From patchwork Thu Jan 28 11:07:34 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 60713 Delivered-To: patch@linaro.org Received: by 10.112.130.2 with SMTP id oa2csp403283lbb; Thu, 28 Jan 2016 03:10:28 -0800 (PST) X-Received: by 10.98.87.20 with SMTP id l20mr3615219pfb.70.1453979420822; Thu, 28 Jan 2016 03:10:20 -0800 (PST) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id y9si16304142pas.124.2016.01.28.03.10.20 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 28 Jan 2016 03:10:20 -0800 (PST) Received-SPF: pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dkim=neutral (body hash did not verify) header.i=@linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1aOkRp-000874-Ot; Thu, 28 Jan 2016 11:09:09 +0000 Received: from mail-wm0-x22a.google.com ([2a00:1450:400c:c09::22a]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1aOkQp-00070k-DB for linux-arm-kernel@lists.infradead.org; Thu, 28 Jan 2016 11:08:09 +0000 Received: by mail-wm0-x22a.google.com with SMTP id r129so19442834wmr.0 for ; Thu, 28 Jan 2016 03:07:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=/mVyP6Zx16z4FAez8UacvvgyGnfksBS411hqZ7CXU5I=; b=XgyvdbxYAHkvRE2VHjVIxSpu/6KSAKY9CPyrWmP0lZVYSy8PD/GfZJP4GMohfMgKP3 Kyz9GqjZvGCXEPDf6VrBnHgPgREzLc9MFFaZ2ZNi39WvvH2LkViwtY1yR9jPXhjS2RCD ZeI5uEj7xXGi4q/dGDWAwL56M5XT5ATgibAxw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=/mVyP6Zx16z4FAez8UacvvgyGnfksBS411hqZ7CXU5I=; b=AqwdU3hCMBO7a8KZ2PkBNL143VJVsd04fsvqEm/glR5pjpynOWnPBFXxbjeLN/zzTZ gDfHV6lkXEFGKMLHhmSTxIlKwFon4JKAoznF3kBG+jHxqb2hjqzQoRCfRuoiKi5vH6fj UizjB+/4DeJL1vzHbl0uZZsDljVCqYfWYWpy8Ek96c/3ntpDREFBwiKT3EsfBSdWGNCZ nMBF0DvHTC//rniSiZsX5SLy8EyyEUqDtISK6DFa92PtjuQ4ecu6eME3BmV9sIImEv7Z JJc8GOPtpxWVGVC/+ZxvAt16u7UgG0bO4us0hFOctqL5GJafesX/N8sz90fcfk5u8FnY 6vAw== X-Gm-Message-State: AG10YOQbLIRnBh21HNzDhtdivERky67XqOHzuk0Eb5aEha+ZLOVpuWjyHt66MhRjt/OA8jJa X-Received: by 10.28.57.214 with SMTP id g205mr2353830wma.20.1453979265811; Thu, 28 Jan 2016 03:07:45 -0800 (PST) Received: from localhost.localdomain ([195.55.142.58]) by smtp.gmail.com with ESMTPSA id c203sm2360854wmd.5.2016.01.28.03.07.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Jan 2016 03:07:45 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, leif.lindholm@linaro.org, matt@codeblueprint.co.uk Subject: [PATCH 3/3] efi: arm-init: use read-only early mappings Date: Thu, 28 Jan 2016 12:07:34 +0100 Message-Id: <1453979254-25374-4-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1453979254-25374-1-git-send-email-ard.biesheuvel@linaro.org> References: <1453979254-25374-1-git-send-email-ard.biesheuvel@linaro.org> X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160128_030807_776560_73604804 X-CRM114-Status: GOOD ( 13.97 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:22a listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: mark.rutland@arm.com, catalin.marinas@arm.com, will.deacon@arm.com, Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org The early mappings of the EFI system table contents and the UEFI memory map are read-only from the OS point of view. So map them read-only to protect them from inadvertent modification. Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/arm-init.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) -- 2.5.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel diff --git a/drivers/firmware/efi/arm-init.c b/drivers/firmware/efi/arm-init.c index 9e15d571b53c..aa1f743152a2 100644 --- a/drivers/firmware/efi/arm-init.c +++ b/drivers/firmware/efi/arm-init.c @@ -61,8 +61,8 @@ static int __init uefi_init(void) char vendor[100] = "unknown"; int i, retval; - efi.systab = early_memremap(efi_system_table, - sizeof(efi_system_table_t)); + efi.systab = early_memremap_ro(efi_system_table, + sizeof(efi_system_table_t)); if (efi.systab == NULL) { pr_warn("Unable to map EFI system table.\n"); return -ENOMEM; @@ -86,8 +86,8 @@ static int __init uefi_init(void) efi.systab->hdr.revision & 0xffff); /* Show what we know for posterity */ - c16 = early_memremap(efi_to_phys(efi.systab->fw_vendor), - sizeof(vendor) * sizeof(efi_char16_t)); + c16 = early_memremap_ro(efi_to_phys(efi.systab->fw_vendor), + sizeof(vendor) * sizeof(efi_char16_t)); if (c16) { for (i = 0; i < (int) sizeof(vendor) - 1 && *c16; ++i) vendor[i] = c16[i]; @@ -100,8 +100,8 @@ static int __init uefi_init(void) efi.systab->hdr.revision & 0xffff, vendor); table_size = sizeof(efi_config_table_64_t) * efi.systab->nr_tables; - config_tables = early_memremap(efi_to_phys(efi.systab->tables), - table_size); + config_tables = early_memremap_ro(efi_to_phys(efi.systab->tables), + table_size); if (config_tables == NULL) { pr_warn("Unable to map EFI config table array.\n"); retval = -ENOMEM; @@ -185,7 +185,7 @@ void __init efi_init(void) efi_system_table = params.system_table; memmap.phys_map = params.mmap; - memmap.map = early_memremap(params.mmap, params.mmap_size); + memmap.map = early_memremap_ro(params.mmap, params.mmap_size); if (memmap.map == NULL) { /* * If we are booting via UEFI, the UEFI memory map is the only