From patchwork Mon Jan 11 13:19:14 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 59475 Delivered-To: patch@linaro.org Received: by 10.112.130.2 with SMTP id oa2csp2104920lbb; Mon, 11 Jan 2016 05:20:57 -0800 (PST) X-Received: by 10.98.32.76 with SMTP id g73mr26039690pfg.48.1452518457726; Mon, 11 Jan 2016 05:20:57 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id dg7si19231368pad.75.2016.01.11.05.20.57; Mon, 11 Jan 2016 05:20:57 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dkim=pass header.i=@linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759972AbcAKNU4 (ORCPT + 29 others); Mon, 11 Jan 2016 08:20:56 -0500 Received: from mail-wm0-f52.google.com ([74.125.82.52]:37121 "EHLO mail-wm0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932958AbcAKNUS (ORCPT ); Mon, 11 Jan 2016 08:20:18 -0500 Received: by mail-wm0-f52.google.com with SMTP id f206so268050329wmf.0 for ; Mon, 11 Jan 2016 05:20:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=rwSldPlYYwZAJM9zIu0cPPCCGLIdxezSWEgwVlmxsdE=; b=NuCZxqBUckHel3R9wjsag6k3IrOC7IPbz9m2/7LMQEZb95EVz03zNX2is3iVBE8Vyu SbA5+wA50IyLC2NFdzOoM+A/CZfQoIGKBCbcaNK4au9tgRAG/10Fk4YHO90rX/mei8gW Ma4nbSY6Os4WMh9TRgP2obDgHTKQg0S+c6jeo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=rwSldPlYYwZAJM9zIu0cPPCCGLIdxezSWEgwVlmxsdE=; b=gVI7eW+LvbLVFmfbR5zR3YSuCG4BsIFqiP76BDl/+nmBzH3zNdQD6/kGj0n8MJhie1 5xtHjqQ+UO/wMKQ2UzZbsLyZpbEfv/df5Z3i2rUO65SfjQfjY0WFC52Oks4ZyZ1DovcJ mPLH72Clm312TzYVwgtsSv0JxUxl7Of3yguNXJKyskhyrJhu7+ivBw/Id+yjQPzGjly9 /ONBx3+V4iirdLSmgQ2tJF+TwZ6coSlCNpO9ikwzLe96Ht0iyKEG/3EQj3rGuHj/jgRl KqUDCHVejRtDscsr2ZRhjgpJNcDYTAUK1OUmWl0KnKMEQzA+HGgJ06Xx93HTocvtMHH6 1DSg== X-Gm-Message-State: ALoCoQmIExhLkCBr1gX5RTS0QMfVeYGi0IRT3E5Gc6Z56qrkUjCdyIsSEw0Z4WEIRUA81RFKByGHEwapYh0u7xD/s1a3bCmk6w== X-Received: by 10.28.46.193 with SMTP id u184mr14479771wmu.102.1452518417703; Mon, 11 Jan 2016 05:20:17 -0800 (PST) Received: from localhost.localdomain (cag06-7-83-153-85-71.fbx.proxad.net. [83.153.85.71]) by smtp.gmail.com with ESMTPSA id c15sm12766055wmd.19.2016.01.11.05.20.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 11 Jan 2016 05:20:17 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org, kernel-hardening@lists.openwall.com, will.deacon@arm.com, catalin.marinas@arm.com, mark.rutland@arm.com, leif.lindholm@linaro.org, keescook@chromium.org, linux-kernel@vger.kernel.org Cc: stuart.yoder@freescale.com, bhupesh.sharma@freescale.com, arnd@arndb.de, marc.zyngier@arm.com, christoffer.dall@linaro.org, Ard Biesheuvel , Matt Fleming Subject: [PATCH v3 20/21] efi: stub: use high allocation for converted command line Date: Mon, 11 Jan 2016 14:19:14 +0100 Message-Id: <1452518355-4606-22-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.5.0 In-Reply-To: <1452518355-4606-1-git-send-email-ard.biesheuvel@linaro.org> References: <1452518355-4606-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Before we can move the command line processing before the allocation of the kernel, which is required for detecting the 'nokaslr' option which controls that allocation, move the converted command line higher up in memory, to prevent it from interfering with the kernel itself. Since x86 needs the address to fit in 32 bits, use UINT_MAX as the upper bound there. Otherwise, use ULONG_MAX (i.e., no limit) Cc: Matt Fleming Signed-off-by: Ard Biesheuvel --- arch/x86/include/asm/efi.h | 2 ++ drivers/firmware/efi/libstub/efi-stub-helper.c | 14 +++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) -- 2.5.0 diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h index 0010c78c4998..08b1f2f6ea50 100644 --- a/arch/x86/include/asm/efi.h +++ b/arch/x86/include/asm/efi.h @@ -25,6 +25,8 @@ #define EFI32_LOADER_SIGNATURE "EL32" #define EFI64_LOADER_SIGNATURE "EL64" +#define MAX_CMDLINE_ADDRESS UINT_MAX + #ifdef CONFIG_X86_32 diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c index f07d4a67fa76..2a7a3015d7e0 100644 --- a/drivers/firmware/efi/libstub/efi-stub-helper.c +++ b/drivers/firmware/efi/libstub/efi-stub-helper.c @@ -649,6 +649,10 @@ static u8 *efi_utf16_to_utf8(u8 *dst, const u16 *src, int n) return dst; } +#ifndef MAX_CMDLINE_ADDRESS +#define MAX_CMDLINE_ADDRESS ULONG_MAX +#endif + /* * Convert the unicode UEFI command line to ASCII to pass to kernel. * Size of memory allocated return in *cmd_line_len. @@ -684,7 +688,15 @@ char *efi_convert_cmdline(efi_system_table_t *sys_table_arg, options_bytes++; /* NUL termination */ - status = efi_low_alloc(sys_table_arg, options_bytes, 0, &cmdline_addr); + /* + * Allocate a buffer for the converted command line as high up + * in memory as is feasible: x86 needs the command line allocation + * to be below 4 GB, but non-x86 architectures may not have any + * memory there. So prefer below 4 GB, and allocate anywhere if + * that fails. + */ + status = efi_high_alloc(sys_table_arg, options_bytes, 0, + &cmdline_addr, MAX_CMDLINE_ADDRESS); if (status != EFI_SUCCESS) return NULL;