned long rounded_start, rounded_end;
unsigned long unprotect_start, unprotect_size;
- if (efi_dxe_table == NULL)
- return;
-
rounded_start = rounddown(start, EFI_PAGE_SIZE);
rounded_end = roundup(start + size, EFI_PAGE_SIZE);
+ if (memattr != NULL) {
+ efi_call_proto(memattr, clear_memory_attributes, rounded_start,
+ rounded_end - rounded_start, EFI_MEMORY_XP);
+ return;
+ }
+
+ if (efi_dxe_table == NULL)
+ return;
+
/*
* Don't modify memory region attributes, they are
* already suitable, to lower the possibility to
@@ -758,6 +765,7 @@ void __noreturn efi_stub_entry(efi_handl
efi_system_table_t *sys_table_arg,
struct boot_params *boot_params)
{
+ efi_guid_t guid = EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID;
unsigned long bzimage_addr = (unsigned long)startup_32;
unsigned long buffer_start, buffer_end;
struct setup_header *hdr = &boot_params->hdr;
@@ -769,13 +777,18 @@ void __noreturn efi_stub_entry(efi_handl
if (efi_system_table->hdr.signature != EFI_SYSTEM_TABLE_SIGNATURE)
efi_exit(handle, EFI_INVALID_PARAMETER);
- efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID);
- if (efi_dxe_table &&
- efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) {
- efi_warn("Ignoring DXE services table: invalid signature\n");
- efi_dxe_table = NULL;
+ if (IS_ENABLED(CONFIG_EFI_DXE_MEM_ATTRIBUTES)) {
+ efi_dxe_table = get_efi_config_table(EFI_DXE_SERVICES_TABLE_GUID);
+ if (efi_dxe_table &&
+ efi_dxe_table->hdr.signature != EFI_DXE_SERVICES_TABLE_SIGNATURE) {
+ efi_warn("Ignoring DXE services table: invalid signature\n");
+ efi_dxe_table = NULL;
+ }
}
+ /* grab the memory attributes protocol if it exists */
+ efi_bs_call(locate_protocol, &guid, NULL, (void **)&memattr);
+
status = efi_setup_5level_paging();
if (status != EFI_SUCCESS) {
efi_err("efi_setup_5level_paging() failed!\n");
Patches currently in stable-queue which might be from kroah.com@xxxxxxxxxxxxxxx are
queue-6.1/x86-decompressor-avoid-magic-offsets-for-efi-handover-entrypoint.patch
queue-6.1/x86-efistub-avoid-placing-the-kernel-below-load_physical_addr.patch
queue-6.1/x86-efistub-avoid-legacy-decompressor-when-doing-efi-boot.patch
queue-6.1/x86-efistub-perform-4-5-level-paging-switch-from-the-stub.patch
queue-6.1/x86-boot-rename-conflicting-boot_params-pointer-to-boot_params_ptr.patch
queue-6.1/x86-efistub-perform-snp-feature-test-while-running-in-the-firmware.patch
queue-6.1/x86-efistub-simplify-and-clean-up-handover-entry-code.patch
queue-6.1/efi-libstub-add-memory-attribute-protocol-definitions.patch
queue-6.1/efi-libstub-add-limit-argument-to-efi_random_alloc.patch
queue-6.1/efi-x86-fix-the-missing-kaslr_flag-bit-in-boot_params-hdr.loadflags.patch
queue-6.1/arm64-efi-limit-allocations-to-48-bit-addressable-physical-region.patch
queue-6.1/x86-efistub-prefer-efi-memory-attributes-protocol-over-dxe-services.patch
queue-6.1/efi-efivars-prevent-double-registration.patch
queue-6.1/x86-boot-efistub-assign-global-boot_params-variable.patch
queue-6.1/x86-efistub-clear-bss-in-efi-handover-protocol-entrypoint.patch
queue-6.1/x86-decompressor-factor-out-kernel-decompression-and-relocation.patch
queue-6.1/efi-x86-avoid-physical-kaslr-on-older-dell-systems.patch
