From patchwork Mon Feb 22 14:59:39 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 62587 Delivered-To: patch@linaro.org Received: by 10.112.43.199 with SMTP id y7csp1299777lbl; Mon, 22 Feb 2016 07:19:11 -0800 (PST) X-Received: by 10.98.13.86 with SMTP id v83mr38870866pfi.162.1456154350956; Mon, 22 Feb 2016 07:19:10 -0800 (PST) Return-Path: Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id rt5si40262757pab.98.2016.02.22.07.19.10 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 22 Feb 2016 07:19:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) client-ip=2001:1868:205::9; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org designates 2001:1868:205::9 as permitted sender) smtp.mailfrom=linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org; dkim=neutral (body hash did not verify) header.i=@linaro.org Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1aXsFG-000145-Ok; Mon, 22 Feb 2016 15:17:54 +0000 Received: from mail-wm0-x231.google.com ([2a00:1450:400c:c09::231]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1aXry2-0004Gp-SJ for linux-arm-kernel@lists.infradead.org; Mon, 22 Feb 2016 15:00:40 +0000 Received: by mail-wm0-x231.google.com with SMTP id g62so177029805wme.1 for ; Mon, 22 Feb 2016 06:59:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=qNmYDO19mrmHcg2hnmW+X9FWHH7nVvZfqHQGsuZUk0o=; b=IQz7BNnvLWF7k6ZhOptN4HBKnZCu3MJqWjWOUJItleMuRqm5v3Yywiar6VTWaKjZiH vrqxlMc0Wd1fISLrGfzLnv9yotCqmXiEbTnTRurYS71xx52TuZI1Mx3+UUUu881IeQUb JHaIfA3Awan/2RYf3Cr0OUfGvFXm/kifYUtmY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=qNmYDO19mrmHcg2hnmW+X9FWHH7nVvZfqHQGsuZUk0o=; b=DclfN5unrEtVidP+TgOp9P+pM3hDtbOpPPTc4/yQ9UY8iNiHv80M/5oopxXhQircnt i1QV0rrHqIf5k1B6AAI58D85XGnJzD8rE3UmiZHJHOpTmFgawKr+a0Yz/CYbPnS4+zUK lhC/51Et0D8MeTkfxHywsbWWJO2Kx8eAOz5Srcxk/j+eDtY6L5lteCvteMvbUj+j85fm gBrvMegrd8e43NsUeTx7on9r8nYtD4b5H435RLBSpPGoWuJ2kuLnsTgQwJP/YLojk+os VHd0zOyK2rnj7psafpNMKhsaMzKtEujCen9iJEMcWr0MmrfkkqbytTRf6Ub7TlzHPbk/ rAow== X-Gm-Message-State: AG10YOQq65+59+gVbTiTVUFKP585Dtl83meFtEmUIuu3Rk2ksZm89N8pxibAXaNwuoalQg2F X-Received: by 10.194.250.35 with SMTP id yz3mr31617798wjc.173.1456153185343; Mon, 22 Feb 2016 06:59:45 -0800 (PST) Received: from localhost.localdomain ([195.55.142.58]) by smtp.gmail.com with ESMTPSA id v78sm21392808wmv.23.2016.02.22.06.59.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 22 Feb 2016 06:59:44 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, matt@codeblueprint.co.uk Subject: [PATCH] arm*: efi: drop permanent mapping of the UEFI System table Date: Mon, 22 Feb 2016 15:59:39 +0100 Message-Id: <1456153179-27214-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20160222_070007_734313_E35AF8E3 X-CRM114-Status: GOOD ( 14.65 ) X-Spam-Score: -2.7 (--) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-2.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [2a00:1450:400c:c09:0:0:0:231 listed in] [list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: mark.rutland@arm.com, leif.lindholm@linaro.org, Ard Biesheuvel MIME-Version: 1.0 Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org The permanent, writable mapping of the UEFI System table is only referenced during invocations of UEFI Runtime Services, at which time the UEFI virtual mapping is available, which also covers the system table (since the runtime services themselves need access to it) So instead of creating this permanent mapping, record the virtual address of the system table inside the UEFI virtual mapping, and use that instead. This protects the contents of the system table from inadvertent (or deliberate) modification. Signed-off-by: Ard Biesheuvel --- Something I spotted while working on the memory attribute table stuff. Since this is low hanging fruit and otherwise completely unrelated to it, I am posting it as a separate patch drivers/firmware/efi/arm-init.c | 2 ++ drivers/firmware/efi/arm-runtime.c | 24 ++++++++++---------- 2 files changed, 14 insertions(+), 12 deletions(-) -- 2.5.0 _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel diff --git a/drivers/firmware/efi/arm-init.c b/drivers/firmware/efi/arm-init.c index 022f11157acd..e995d61da747 100644 --- a/drivers/firmware/efi/arm-init.c +++ b/drivers/firmware/efi/arm-init.c @@ -85,6 +85,8 @@ static int __init uefi_init(void) efi.systab->hdr.revision >> 16, efi.systab->hdr.revision & 0xffff); + efi.runtime_version = efi.systab->hdr.revision; + /* Show what we know for posterity */ c16 = early_memremap_ro(efi_to_phys(efi.systab->fw_vendor), sizeof(vendor) * sizeof(efi_char16_t)); diff --git a/drivers/firmware/efi/arm-runtime.c b/drivers/firmware/efi/arm-runtime.c index 848ede1587dc..6ce13d6b7122 100644 --- a/drivers/firmware/efi/arm-runtime.c +++ b/drivers/firmware/efi/arm-runtime.c @@ -64,6 +64,16 @@ static bool __init efi_virtmap_init(void) &phys, ret); return false; } + /* + * If this entry covers the address of the UEFI system table, + * calculate and record its virtual address. + */ + if (efi_system_table >= phys && + efi_system_table < phys + (md->num_pages * EFI_PAGE_SIZE)) { + efi.systab = (void *)(efi_system_table - phys + + md->virt_addr); + set_bit(EFI_SYSTEM_TABLES, &efi.flags); + } } if (efi_memattr_apply_permissions(&efi_mm, efi_set_mapping_permissions)) @@ -102,16 +112,8 @@ static int __init arm_enable_runtime_services(void) memmap.map_end = memmap.map + mapsize; efi.memmap = &memmap; - efi.systab = (__force void *)ioremap_cache(efi_system_table, - sizeof(efi_system_table_t)); - if (!efi.systab) { - pr_err("Failed to remap EFI System Table\n"); - return -ENOMEM; - } - set_bit(EFI_SYSTEM_TABLES, &efi.flags); - - if (!efi_virtmap_init()) { - pr_err("No UEFI virtual mapping was installed -- runtime services will not be available\n"); + if (!efi_virtmap_init() || !efi_enabled(EFI_SYSTEM_TABLES)) { + pr_err("UEFI virtual mapping missing or invalid -- runtime services will not be available\n"); return -ENOMEM; } @@ -119,8 +121,6 @@ static int __init arm_enable_runtime_services(void) efi_native_runtime_setup(); set_bit(EFI_RUNTIME_SERVICES, &efi.flags); - efi.runtime_version = efi.systab->hdr.revision; - return 0; } early_initcall(arm_enable_runtime_services);