From patchwork Sat Aug 27 08:38:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 600635 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0C409ECAAD2 for ; Sat, 27 Aug 2022 08:39:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233155AbiH0IjT (ORCPT ); Sat, 27 Aug 2022 04:39:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233037AbiH0IjQ (ORCPT ); Sat, 27 Aug 2022 04:39:16 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 37FD0C00D9 for ; Sat, 27 Aug 2022 01:39:13 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 7524C61306 for ; Sat, 27 Aug 2022 08:39:13 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CF344C4347C; Sat, 27 Aug 2022 08:39:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589552; bh=UBp2rsf+kAYyhi4UTfKRx+3XtvgjAWXJSN1PjteFpa0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QJh+RIMj2yHv5usj+e7kSp2UNb9l8iRHV2YojKri/zn1OJJy2V1UM1D01mVXJeY0Q lbIch9uwZNKKOSks36nRvEsQ83HQaKHEDnlxB2g8kk3fau4fm2f3gAqLU6W85CQVe3 Ws6KqkK3ggWa0bJ568EAqcH7i8Y1IeRQfumCMCoKpunN/AU0cLlL8D23XgkBWYHqls bRJMqCNwo2xNp+wAdW5/FiWRHfSaLqZr7/vcPszn73u1csjMWEgrfMzybO7/PdcKuJ ep96bpj3n+Syuxk8WZI4k++WduB+js4j0K5j7dt71FgPQAZyCR8MF8je8KAwNt1fFN ILxqbzGw2cPCA== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 1/9] efi: name the ARCH-stub.c files uniformly Date: Sat, 27 Aug 2022 10:38:42 +0200 Message-Id: <20220827083850.2702465-2-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1454; i=ardb@kernel.org; h=from:subject; bh=UBp2rsf+kAYyhi4UTfKRx+3XtvgjAWXJSN1PjteFpa0=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgMJ+OTI3g3MW65ksCNSsGYFYf3xucYV1AaZnYt V0tkkf+JAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYDAAKCRDDTyI5ktmPJHr6DA CGE1MLFtM3JEBNaUraczdMjavnW77GeexWClyvombsh5GkWHA17x398PlsmqmD3U60qYETig5ul/4I Dsx8voo0yXNiu9luLZFns69k8y0fST45Pg3jYJKLp/z+NkpanpuA7S905/WlFyIXca5Bd7BFYPPgSo MbHjFKIgE2xTlpT/NwIaHiJsky7eTtzLPRscboCaTXXN40epQiWS4k90S0qdHI6weZ03B8ZnzG5EXj XP+VdMmmIy+PYh/PgPdEtNodZ6LqYVSSQkL2U9oYXUraWI9nPsgipYTWWr97/41FWxpSitMg+w95gn cg6zCoscsKZrvtj5x/ZuTBIt9rSs49gS5AEJH8pgw87cXmZp0yc5AeJp49aLnX2V99vG1cUU5I7Yry 0Ak1j+yLc1xtePMONRWkcy+qxK7qy+NUW3dhgRwEEZWqovcfgx0hgJ1FQcHwxKa8dlCOfR3MGiF+oC nTGdAH5b/dz8HQPKH3rAU+KPA2q1X2YLTk40AG/fWp8Dw= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Rename arm32-stub.c to arm-stub.c so that we can refer to all of them as $(ARCH)-stub.c Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/Makefile | 9 ++------- drivers/firmware/efi/libstub/{arm32-stub.c => arm-stub.c} | 0 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index a4915cc499f3..68c181dcb8cf 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -68,13 +68,8 @@ $(obj)/lib-%.o: $(srctree)/lib/%.c FORCE lib-$(CONFIG_EFI_GENERIC_STUB) += efi-stub.o fdt.o string.o \ $(patsubst %.c,lib-%.o,$(efi-deps-y)) -lib-$(CONFIG_ARM) += arm32-stub.o -lib-$(CONFIG_ARM64) += arm64-stub.o -lib-$(CONFIG_X86) += x86-stub.o -lib-$(CONFIG_RISCV) += riscv-stub.o -lib-$(CONFIG_LOONGARCH) += loongarch-stub.o - -CFLAGS_arm32-stub.o := -DTEXT_OFFSET=$(TEXT_OFFSET) +lib-y += $(ARCH)-stub.o +CFLAGS_arm-stub.o := -DTEXT_OFFSET=$(TEXT_OFFSET) # Even when -mbranch-protection=none is set, Clang will generate a # .note.gnu.property for code-less object files (like lib/ctype.c), diff --git a/drivers/firmware/efi/libstub/arm32-stub.c b/drivers/firmware/efi/libstub/arm-stub.c similarity index 100% rename from drivers/firmware/efi/libstub/arm32-stub.c rename to drivers/firmware/efi/libstub/arm-stub.c From patchwork Sat Aug 27 08:38:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 600634 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7E9CBC0502E for ; Sat, 27 Aug 2022 08:39:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232909AbiH0IjT (ORCPT ); Sat, 27 Aug 2022 04:39:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38530 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232956AbiH0IjS (ORCPT ); Sat, 27 Aug 2022 04:39:18 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5EDA0C00EC for ; Sat, 27 Aug 2022 01:39:17 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EE6DD6131A for ; Sat, 27 Aug 2022 08:39:16 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 53749C433D7; Sat, 27 Aug 2022 08:39:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589556; bh=1mSKisnehw6lyIsd2B1K6ZdFNtO8Mhv8xjHGLt/K/Pc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=tstNgS84EICyeQY1pnlnyrrnjcbsmH73fUxshkYwvz5IeRZyFiODuq8myx5wG66Z8 3lSt5/LqklD3IpXdFehlhlyDOmjeKC7gCDuYPrYA8EVWVhgp/X0BlM5fnn39lQ4HBs 4cmxCk/gwmFkyrTW1gzwWBmxB2Lu9Uq3i1tij1Nl+281mbef3XTEylKSj4NWBwSkHH rEDscqM95jtKatHLs7iR4d5F7NWGy67TRktszJBcI+ZTNXrCmdZRTkn5BL+xvbCZsz GQF5WiUoTs/Ai1SzZnWNRP88GdtiRXHzPL4BcewJ04o8vTeZuqX0Mqeglu5RYCuSo0 /TsYH4I3M844w== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 2/9] efi/libstub: add some missing EFI prototypes Date: Sat, 27 Aug 2022 10:38:43 +0200 Message-Id: <20220827083850.2702465-3-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5223; i=ardb@kernel.org; h=from:subject; bh=1mSKisnehw6lyIsd2B1K6ZdFNtO8Mhv8xjHGLt/K/Pc=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgNAAb2WUR5ho9ZcTJ9PTwt9vUq2K7p9Oosjcf1 1P8j76OJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYDQAKCRDDTyI5ktmPJK8TDA CELL0MNlCJ21VA4TsPEUK/SWRCbGdhzrtaNRc/iE/NAY2eGoPpf4jxN+Wr4S/cYSEoQ5Us81+kTUhW iu2U29GL1NgDcnMfykoROKWF/Ru7uwZ8Lw3n4vFPqLulH6BPQ+FkgJKURnLjl8R/v4KyIBYRGj3e+7 yNwju4oMzkPyF9oN66xkTjA9UXmdAUBgZ762/CIGFs0HiEBMJZraX2hQzF/Q7PBVoZmY+/kKxUxVJw zEsFCGAsuc2BDR6Gvh1YiOHJWcmp+fo8QK0wKXId8yTCzMN6cexmMYPFT81tNdz1yaRTq0CF5E9gUY 0jVVJXkdGKNT6dfdAtnKLBYmg9mKnITY7aCr24YghjbV+6NyMpLer5PgmCfUTnZ7r1JTb2PvWS7kdC cjq3KtNOlpRaH8rxVimALGrlBtn4h04sZVBuF6ALZlj0JpKf+oWT+Q5nuQLWDNvrSgJnZ4GFmBvcnb Y6WM2N8voFc4k1WectjSuHMXXtyyPtrdmhLxIN6d7+0PM= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Define the correct prototypes for the load_image, start_image and unload_image boot service pointers so we can call them from the EFI zboot code. Also add some prototypes related to installation and deinstallation of protocols in to the EFI protocol database, including some definitions related to device paths. Signed-off-by: Ard Biesheuvel --- Note that the device-path-to-text protocol is not used in this series, but it was useful during development so I retained the definitions. drivers/firmware/efi/libstub/efistub.h | 31 ++++++++++++++++---- include/linux/efi.h | 12 ++++++++ 2 files changed, 38 insertions(+), 5 deletions(-) diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index b0ae0a454404..c7efc404e663 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -171,6 +171,23 @@ struct efi_boot_memmap { typedef struct efi_generic_dev_path efi_device_path_protocol_t; +union efi_device_path_to_text_protocol { + struct { + efi_char16_t *(__efiapi *convert_device_node_to_text)( + const efi_device_path_protocol_t *, + bool, bool); + efi_char16_t *(__efiapi *convert_device_path_to_text)( + const efi_device_path_protocol_t *, + bool, bool); + }; + struct { + u32 convert_device_node_to_text; + u32 convert_device_path_to_text; + } mixed_mode; +}; + +typedef union efi_device_path_to_text_protocol efi_device_path_to_text_protocol_t; + typedef void *efi_event_t; /* Note that notifications won't work in mixed mode */ typedef void (__efiapi *efi_event_notify_t)(efi_event_t, void *); @@ -254,13 +271,17 @@ union efi_boot_services { efi_handle_t *); efi_status_t (__efiapi *install_configuration_table)(efi_guid_t *, void *); - void *load_image; - void *start_image; + efi_status_t (__efiapi *load_image)(bool, efi_handle_t, + efi_device_path_protocol_t *, + void *, unsigned long, + efi_handle_t *); + efi_status_t (__efiapi *start_image)(efi_handle_t, unsigned long *, + efi_char16_t **); efi_status_t __noreturn (__efiapi *exit)(efi_handle_t, efi_status_t, unsigned long, efi_char16_t *); - void *unload_image; + efi_status_t (__efiapi *unload_image)(efi_handle_t); efi_status_t (__efiapi *exit_boot_services)(efi_handle_t, unsigned long); void *get_next_monotonic_count; @@ -277,8 +298,8 @@ union efi_boot_services { void *locate_handle_buffer; efi_status_t (__efiapi *locate_protocol)(efi_guid_t *, void *, void **); - void *install_multiple_protocol_interfaces; - void *uninstall_multiple_protocol_interfaces; + efi_status_t (__efiapi *install_multiple_protocol_interfaces)(efi_handle_t *, ...); + efi_status_t (__efiapi *uninstall_multiple_protocol_interfaces)(efi_handle_t, ...); void *calculate_crc32; void *copy_mem; void *set_mem; diff --git a/include/linux/efi.h b/include/linux/efi.h index d2b84c2fec39..af90f7989f80 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -368,6 +368,9 @@ void efi_native_runtime_setup(void); #define UV_SYSTEM_TABLE_GUID EFI_GUID(0x3b13a7d4, 0x633e, 0x11dd, 0x93, 0xec, 0xda, 0x25, 0x56, 0xd8, 0x95, 0x93) #define LINUX_EFI_CRASH_GUID EFI_GUID(0xcfc8fc79, 0xbe2e, 0x4ddc, 0x97, 0xf0, 0x9f, 0x98, 0xbf, 0xe2, 0x98, 0xa0) #define LOADED_IMAGE_PROTOCOL_GUID EFI_GUID(0x5b1b31a1, 0x9562, 0x11d2, 0x8e, 0x3f, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b) +#define LOADED_IMAGE_DEVICE_PATH_PROTOCOL_GUID EFI_GUID(0xbc62157e, 0x3e33, 0x4fec, 0x99, 0x20, 0x2d, 0x3b, 0x36, 0xd7, 0x50, 0xdf) +#define EFI_DEVICE_PATH_PROTOCOL_GUID EFI_GUID(0x09576e91, 0x6d3f, 0x11d2, 0x8e, 0x39, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b) +#define EFI_DEVICE_PATH_TO_TEXT_PROTOCOL_GUID EFI_GUID(0x8b843e20, 0x8132, 0x4852, 0x90, 0xcc, 0x55, 0x1a, 0x4e, 0x4a, 0x7f, 0x1c) #define EFI_GRAPHICS_OUTPUT_PROTOCOL_GUID EFI_GUID(0x9042a9de, 0x23dc, 0x4a38, 0x96, 0xfb, 0x7a, 0xde, 0xd0, 0x80, 0x51, 0x6a) #define EFI_UGA_PROTOCOL_GUID EFI_GUID(0x982c298b, 0xf4fa, 0x41cb, 0xb8, 0x38, 0x77, 0xaa, 0x68, 0x8f, 0xb8, 0x39) #define EFI_PCI_IO_PROTOCOL_GUID EFI_GUID(0x4cf5b200, 0x68b8, 0x4ca5, 0x9e, 0xec, 0xb2, 0x3e, 0x3f, 0x50, 0x02, 0x9a) @@ -952,6 +955,7 @@ extern int efi_status_to_err(efi_status_t status); #define EFI_DEV_MEDIA_VENDOR 3 #define EFI_DEV_MEDIA_FILE 4 #define EFI_DEV_MEDIA_PROTOCOL 5 +#define EFI_DEV_MEDIA_REL_OFFSET 8 #define EFI_DEV_BIOS_BOOT 0x05 #define EFI_DEV_END_PATH 0x7F #define EFI_DEV_END_PATH2 0xFF @@ -982,12 +986,20 @@ struct efi_vendor_dev_path { u8 vendordata[]; } __packed; +struct efi_rel_offset_dev_path { + struct efi_generic_dev_path header; + u32 reserved; + u64 starting_offset; + u64 ending_offset; +} __packed; + struct efi_dev_path { union { struct efi_generic_dev_path header; struct efi_acpi_dev_path acpi; struct efi_pci_dev_path pci; struct efi_vendor_dev_path vendor; + struct efi_rel_offset_dev_path rel_offset; }; } __packed; From patchwork Sat Aug 27 08:38:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 601277 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BBD59C0502C for ; Sat, 27 Aug 2022 08:39:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231418AbiH0Ij1 (ORCPT ); Sat, 27 Aug 2022 04:39:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38586 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232911AbiH0IjX (ORCPT ); Sat, 27 Aug 2022 04:39:23 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6D80DBFC6B for ; Sat, 27 Aug 2022 01:39:22 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 1DEAAB822E5 for ; Sat, 27 Aug 2022 08:39:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CBEFDC433B5; Sat, 27 Aug 2022 08:39:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589559; bh=c82V61iIcOxdbLmW3edxD5a0MH1rbeC8C+w6vuiZUxg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=tyq9XW7k+MkqwYFN7gesGE/gH9rrQ0KjdYjZLPsQbsgEV3SdW1eItoQ3pE9/Kyho0 fjcARVUSSM24rpDYB3ZHDP3HqTdXMXnj3lOWqxf3svrA2/9rizfWW3vcxmF/J9nuQM CiWFvzfH9Qxjg2eZj4sdiBlOyGubPLrNz3BkPCkz6JZK71myTQ9XZSaufoOvAhNAkZ hTJ+ATZTYlToluIZlAifOG6jMQ8cu5apQQacp4W8HrMzswgM7OGStc2C78A1wGVAdN aLJOtT+VmcpUllsnmdQ2eYi17KrYFZ5IS8EFG0aFDGLPGyjckMyH+YpSIuGh9sGV9E S8YSPJNeIsJmg== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 3/9] efi/libstub: use EFI provided memcpy/memset routines Date: Sat, 27 Aug 2022 10:38:44 +0200 Message-Id: <20220827083850.2702465-4-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=6505; i=ardb@kernel.org; h=from:subject; bh=c82V61iIcOxdbLmW3edxD5a0MH1rbeC8C+w6vuiZUxg=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgPKf8vyKTN1fNb4hsOVagIZLJhDFXDLAOZVzAi Fc6ipFSJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYDwAKCRDDTyI5ktmPJIkqDA C38EsHGxIcOKzSyMJypImt+olxyvd8XcGDoL2Dkd7iSfmr1m72q6yvsM5o60WTbeyqXdJOVgWTWum5 4qHzmftU2rQZG9YjUkiJW7i2KKWKaj3O0zIpNjFZggk7WwRe0DII8LjFROf4u4IYna04rp0ADFQW8+ O8ohNbGMblq5n7HpI0CG5HGHRuaAy1KtmgvbRht9XJAHBYYBe2Qz0gQNu0ECYtuv7v76i3UyQhEEas GmBaSATGuJfTJQmOvcTTjl30H6DDvah9RKVDVK0ePFhMG32ULQLnMVLp48XDKK/OyYe1w2FbiEOzk0 V+0U0roQDdNGiErFiJ/ETFGRnS363cyKI/LZzTnJm8CkUjEKN6KTEoa6+emsYuw+4OnpOODQ8q7dO/ dWqKtiHzY8XKvBnj8VGWsUhM9NFV1/jpx52Um51xutvQlogzJAUtHzRhGftGQs0tCM1EwvdmeEU7cg iHLxRktNTi8pgtlhKhlJ7rQ2GttSHoP43eB4KAlOMqwWs= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The stub is used in different execution environments, but on arm64, RISC-V and LoongArch, we still use the core kernel's implementation of memcpy and memset, as they are just a branch instruction away, and can generally be reused even from code such as the EFI stub that runs in a completely different address space. KAsan complicates this slightly, resulting in the need for some hacks to expose the uninstrumented, __ prefixed versions as the normal ones, as the latter are instrumented to include the KAsan checks, which only work in the core kernel. Unfortunately, #define'ing memcpy to __memcpy when building C code does not guarantee that no explicit memcpy() calls will be emitted. And with the upcoming zboot support, which consists of a separate binary which therefore needs its own implementation of memcpy/memset anyway, it's better to provide one explicitly instead of linking to the existing one. Given that EFI exposes implementations of memmove() and memset() via the boot services table, let's wire those up in the appropriate way, and drop the references to the core kernel ones. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/image-vars.h | 13 --------- arch/loongarch/kernel/image-vars.h | 3 -- arch/riscv/kernel/image-vars.h | 9 ------ drivers/firmware/efi/libstub/Makefile | 2 +- drivers/firmware/efi/libstub/efistub.h | 4 +-- drivers/firmware/efi/libstub/intrinsics.c | 30 ++++++++++++++++++++ 6 files changed, 33 insertions(+), 28 deletions(-) diff --git a/arch/arm64/kernel/image-vars.h b/arch/arm64/kernel/image-vars.h index afa69e04e75e..11643f4d864d 100644 --- a/arch/arm64/kernel/image-vars.h +++ b/arch/arm64/kernel/image-vars.h @@ -24,9 +24,6 @@ PROVIDE(__efistub_primary_entry_offset = primary_entry - _text); */ PROVIDE(__efistub_memcmp = __pi_memcmp); PROVIDE(__efistub_memchr = __pi_memchr); -PROVIDE(__efistub_memcpy = __pi_memcpy); -PROVIDE(__efistub_memmove = __pi_memmove); -PROVIDE(__efistub_memset = __pi_memset); PROVIDE(__efistub_strlen = __pi_strlen); PROVIDE(__efistub_strnlen = __pi_strnlen); PROVIDE(__efistub_strcmp = __pi_strcmp); @@ -40,16 +37,6 @@ PROVIDE(__efistub__edata = _edata); PROVIDE(__efistub_screen_info = screen_info); PROVIDE(__efistub__ctype = _ctype); -/* - * The __ prefixed memcpy/memset/memmove symbols are provided by KASAN, which - * instruments the conventional ones. Therefore, any references from the EFI - * stub or other position independent, low level C code should be redirected to - * the non-instrumented versions as well. - */ -PROVIDE(__efistub___memcpy = __pi_memcpy); -PROVIDE(__efistub___memmove = __pi_memmove); -PROVIDE(__efistub___memset = __pi_memset); - PROVIDE(__pi___memcpy = __pi_memcpy); PROVIDE(__pi___memmove = __pi_memmove); PROVIDE(__pi___memset = __pi_memset); diff --git a/arch/loongarch/kernel/image-vars.h b/arch/loongarch/kernel/image-vars.h index c901ebb903f2..88f5d81702df 100644 --- a/arch/loongarch/kernel/image-vars.h +++ b/arch/loongarch/kernel/image-vars.h @@ -9,9 +9,6 @@ __efistub_memcmp = memcmp; __efistub_memchr = memchr; -__efistub_memcpy = memcpy; -__efistub_memmove = memmove; -__efistub_memset = memset; __efistub_strcat = strcat; __efistub_strcmp = strcmp; __efistub_strlen = strlen; diff --git a/arch/riscv/kernel/image-vars.h b/arch/riscv/kernel/image-vars.h index 71a76a623257..d6e5f739905e 100644 --- a/arch/riscv/kernel/image-vars.h +++ b/arch/riscv/kernel/image-vars.h @@ -25,21 +25,12 @@ */ __efistub_memcmp = memcmp; __efistub_memchr = memchr; -__efistub_memcpy = memcpy; -__efistub_memmove = memmove; -__efistub_memset = memset; __efistub_strlen = strlen; __efistub_strnlen = strnlen; __efistub_strcmp = strcmp; __efistub_strncmp = strncmp; __efistub_strrchr = strrchr; -#ifdef CONFIG_KASAN -__efistub___memcpy = memcpy; -__efistub___memmove = memmove; -__efistub___memset = memset; -#endif - __efistub__start = _start; __efistub__start_kernel = _start_kernel; __efistub__end = _end; diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index 68c181dcb8cf..498ea6f7a92a 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -65,7 +65,7 @@ efi-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c $(obj)/lib-%.o: $(srctree)/lib/%.c FORCE $(call if_changed_rule,cc_o_c) -lib-$(CONFIG_EFI_GENERIC_STUB) += efi-stub.o fdt.o string.o \ +lib-$(CONFIG_EFI_GENERIC_STUB) += efi-stub.o fdt.o string.o intrinsics.o \ $(patsubst %.c,lib-%.o,$(efi-deps-y)) lib-y += $(ARCH)-stub.o diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h index c7efc404e663..54f37e886be7 100644 --- a/drivers/firmware/efi/libstub/efistub.h +++ b/drivers/firmware/efi/libstub/efistub.h @@ -301,8 +301,8 @@ union efi_boot_services { efi_status_t (__efiapi *install_multiple_protocol_interfaces)(efi_handle_t *, ...); efi_status_t (__efiapi *uninstall_multiple_protocol_interfaces)(efi_handle_t, ...); void *calculate_crc32; - void *copy_mem; - void *set_mem; + void (__efiapi *copy_mem)(void *, const void *, unsigned long); + void (__efiapi *set_mem)(void *, unsigned long, unsigned char); void *create_event_ex; }; struct { diff --git a/drivers/firmware/efi/libstub/intrinsics.c b/drivers/firmware/efi/libstub/intrinsics.c new file mode 100644 index 000000000000..a04ab39292b6 --- /dev/null +++ b/drivers/firmware/efi/libstub/intrinsics.c @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include +#include + +#include "efistub.h" + +#ifdef CONFIG_KASAN +#undef memcpy +#undef memmove +#undef memset +void *__memcpy(void *__dest, const void *__src, size_t __n) __alias(memcpy); +void *__memmove(void *__dest, const void *__src, size_t count) __alias(memmove); +void *__memset(void *s, int c, size_t count) __alias(memset); +#endif + +void *memcpy(void *dst, const void *src, size_t len) +{ + efi_bs_call(copy_mem, dst, src, len); + return dst; +} + +extern void *memmove(void *dst, const void *src, size_t len) __alias(memcpy); + +void *memset(void *dst, int c, size_t len) +{ + efi_bs_call(set_mem, dst, len, c & U8_MAX); + return dst; +} From patchwork Sat Aug 27 08:38:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 600633 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 52F7CECAAD2 for ; Sat, 27 Aug 2022 08:39:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231222AbiH0Ij2 (ORCPT ); Sat, 27 Aug 2022 04:39:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38624 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232557AbiH0Ij1 (ORCPT ); Sat, 27 Aug 2022 04:39:27 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CD81ABCCE2 for ; Sat, 27 Aug 2022 01:39:25 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 8FA75B80E6F for ; Sat, 27 Aug 2022 08:39:24 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5130CC433C1; Sat, 27 Aug 2022 08:39:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589563; bh=BgNwH7xfBPv6l1sHY7W8lv62pNdIUhlpLRWtnyMfKTQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=HZTVkKz+1FlZx1gaSXop7eGIQZi8rzBg2kr33mDB3b+WrGTfTo5tbzhERJvqyACWj 4GGzOyG3YPTm8mcX4bla83cGLUadK2uPa89xkmjhWlA4iEmdrCdjWA5YrIVQpXyH4L YMWtsBnkuqYu/BeJtJfELLW5PY5Er2Ldxo/treMfdkFSm4pibPaLc4IxpCiTz7/xGY CKokkvM8/Yc5KIXqkiFcS1/TY4KlVs2PuBIQ6zP6ZzNnxfZEby4h9JRWFaz+pEjCuu dfFx4QKQcUgCmTEGIvRdAIXE4SCgiD0cKTHUaxSfukVH8lVHEDD890cjX4H4owzI3+ jkORFiTx+5F3A== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 4/9] efi/libstub: move efi_system_table global var into separate object Date: Sat, 27 Aug 2022 10:38:45 +0200 Message-Id: <20220827083850.2702465-5-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2060; i=ardb@kernel.org; h=from:subject; bh=BgNwH7xfBPv6l1sHY7W8lv62pNdIUhlpLRWtnyMfKTQ=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgRYrCMeBKPNkBsfxIIEhlW6FxbWiIJTYHw4tIJ y7Qs+5mJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYEQAKCRDDTyI5ktmPJJ3PC/ sGUEpWe63Hgzpvf9nGzGNA+f99uF7hln570rqVzyJFdGH8L+mOE7jCuUOzIZGMkLsgLmYMmCBUjF2V JNyAlsnRUFMoprwfwwm90hvyENy/LCUXGSZToZZUt3CeO0BsaSuY3dp4/FVVH1LlDEfU3zxQKmrdCg ZpuKMZfTTXHULFvllfHjruAifDnaB/SHlBYV3hvKhSPXjWxT/TZ3W+sH/xnnpPQioSd3fXPBwB42Cx xnfcsUCMIigdA0a1ONR88CCjwKUkPFz1tkrcRsXEws0JFqoTG9vW4R1rJPC/EnlbvrCot5PTg2o2zj HHG+KfSJ0jVQaykOprKDFCj8gRHSw638G1F3GcBoY2Kj5dReqJBoXudktqUuoo6yWJIfBgUVKnliNr C7+ljb7Wn37ubVe6cSxHutzhXnAeJMWjPRT2+Ee5w2ZJxrYlipNR/s8cdt0yRPR6sZ4bthurwAWSrz swj38uMrgLDd2d3J9jtqJVWwqXfSpy2S3GBj7zH0dfsmw= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org To avoid pulling in the wrong object when using the libstub static library to build the decompressor, define efi_system_table in a separate compilation unit. Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/Makefile | 3 ++- drivers/firmware/efi/libstub/efi-stub.c | 2 -- drivers/firmware/efi/libstub/systable.c | 8 ++++++++ 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index 498ea6f7a92a..fbe1900f47c4 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -57,7 +57,8 @@ KCOV_INSTRUMENT := n lib-y := efi-stub-helper.o gop.o secureboot.o tpm.o \ file.o mem.o random.o randomalloc.o pci.o \ skip_spaces.o lib-cmdline.o lib-ctype.o \ - alignedmem.o relocate.o vsprintf.o + alignedmem.o relocate.o vsprintf.o \ + systable.o # include the stub's generic dependencies from lib/ when building for ARM/arm64 efi-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c fdt_sw.c diff --git a/drivers/firmware/efi/libstub/efi-stub.c b/drivers/firmware/efi/libstub/efi-stub.c index 4bf751484e8b..57ea04378087 100644 --- a/drivers/firmware/efi/libstub/efi-stub.c +++ b/drivers/firmware/efi/libstub/efi-stub.c @@ -57,8 +57,6 @@ static u64 virtmap_base = EFI_RT_VIRTUAL_BASE; static bool flat_va_mapping = (EFI_RT_VIRTUAL_OFFSET != 0); -const efi_system_table_t *efi_system_table; - static struct screen_info *setup_graphics(void) { efi_guid_t gop_proto = EFI_GRAPHICS_OUTPUT_PROTOCOL_GUID; diff --git a/drivers/firmware/efi/libstub/systable.c b/drivers/firmware/efi/libstub/systable.c new file mode 100644 index 000000000000..91d016b02f8c --- /dev/null +++ b/drivers/firmware/efi/libstub/systable.c @@ -0,0 +1,8 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include + +#include "efistub.h" + +const efi_system_table_t *efi_system_table; From patchwork Sat Aug 27 08:38:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 601276 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0E4BFECAAD2 for ; Sat, 27 Aug 2022 08:39:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232912AbiH0Ijb (ORCPT ); Sat, 27 Aug 2022 04:39:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38672 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232911AbiH0Ija (ORCPT ); Sat, 27 Aug 2022 04:39:30 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1AD65BFC6B for ; Sat, 27 Aug 2022 01:39:28 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9D4796148C for ; Sat, 27 Aug 2022 08:39:27 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CA988C433D7; Sat, 27 Aug 2022 08:39:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589567; bh=PLrDugc7+Zaz4YT8cOzRpx3mFuXH9nqXFJyqIep1MMw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WQh0AgIvQR+dWYWNZ6CsDn2RPhz4QpdnxGpN+BzuuL4/jrYOW0FekktzQ8yXpIc9e 12okyponpzBx/1iUU8oDp07EydDlAvsux4I039hg7SVPFUR4ahAxWLUjkZ3QEguZk+ iDx15sER3PwOFIB1mWVh4bfOVIwqLv6Di+etXqRad1kGjw+aK4Jjo2B+se5NC3PQGA vKgpb8G2bMWYI22YrdDP0nCirAL2oV/evMiTne8ZFHhAsKIUmId5RnX9LhrcMYBVir B+c3neEIXM7ltgkoDBA9zIZzv+otqM4HmJJUhEpzAd2ioWFw5smNa/rJ4iOFy+K1Gv UmxX2c8NwHuXA== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 5/9] efi/libstub: implement generic EFI zboot Date: Sat, 27 Aug 2022 10:38:46 +0200 Message-Id: <20220827083850.2702465-6-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=23492; i=ardb@kernel.org; h=from:subject; bh=PLrDugc7+Zaz4YT8cOzRpx3mFuXH9nqXFJyqIep1MMw=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgTiAzTPxD66cGziz5QhZuuCG0u+lADNhHEWLti 360gQriJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYEwAKCRDDTyI5ktmPJKYYDA CbmjxhkCdCyL2CEKyFzvKpL+Bx4EIGCLSRAVom+WvXjBlQOzwlmQTbrpIaBz3lz2bR4ZPEuV4NkASE Ti2JI3DJ4003veZwmGL6iUA1LjIhJ+XYX7Hktnr6h8wGWMbVmVURBgubsYJGZP5Vtxb6zEvWu/qqYT 6fdeKhW1Haz5V3Fgk0aczMbqt1p/2mY37oG2SMFXYDZpmt2feaqPOhCxwekwiVFujgKukaolHr0C6I V8M3Fg7/7tJRpQNnmeHvOYAH/FrU3ArwIlATsSBN+wG4SP+1OFigfjfCI7pwASSOyMtbqFlb+jMYgp KOuzdZz/fArygznzYEHuA0kOhgq/bsGmms2TO5voGjCZtDw2+25obT3tkTk1vGmr2ShVrLkeoR9vF9 2D5c2vRxovgb1inB9/Y8qbflBeLwjBSejLiJUF9FzHoTqNJ6x2rcaNnZWNfMbGCKp3LKnRYzdXS4d0 pQTeIhCYwZDXuRwhO/CNjBE/E4MkeT5RKRJZQz7AQVD8Q= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Implement a minimal EFI app that decompresses the real kernel image and launches it using the firmware's LoadImage and StartImage boot services. This removes the need for any arch-specific hacks. Note that on systems that have UEFI secure boot policies enabled, LoadImage/StartImage require images to be signed, or their hashes known a priori, in order to be permitted to boot. There are various possible strategies to work around this requirement, but they all rely either on overriding internal PI/DXE protocols (which are not part of the EFI spec) or omitting the firmware provided LoadImage() and StartImage() boot services, which is also undesirable, given that they encapsulate platform specific policies related to secure boot and measured boot, but also related to memory permissions (whether or not and which types of heap allocations have both write and execute permissions.) The only generic and truly portable way around this is to simply sign both the inner and the outer image with the same key/cert pair, so this is what is implemented here. Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/Kconfig | 29 ++ drivers/firmware/efi/libstub/Makefile | 9 +- drivers/firmware/efi/libstub/Makefile.zboot | 70 +++++ drivers/firmware/efi/libstub/file.c | 17 ++ drivers/firmware/efi/libstub/zboot-header.S | 139 ++++++++++ drivers/firmware/efi/libstub/zboot.c | 289 ++++++++++++++++++++ drivers/firmware/efi/libstub/zboot.lds | 41 +++ include/linux/efi.h | 1 + 8 files changed, 592 insertions(+), 3 deletions(-) diff --git a/drivers/firmware/efi/Kconfig b/drivers/firmware/efi/Kconfig index cbf1c55dc224..5bdf3080e5da 100644 --- a/drivers/firmware/efi/Kconfig +++ b/drivers/firmware/efi/Kconfig @@ -105,6 +105,35 @@ config EFI_RUNTIME_WRAPPERS config EFI_GENERIC_STUB bool +config EFI_ZBOOT + def_bool y + depends on EFI_GENERIC_STUB && !ARM + select HAVE_KERNEL_GZIP + select HAVE_KERNEL_LZ4 + select HAVE_KERNEL_LZMA + select HAVE_KERNEL_LZO + select HAVE_KERNEL_XZ + select HAVE_KERNEL_ZSTD + +config EFI_ZBOOT_SIGNED + bool "Sign the EFI decompressor for UEFI secure boot" + depends on EFI_ZBOOT + help + Use the 'sbsign' command line tool (which must exist on the host + path) to sign both the EFI decompressor PE/COFF image, as well as the + encapsulated PE/COFF image, which is subsequently compressed and + wrapped by the former image. + +config EFI_ZBOOT_SIGNING_CERT + string "Certificate to use for signing the compressed EFI boot image" + depends on EFI_ZBOOT_SIGNED + default "" + +config EFI_ZBOOT_SIGNING_KEY + string "Private key to use for signing the compressed EFI boot image" + depends on EFI_ZBOOT_SIGNED + default "" + config EFI_ARMSTUB_DTB_LOADER bool "Enable the DTB loader" depends on EFI_GENERIC_STUB && !RISCV && !LOONGARCH diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index fbe1900f47c4..8931ed24379e 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -72,6 +72,12 @@ lib-$(CONFIG_EFI_GENERIC_STUB) += efi-stub.o fdt.o string.o intrinsics.o \ lib-y += $(ARCH)-stub.o CFLAGS_arm-stub.o := -DTEXT_OFFSET=$(TEXT_OFFSET) +zboot-obj-$(CONFIG_RISCV) := lib-clz_ctz.o lib-ashldi3.o +lib-$(CONFIG_EFI_ZBOOT) += zboot.o $(zboot-obj-y) + +extra-y := $(lib-y) +lib-y := $(patsubst %.o,%.stub.o,$(lib-y)) + # Even when -mbranch-protection=none is set, Clang will generate a # .note.gnu.property for code-less object files (like lib/ctype.c), # so work around this by explicitly removing the unwanted section. @@ -111,9 +117,6 @@ STUBCOPY_RELOC-$(CONFIG_ARM) := R_ARM_ABS # a verification pass to see if any absolute relocations exist in any of the # object files. # -extra-y := $(lib-y) -lib-y := $(patsubst %.o,%.stub.o,$(lib-y)) - STUBCOPY_FLAGS-$(CONFIG_ARM64) += --prefix-alloc-sections=.init \ --prefix-symbols=__efistub_ STUBCOPY_RELOC-$(CONFIG_ARM64) := R_AARCH64_ABS diff --git a/drivers/firmware/efi/libstub/Makefile.zboot b/drivers/firmware/efi/libstub/Makefile.zboot new file mode 100644 index 000000000000..cfacbad0c28a --- /dev/null +++ b/drivers/firmware/efi/libstub/Makefile.zboot @@ -0,0 +1,70 @@ +# SPDX-License-Identifier: GPL-2.0 + +# to be include'd by arch/$(ARCH)/boot/Makefile after setting +# EFI_ZBOOT_PAYLOAD, EFI_ZBOOT_BFD_TARGET and EFI_ZBOOT_MACH_TYPE + +comp-type-$(CONFIG_KERNEL_GZIP) := gzip +comp-type-$(CONFIG_KERNEL_LZ4) := lz4 +comp-type-$(CONFIG_KERNEL_LZMA) := lzma +comp-type-$(CONFIG_KERNEL_LZO) := lzo +comp-type-$(CONFIG_KERNEL_XZ) := xzkern +comp-type-$(CONFIG_KERNEL_ZSTD) := zstd22 + +# in GZIP, the appended le32 carrying the uncompressed size is part of the +# format, but in other cases, we just append it at the end for convenience, +# causing the original tools to complain when checking image integrity. +# So disregard it when calculating the payload size in the zimage header. +zboot-method-y := $(comp-type-y)_with_size +zboot-size-len-y := 4 + +zboot-method-$(CONFIG_KERNEL_GZIP) := gzip +zboot-size-len-$(CONFIG_KERNEL_GZIP) := 0 + +quiet_cmd_sbsign = SBSIGN $@ + cmd_sbsign = sbsign --out $@ $< \ + --key $(CONFIG_EFI_ZBOOT_SIGNING_KEY) \ + --cert $(CONFIG_EFI_ZBOOT_SIGNING_CERT) + +$(obj)/$(EFI_ZBOOT_PAYLOAD).signed: $(obj)/$(EFI_ZBOOT_PAYLOAD) FORCE + $(call if_changed,sbsign) + +ZBOOT_PAYLOAD-y := $(EFI_ZBOOT_PAYLOAD) +ZBOOT_PAYLOAD-$(CONFIG_EFI_ZBOOT_SIGNED) := $(EFI_ZBOOT_PAYLOAD).signed + +$(obj)/vmlinuz: $(obj)/$(ZBOOT_PAYLOAD-y) FORCE + $(call if_changed,$(zboot-method-y)) + +OBJCOPYFLAGS_vmlinuz.o := -I binary -O $(EFI_ZBOOT_BFD_TARGET) \ + --rename-section .data=.gzdata,load,alloc,readonly,contents +$(obj)/vmlinuz.o: $(obj)/vmlinuz FORCE + $(call if_changed,objcopy) + +AFLAGS_zboot-header.o += -DMACHINE_TYPE=IMAGE_FILE_MACHINE_$(EFI_ZBOOT_MACH_TYPE) \ + -DZBOOT_EFI_PATH="\"$(realpath $(obj)/vmlinuz.efi.elf)\"" \ + -DZBOOT_SIZE_LEN=$(zboot-size-len-y) \ + -DCOMP_TYPE="\"$(comp-type-y)\"" + +$(obj)/zboot-header.o: $(srctree)/drivers/firmware/efi/libstub/zboot-header.S FORCE + $(call if_changed_rule,as_o_S) + +ZBOOT_DEPS := $(obj)/zboot-header.o $(objtree)/drivers/firmware/efi/libstub/lib.a + +LDFLAGS_vmlinuz.efi.elf := -T $(srctree)/drivers/firmware/efi/libstub/zboot.lds +$(obj)/vmlinuz.efi.elf: $(obj)/vmlinuz.o $(ZBOOT_DEPS) FORCE + $(call if_changed,ld) + +ZBOOT_EFI-y := vmlinuz.efi +ZBOOT_EFI-$(CONFIG_EFI_ZBOOT_SIGNED) := vmlinuz.efi.unsigned + +OBJCOPYFLAGS_$(ZBOOT_EFI-y) := -O binary +$(obj)/$(ZBOOT_EFI-y): $(obj)/vmlinuz.efi.elf FORCE + $(call if_changed,objcopy) + +targets += zboot-header.o vmlinuz vmlinuz.o vmlinuz.efi.elf vmlinuz.efi + +ifneq ($(CONFIG_EFI_ZBOOT_SIGNED),) +$(obj)/vmlinuz.efi: $(obj)/vmlinuz.efi.unsigned FORCE + $(call if_changed,sbsign) + +targets += $(EFI_ZBOOT_PAYLOAD).signed vmlinuz.efi.unsigned +endif diff --git a/drivers/firmware/efi/libstub/file.c b/drivers/firmware/efi/libstub/file.c index dd95f330fe6e..42b3338273aa 100644 --- a/drivers/firmware/efi/libstub/file.c +++ b/drivers/firmware/efi/libstub/file.c @@ -66,10 +66,27 @@ static efi_status_t efi_open_file(efi_file_protocol_t *volume, static efi_status_t efi_open_volume(efi_loaded_image_t *image, efi_file_protocol_t **fh) { + struct efi_vendor_dev_path *dp = image->file_path; + efi_guid_t li_proto = LOADED_IMAGE_PROTOCOL_GUID; efi_guid_t fs_proto = EFI_FILE_SYSTEM_GUID; efi_simple_file_system_protocol_t *io; efi_status_t status; + // If we are using EFI zboot, we should look for the file system + // protocol on the parent image's handle instead + if (IS_ENABLED(CONFIG_EFI_ZBOOT) && + image->parent_handle != NULL && + dp->header.type == EFI_DEV_MEDIA && + dp->header.sub_type == EFI_DEV_MEDIA_VENDOR && + !efi_guidcmp(dp->vendorguid, LINUX_EFI_ZBOOT_MEDIA_GUID)) { + status = efi_bs_call(handle_protocol, image->parent_handle, + &li_proto, (void *)&image); + if (status != EFI_SUCCESS) { + efi_err("Failed to locate parent image handle\n"); + return status; + } + } + status = efi_bs_call(handle_protocol, image->device_handle, &fs_proto, (void **)&io); if (status != EFI_SUCCESS) { diff --git a/drivers/firmware/efi/libstub/zboot-header.S b/drivers/firmware/efi/libstub/zboot-header.S new file mode 100644 index 000000000000..a7bcc7c6b16d --- /dev/null +++ b/drivers/firmware/efi/libstub/zboot-header.S @@ -0,0 +1,139 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +#include + +#ifdef CONFIG_64BIT + .set .Lextra_characteristics, 0x0 + .set .Lpe_opt_magic, PE_OPT_MAGIC_PE32PLUS +#else + .set .Lextra_characteristics, IMAGE_FILE_32BIT_MACHINE + .set .Lpe_opt_magic, PE_OPT_MAGIC_PE32 +#endif + + .section ".head", "a" + .globl __efistub_efi_zboot_header +__efistub_efi_zboot_header: +.Ldoshdr: + .long MZ_MAGIC + .ascii "zimg" // image type + .long __efistub__gzdata_start - .Ldoshdr // payload offset + .long __efistub__gzdata_size - ZBOOT_SIZE_LEN // payload size + .long 0, 0 // reserved + .asciz COMP_TYPE // compression type + .org .Ldoshdr + 0x3c + .long .Lpehdr - .Ldoshdr // PE header offset + +.Lpehdr: + .long PE_MAGIC + .short MACHINE_TYPE + .short .Lsection_count + .long 0 + .long 0 + .long 0 + .short .Lsection_table - .Loptional_header + .short IMAGE_FILE_DEBUG_STRIPPED | \ + IMAGE_FILE_EXECUTABLE_IMAGE | \ + IMAGE_FILE_LINE_NUMS_STRIPPED |\ + .Lextra_characteristics + +.Loptional_header: + .short .Lpe_opt_magic + .byte 0, 0 + .long _etext - .Lefi_header_end + .long __data_size + .long 0 + .long __efistub_efi_zboot_entry - .Ldoshdr + .long .Lefi_header_end - .Ldoshdr + +#ifdef CONFIG_64BIT + .quad 0 +#else + .long _etext - .Ldoshdr, 0x0 +#endif + .long 4096 + .long 512 + .short 0, 0 + .short LINUX_EFISTUB_MAJOR_VERSION // MajorImageVersion + .short LINUX_EFISTUB_MINOR_VERSION // MinorImageVersion + .short 0, 0 + .long 0 + .long _end - .Ldoshdr + + .long .Lefi_header_end - .Ldoshdr + .long 0 + .short IMAGE_SUBSYSTEM_EFI_APPLICATION + .short 0 + .quad 0, 0, 0, 0 + .long 0 + .long (.Lsection_table - .) / 8 + + .quad 0 // ExportTable + .quad 0 // ImportTable + .quad 0 // ResourceTable + .quad 0 // ExceptionTable + .quad 0 // CertificationTable + .quad 0 // BaseRelocationTable +#ifdef CONFIG_DEBUG_EFI + .long .Lefi_debug_table - .Ldoshdr // DebugTable + .long .Lefi_debug_table_size +#endif + +.Lsection_table: + .ascii ".text\0\0\0" + .long _etext - .Lefi_header_end + .long .Lefi_header_end - .Ldoshdr + .long _etext - .Lefi_header_end + .long .Lefi_header_end - .Ldoshdr + + .long 0, 0 + .short 0, 0 + .long IMAGE_SCN_CNT_CODE | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_EXECUTE + + .ascii ".data\0\0\0" + .long __data_size + .long _etext - .Ldoshdr + .long __data_rawsize + .long _etext - .Ldoshdr + + .long 0, 0 + .short 0, 0 + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_WRITE + + .set .Lsection_count, (. - .Lsection_table) / 40 + +#ifdef CONFIG_DEBUG_EFI + .section ".rodata", "a" + .align 2 +.Lefi_debug_table: + // EFI_IMAGE_DEBUG_DIRECTORY_ENTRY + .long 0 // Characteristics + .long 0 // TimeDateStamp + .short 0 // MajorVersion + .short 0 // MinorVersion + .long IMAGE_DEBUG_TYPE_CODEVIEW // Type + .long .Lefi_debug_entry_size // SizeOfData + .long 0 // RVA + .long .Lefi_debug_entry - .Ldoshdr // FileOffset + + .set .Lefi_debug_table_size, . - .Lefi_debug_table + .previous + +.Lefi_debug_entry: + // EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY + .ascii "NB10" // Signature + .long 0 // Unknown + .long 0 // Unknown2 + .long 0 // Unknown3 + + .asciz ZBOOT_EFI_PATH + + .set .Lefi_debug_entry_size, . - .Lefi_debug_entry +#endif + + .p2align 12 +.Lefi_header_end: + diff --git a/drivers/firmware/efi/libstub/zboot.c b/drivers/firmware/efi/libstub/zboot.c new file mode 100644 index 000000000000..e6fdcc957275 --- /dev/null +++ b/drivers/firmware/efi/libstub/zboot.c @@ -0,0 +1,289 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include +#include +#include +#include + +#include "efistub.h" + +static unsigned char zboot_heap[SZ_256K] __aligned(64); +static unsigned long free_mem_ptr, free_mem_end_ptr; + +#define STATIC static +#if defined(CONFIG_KERNEL_GZIP) +#include "../../../../lib/decompress_inflate.c" +#elif defined(CONFIG_KERNEL_LZ4) +#include "../../../../lib/decompress_unlz4.c" +#elif defined(CONFIG_KERNEL_LZMA) +#include "../../../../lib/decompress_unlzma.c" +#elif defined(CONFIG_KERNEL_LZO) +#include "../../../../lib/decompress_unlzo.c" +#elif defined(CONFIG_KERNEL_XZ) +#undef memcpy +#define memcpy memcpy +#undef memmove +#define memmove memmove +#include "../../../../lib/decompress_unxz.c" +#elif defined(CONFIG_KERNEL_ZSTD) +#include "../../../../lib/decompress_unzstd.c" +#endif + +extern char efi_zboot_header[]; +extern char _gzdata_start[], _gzdata_end[]; + +static void log(efi_char16_t str[]) +{ + efi_call_proto(efi_table_attr(efi_system_table, con_out), + output_string, L"EFI decompressor: "); + efi_call_proto(efi_table_attr(efi_system_table, con_out), + output_string, str); + efi_call_proto(efi_table_attr(efi_system_table, con_out), + output_string, L"\n"); +} + +static void error(char *x) +{ + log(L"error() called from decompressor library\n"); +} + +// Local version to avoid pulling in memcmp() +static bool guids_eq(const efi_guid_t *a, const efi_guid_t *b) +{ + const u32 *l = (u32 *)a; + const u32 *r = (u32 *)b; + + return l[0] == r[0] && l[1] == r[1] && l[2] == r[2] && l[3] == r[3]; +} + +static efi_status_t __efiapi +load_file(efi_load_file_protocol_t *this, efi_device_path_protocol_t *rem, + bool boot_policy, unsigned long *bufsize, void *buffer) +{ + struct efi_vendor_dev_path *vendor_dp; + bool decompress = false; + unsigned long size; + int ret; + + if (rem == NULL || bufsize == NULL) + return EFI_INVALID_PARAMETER; + + if (boot_policy) + return EFI_UNSUPPORTED; + + // Look for our vendor media device node in the remaining file path + if (rem->type == EFI_DEV_MEDIA && + rem->sub_type == EFI_DEV_MEDIA_VENDOR) { + vendor_dp = container_of(rem, struct efi_vendor_dev_path, header); + if (!guids_eq(&vendor_dp->vendorguid, &LINUX_EFI_ZBOOT_MEDIA_GUID)) + return EFI_NOT_FOUND; + + decompress = true; + rem = (void *)(vendor_dp + 1); + } + + if (rem->type != EFI_DEV_END_PATH || + rem->sub_type != EFI_DEV_END_ENTIRE) + return EFI_NOT_FOUND; + + // The uncompressed size of the payload is appended to the raw bit + // stream, and may therefore appear misaligned in memory + size = decompress ? get_unaligned_le32(_gzdata_end - 4) + : (_gzdata_end - _gzdata_start); + if (buffer == NULL || *bufsize < size) { + *bufsize = size; + return EFI_BUFFER_TOO_SMALL; + } + + if (decompress) { + ret = __decompress(_gzdata_start, _gzdata_end - _gzdata_start, + NULL, NULL, buffer, 0, NULL, error); + if (ret < 0) { + log(L"Decompression failed"); + return EFI_DEVICE_ERROR; + } + } else { + memcpy(buffer, _gzdata_start, size); + } + + return EFI_SUCCESS; +} + +// Return the length in bytes of the device path up to the first end node. +static int device_path_length(const efi_device_path_protocol_t *dp) +{ + int len = 0; + + while (dp->type != EFI_DEV_END_PATH) { + len += dp->length; + dp = (void *)((u8 *)dp + dp->length); + } + return len; +} + +static void append_rel_offset_node(efi_device_path_protocol_t **dp, + unsigned long start, unsigned long end) +{ + struct efi_rel_offset_dev_path *rodp = (void *)*dp; + + rodp->header.type = EFI_DEV_MEDIA; + rodp->header.sub_type = EFI_DEV_MEDIA_REL_OFFSET; + rodp->header.length = sizeof(struct efi_rel_offset_dev_path); + rodp->reserved = 0; + rodp->starting_offset = start; + rodp->ending_offset = end; + + *dp = (void *)(rodp + 1); +} + +static void append_ven_media_node(efi_device_path_protocol_t **dp, + efi_guid_t *guid) +{ + struct efi_vendor_dev_path *vmdp = (void *)*dp; + + vmdp->header.type = EFI_DEV_MEDIA; + vmdp->header.sub_type = EFI_DEV_MEDIA_VENDOR; + vmdp->header.length = sizeof(struct efi_vendor_dev_path); + vmdp->vendorguid = *guid; + + *dp = (void *)(vmdp + 1); +} + +static void append_end_node(efi_device_path_protocol_t **dp) +{ + (*dp)->type = EFI_DEV_END_PATH; + (*dp)->sub_type = EFI_DEV_END_ENTIRE; + (*dp)->length = sizeof(struct efi_generic_dev_path); + + ++*dp; +} + +efi_status_t __efiapi efi_zboot_entry(efi_handle_t handle, + efi_system_table_t *systab) +{ + efi_device_path_protocol_t *parent_dp, *dpp, *lf2_dp, *li_dp; + efi_load_file2_protocol_t zboot_load_file2; + efi_loaded_image_t *parent, *child; + unsigned long exit_data_size; + efi_handle_t child_handle; + efi_handle_t zboot_handle; + efi_char16_t *exit_data; + efi_status_t status; + void *dp_alloc; + int dp_len; + + WRITE_ONCE(efi_system_table, systab); + + free_mem_ptr = (unsigned long)&zboot_heap; + free_mem_end_ptr = free_mem_ptr + sizeof(zboot_heap); + + exit_data = NULL; + exit_data_size = 0; + + status = efi_bs_call(handle_protocol, handle, + &LOADED_IMAGE_PROTOCOL_GUID, (void **)&parent); + if (status != EFI_SUCCESS) { + log(L"Failed to locate parent's loaded image protocol"); + return status; + } + + status = efi_bs_call(handle_protocol, handle, + &LOADED_IMAGE_DEVICE_PATH_PROTOCOL_GUID, + (void **)&parent_dp); + if (status != EFI_SUCCESS) { + log(L"Failed to locate parent's loaded image device path protocol"); + return status; + } + + // Allocate some pool memory for device path protocol data + dp_len = parent_dp ? device_path_length(parent_dp) : 0; + status = efi_bs_call(allocate_pool, EFI_LOADER_DATA, + 2 * (dp_len + sizeof(struct efi_rel_offset_dev_path) + + sizeof(struct efi_generic_dev_path)) + + sizeof(struct efi_vendor_dev_path), + (void **)&dp_alloc); + if (status != EFI_SUCCESS) { + log(L"Failed to allocate device path pool memory"); + return status; + } + + // Create a device path describing the compressed payload in this image + // <...parent_dp...>/Offset(, ) + lf2_dp = memcpy(dp_alloc, parent_dp, dp_len); + dpp = (void *)((u8 *)lf2_dp + dp_len); + append_rel_offset_node(&dpp, + (unsigned long)(_gzdata_start - efi_zboot_header), + (unsigned long)(_gzdata_end - efi_zboot_header - 1)); + append_end_node(&dpp); + + // Create a device path describing the decompressed payload in this image + // <...parent_dp...>/Offset(, )/VenMedia(ZBOOT_MEDIA_GUID) + dp_len += sizeof(struct efi_rel_offset_dev_path); + li_dp = memcpy(dpp, lf2_dp, dp_len); + dpp = (void *)((u8 *)li_dp + dp_len); + append_ven_media_node(&dpp, &LINUX_EFI_ZBOOT_MEDIA_GUID); + append_end_node(&dpp); + + zboot_handle = NULL; + zboot_load_file2.load_file = load_file; + status = efi_bs_call(install_multiple_protocol_interfaces, + &zboot_handle, + &EFI_DEVICE_PATH_PROTOCOL_GUID, lf2_dp, + &EFI_LOAD_FILE2_PROTOCOL_GUID, &zboot_load_file2, + NULL); + if (status != EFI_SUCCESS) { + log(L"Failed to install LoadFile2 protocol and device path"); + goto free_dpalloc; + } + + status = efi_bs_call(load_image, false, handle, li_dp, NULL, 0, + &child_handle); + if (status != EFI_SUCCESS) { + log(L"Failed to load image"); + goto uninstall_lf2; + } + + status = efi_bs_call(handle_protocol, child_handle, + &LOADED_IMAGE_PROTOCOL_GUID, (void **)&child); + if (status != EFI_SUCCESS) { + log(L"Failed to locate child's loaded image protocol"); + goto unload_image; + } + + // Copy the kernel command line + child->load_options = parent->load_options; + child->load_options_size = parent->load_options_size; + + status = efi_bs_call(start_image, child_handle, &exit_data_size, + &exit_data); + if (status != EFI_SUCCESS) { + log(L"StartImage() returned with error"); + if (exit_data_size > 0) + log(exit_data); + + // If StartImage() returns EFI_SECURITY_VIOLATION, the image is + // not unloaded so we need to do it by hand. + if (status == EFI_SECURITY_VIOLATION) +unload_image: + efi_bs_call(unload_image, child_handle); + } + +uninstall_lf2: + efi_bs_call(uninstall_multiple_protocol_interfaces, + zboot_handle, + &EFI_DEVICE_PATH_PROTOCOL_GUID, lf2_dp, + &EFI_LOAD_FILE2_PROTOCOL_GUID, &zboot_load_file2, + NULL); + +free_dpalloc: + efi_bs_call(free_pool, dp_alloc); + + efi_bs_call(exit, handle, status, exit_data_size, exit_data); + + // Free ExitData in case Exit() returned with a failure code, + // but return the original status code. + log(L"Exit() returned with failure code"); + if (exit_data != NULL) + efi_bs_call(free_pool, exit_data); + return status; +} diff --git a/drivers/firmware/efi/libstub/zboot.lds b/drivers/firmware/efi/libstub/zboot.lds new file mode 100644 index 000000000000..509996988a9b --- /dev/null +++ b/drivers/firmware/efi/libstub/zboot.lds @@ -0,0 +1,41 @@ +/* SPDX-License-Identifier: GPL-2.0 */ + +ENTRY(__efistub_efi_zboot_header); + +SECTIONS +{ + .text : ALIGN(4096) { + *(.head) + *(.text* .init.text*) + } + + .rodata : ALIGN(8) { + __efistub__gzdata_start = .; + *(.gzdata) + __efistub__gzdata_end = .; + *(.rodata* .init.rodata* .srodata*) + _etext = ALIGN(4096); + . = _etext; + } + + .data : ALIGN(4096) { + *(.data* .init.data*) + _edata = ALIGN(512); + . = _edata; + } + + .bss : { + *(.bss* .init.bss*) + _end = ALIGN(512); + . = _end; + } + + /DISCARD/ : { + *(.modinfo .init.modinfo) + } +} + +PROVIDE(__efistub__gzdata_size = ABSOLUTE(. - __efistub__gzdata_start)); + +PROVIDE(__data_rawsize = ABSOLUTE(_edata - _etext)); +PROVIDE(__data_size = ABSOLUTE(_end - _etext)); diff --git a/include/linux/efi.h b/include/linux/efi.h index af90f7989f80..5efc3105f8e0 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -411,6 +411,7 @@ void efi_native_runtime_setup(void); #define LINUX_EFI_TPM_FINAL_LOG_GUID EFI_GUID(0x1e2ed096, 0x30e2, 0x4254, 0xbd, 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25) #define LINUX_EFI_MEMRESERVE_TABLE_GUID EFI_GUID(0x888eb0c6, 0x8ede, 0x4ff5, 0xa8, 0xf0, 0x9a, 0xee, 0x5c, 0xb9, 0x77, 0xc2) #define LINUX_EFI_INITRD_MEDIA_GUID EFI_GUID(0x5568e427, 0x68fc, 0x4f3d, 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68) +#define LINUX_EFI_ZBOOT_MEDIA_GUID EFI_GUID(0xe565a30d, 0x47da, 0x4dbd, 0xb3, 0x54, 0x9b, 0xb5, 0xc8, 0x4f, 0x8b, 0xe2) #define LINUX_EFI_MOK_VARIABLE_TABLE_GUID EFI_GUID(0xc451ed2b, 0x9694, 0x45d3, 0xba, 0xba, 0xed, 0x9f, 0x89, 0x88, 0xa3, 0x89) #define LINUX_EFI_COCO_SECRET_AREA_GUID EFI_GUID(0xadf956ad, 0xe98c, 0x484c, 0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47) From patchwork Sat Aug 27 08:38:47 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 600632 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id D41BFC0502C for ; Sat, 27 Aug 2022 08:39:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232916AbiH0Ijd (ORCPT ); Sat, 27 Aug 2022 04:39:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38692 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232926AbiH0Ijc (ORCPT ); Sat, 27 Aug 2022 04:39:32 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8BD3FC00D9 for ; Sat, 27 Aug 2022 01:39:31 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 20C45614A1 for ; Sat, 27 Aug 2022 08:39:31 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7A68EC433C1; Sat, 27 Aug 2022 08:39:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589570; bh=Eq+AYyhYBLXAd6lHX+27+KiKJAceoIJ7udLauirDVm4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=qIb31Sk/CrBelE/Z96Kb86gTEJ2YkV+piBE9tmu7ebpchJqFMIz6iH8jEEaVhFhdM hiyFKOvg/3cmeQ0nGXB4kbZ82O8Sf6ufJ+cekry6VUGn8SMLHPJuV3f5YXme3chjhX 6LX23WlbPYkV7ONm7ODimpn2k2eldZitKMVjycHG2wz6PsoNspeh7rq5u+uRlmhYlt n3TIMaFesQcQwTX3ZxYcNIDpTQVxpj8kNoUWNg+eyTVeGase4LnsO0eg6p7Pnycvrz 8aJEeUyIw3m0PGC/WlzEv/GpXUiGp2kZXrWnah2+V3YX+HGhJuYBzZ9wDQaQV7m5C2 628f8OJFpm5pA== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 6/9] arm64: efi: enable generic EFI compressed boot Date: Sat, 27 Aug 2022 10:38:47 +0200 Message-Id: <20220827083850.2702465-7-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1195; i=ardb@kernel.org; h=from:subject; bh=Eq+AYyhYBLXAd6lHX+27+KiKJAceoIJ7udLauirDVm4=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgUHKzcRzzsKLzEv2X1UzN/Gi7UMpaozCkoJnra gRq70zuJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYFAAKCRDDTyI5ktmPJBpXC/ 4uVi7DFgWEjhdO4ee7TmWJ5MltpNdO1L1gpamn2XkpD7O8blENDdeNThgb4Ro4VBfIhF6NRgtRDnns RwkhK/d31oac37vNCYZcqGns5yFgQOE3K6jLb2cJW1fOtfHkQevrhb0giqd+QLDq9G2wf3pKFaPQoL 1hzYeYLsqJgw+Cn/SoUlIsFnXUe5zDvKjuzyqeZAWBysCzzD8bytVQqLUnxxlENkbQwDG25T98xwcw hfgKbweRi1UzWYPK1YtuURhidM87AKkmk2TUZWUwPppb2Wj3HxlolEDgcdh7p3AxzbRqnuTtEKj5+x 8j2wtNbRQCOQ5NqCAt+L2QeI0abk39ma62ZFV/bkzUJM3WegP0ugmb4Nna5xX1rf9s8k4UP5tnYO7a n49h/ba4nqRT8+InV847+uLGJNsT91A4ZbrNFprZxQNH0DGMK7HEdnIVsehSutKyOTmyluhBntRHCy 6Pivi59HrtQcCncZ8CVqCYwiQqoYfZsr6w1CNY95EVSbw= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Wire up the generic EFI zboot support for arm64. Signed-off-by: Ard Biesheuvel --- arch/arm64/Makefile | 4 ++-- arch/arm64/boot/Makefile | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 6d9d4a58b898..92676ccc6363 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -153,10 +153,10 @@ libs-$(CONFIG_EFI_STUB) += $(objtree)/drivers/firmware/efi/libstub/lib.a boot := arch/arm64/boot KBUILD_IMAGE := $(boot)/Image.gz -all: Image.gz +all: $(notdir $(KBUILD_IMAGE)) -Image: vmlinux +Image vmlinuz.efi: vmlinux $(Q)$(MAKE) $(build)=$(boot) $(boot)/$@ Image.%: Image diff --git a/arch/arm64/boot/Makefile b/arch/arm64/boot/Makefile index a0e3dedd2883..c65aee088410 100644 --- a/arch/arm64/boot/Makefile +++ b/arch/arm64/boot/Makefile @@ -38,3 +38,9 @@ $(obj)/Image.lzo: $(obj)/Image FORCE $(obj)/Image.zst: $(obj)/Image FORCE $(call if_changed,zstd) + +EFI_ZBOOT_PAYLOAD := Image +EFI_ZBOOT_BFD_TARGET := elf64-littleaarch64 +EFI_ZBOOT_MACH_TYPE := ARM64 + +include $(srctree)/drivers/firmware/efi/libstub/Makefile.zboot From patchwork Sat Aug 27 08:38:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 601275 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 95C46C0502C for ; Sat, 27 Aug 2022 08:39:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232926AbiH0Ijg (ORCPT ); Sat, 27 Aug 2022 04:39:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38724 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232934AbiH0Ijg (ORCPT ); Sat, 27 Aug 2022 04:39:36 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E14ABCCE2 for ; Sat, 27 Aug 2022 01:39:35 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 9CAA5614A1 for ; Sat, 27 Aug 2022 08:39:34 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F2B07C433B5; Sat, 27 Aug 2022 08:39:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589574; bh=dXr2U4KNSvu9NXXzFFvAEerp4KLDWPpQp4G37Yrxduw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=oPdn8FnqntrJqRqTxyWOjgPp4RAoFxTRZIM7Stmbmy7TG03se4wSgAmAGBhPAS3+Z CsDnd0n3xCf4AaPa/eK2H2AAqyMxPZ9gl2GnhrMAKLfnYUKUCNxjuEIjRR59kfuZWe 324fHa1yJ1Ylroy26I5wL6+5RDreB/6O9U5i/6ScERuUl0vQA9GJG76hlPls0PNIV0 zjRfAT8vJdcC/CdMOag/E41A/RYri1FFRF4EykceN8hhDO1AiFC1zHMduRL3QkbS4H eBshooLB2iaGYcKTutm6Y+BiwE1HgQElH70Ixy8TArJFx+ib+5dnswZKp5pjC976G+ noW6/AfHxURuQ== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 7/9] riscv: efi: enable generic EFI compressed boot Date: Sat, 27 Aug 2022 10:38:48 +0200 Message-Id: <20220827083850.2702465-8-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1131; i=ardb@kernel.org; h=from:subject; bh=dXr2U4KNSvu9NXXzFFvAEerp4KLDWPpQp4G37Yrxduw=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgWh5IRWHOtFI19PpFhvvLHNKFanNQWcGMnMThJ 0OvUFrqJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYFgAKCRDDTyI5ktmPJEdnC/ 9OvNdYvgsaAlP8LRNNGrodPGp87HcG7Y9/QumXH2AzAbUAu8yDrA8HEzNQ1iBVMvMpoSkpuORsraBY 4DKD6WGm1ufL+aC5lRPY0Tjge9MS+h+10JH00n8aNo1UXs5JYgP2Tf/QO1Am4Bex3KiREbaBPhGRHd 8R+E6xPqNTS3K2hsfMYIuRXqdeCkffi7hePdlVd+cfgLd62aRzaFvZKdynhxx9bpGOElMzmPaAyFml vUlDtXZHfjcpjFdY8S6FZKELL6UO5iVCqAcxv4PKWRBCWTOTVuQOSwZz7nRwPxmNKCkG+igeAl+TfR hie58Am1VDKS+/dfSX9LyL7e2C7DO0qjv/gqpw65/iolQj4Tx/rPenlNGgACCypc+uIbofiU8DG599 tu67u2rNdMfIdO47IYUS6zurgJ3juf+zyPBU6ns0kz06elAEpnxeoApBGcmWUN36DNZE+rTMvIvXEu NYL6CENaaIiAGaG9H1sfBlAAGyZPKnbUd+Enh+5UWG9/A= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Wire up the generic EFI zboot support for RISC-V. Signed-off-by: Ard Biesheuvel --- arch/riscv/Makefile | 2 +- arch/riscv/boot/Makefile | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/arch/riscv/Makefile b/arch/riscv/Makefile index 3fa8ef336822..ee9c24db082c 100644 --- a/arch/riscv/Makefile +++ b/arch/riscv/Makefile @@ -139,7 +139,7 @@ else KBUILD_IMAGE := $(boot)/Image.gz endif endif -BOOT_TARGETS := Image Image.gz loader loader.bin xipImage +BOOT_TARGETS := Image Image.gz loader loader.bin xipImage vmlinuz.efi all: $(notdir $(KBUILD_IMAGE)) diff --git a/arch/riscv/boot/Makefile b/arch/riscv/boot/Makefile index becd0621071c..d1a49adcb1d7 100644 --- a/arch/riscv/boot/Makefile +++ b/arch/riscv/boot/Makefile @@ -58,3 +58,9 @@ $(obj)/Image.lzo: $(obj)/Image FORCE $(obj)/loader.bin: $(obj)/loader FORCE $(call if_changed,objcopy) + +EFI_ZBOOT_PAYLOAD := Image +EFI_ZBOOT_BFD_TARGET := elf$(BITS)-littleriscv +EFI_ZBOOT_MACH_TYPE := RISCV$(BITS) + +include $(srctree)/drivers/firmware/efi/libstub/Makefile.zboot From patchwork Sat Aug 27 08:38:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 600631 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9C49AECAAD2 for ; Sat, 27 Aug 2022 08:39:42 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232911AbiH0Ijl (ORCPT ); Sat, 27 Aug 2022 04:39:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38750 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232934AbiH0Ijk (ORCPT ); Sat, 27 Aug 2022 04:39:40 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 15791C00D9 for ; Sat, 27 Aug 2022 01:39:40 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id BF6E8B80E6F for ; Sat, 27 Aug 2022 08:39:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 76C3EC433D7; Sat, 27 Aug 2022 08:39:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589577; bh=JJ62mwQRKOhojwaa2WD+JELwQTszUIIRFMzYE6TT7q0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WG13pKz8qHZhdYtiYQAlF/xMtBO136Axd3jClNCDrE1ITrM9o3tLTS9WhIHO0rjJx /aal7XELnlXsDYxCKmBa5jAH3eGEqxgJlLAfStf8e07Mel0JcxVOFQh/WxA3c1lVAo KElkEx8lqgP1E1PxRCEiJWlmE+YaDTRCajccwY5UaNQWgJL0b5XX4hs17HYQU/Gpxh ZEQ9gnI1gfLl6fI+/KJH69HUQkPnSWSQNznwSZDiCnetuP6N3BpZSR/wlEEuWxXhYY to9BrJnD7Y1re7Lfzc4y9djkQ2ZvkH1dVGUhF4Xz46xSAt9vDRYNgoEFX6D1mlM+ox jK/y7JzzY05iQ== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 8/9] loongarch: avoid orphan input sections Date: Sat, 27 Aug 2022 10:38:49 +0200 Message-Id: <20220827083850.2702465-9-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1261; i=ardb@kernel.org; h=from:subject; bh=JJ62mwQRKOhojwaa2WD+JELwQTszUIIRFMzYE6TT7q0=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgY/W0kg4XKg0dra/guhX0FcEV61muFkzdpmVKs mAUwR7GJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYGAAKCRDDTyI5ktmPJFa6C/ 9HYuy4CqWxM53SqNFHF+plJs4f/acUcqTQ45qKRPhTxS7mo12bma9v0Zc/hnnqomUHpmay7XzRdYyD BjcjT11dhpDmN/EvvAQvBZcRFbkx3dayppjVFnCqZokxuam/xnYWUzF1tdJoB5x+b3STIj0ci2bsCL tak96eO6KYxx3iczavU2Q+HLjEDNpHTg7DCi9Gm/gJEKi8WyBp8844xHqsyPzOlJhKSSu/pGN2jJJA v5EQ8GyKZ8a0PdgfHd0L33AxwilCA5kVwDnLsdpzoPD1xfudSA7j54QAhNw6fmqTm4bfhEG00qO0as x29Ps3kVBQLG3/2+8s3jxPFv+QPWVFnWQD64IrQOFsdgFQl57anp5BXPuN9mfpeprBvLCstG/VXj5v NLko79AVOVQlipWHAumqEz3EZ6oe6PldGy2GirkHerbftNwTV9h1U0yjQU9S4ozWfnR931l6fYkBDL pNn3RruNecffPip2Io2E7K34+efFFXoxx1R8UJHGW9dbE= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Ensure that all input sections are listed explicitly in the linker script, and issue a warning otherwise. This ensures that the binary image matches the PE/COFF and other image metadata exactly, which is important for things like code signing. Signed-off-by: Ard Biesheuvel --- arch/loongarch/Kconfig | 1 + arch/loongarch/kernel/vmlinux.lds.S | 2 ++ 2 files changed, 3 insertions(+) diff --git a/arch/loongarch/Kconfig b/arch/loongarch/Kconfig index fca106a8b8af..407502da4335 100644 --- a/arch/loongarch/Kconfig +++ b/arch/loongarch/Kconfig @@ -51,6 +51,7 @@ config LOONGARCH select ARCH_USE_CMPXCHG_LOCKREF select ARCH_USE_QUEUED_RWLOCKS select ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT + select ARCH_WANT_LD_ORPHAN_WARN select ARCH_WANTS_NO_INSTR select BUILDTIME_TABLE_SORT select COMMON_CLK diff --git a/arch/loongarch/kernel/vmlinux.lds.S b/arch/loongarch/kernel/vmlinux.lds.S index 36d042739f3c..17d33308dfba 100644 --- a/arch/loongarch/kernel/vmlinux.lds.S +++ b/arch/loongarch/kernel/vmlinux.lds.S @@ -74,6 +74,8 @@ SECTIONS EXIT_DATA } + .rela.dyn : { *(.rela.dyn) *(.rela*) } + #ifdef CONFIG_SMP PERCPU_SECTION(1 << CONFIG_L1_CACHE_SHIFT) #endif From patchwork Sat Aug 27 08:38:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 601274 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BE9AECAAD2 for ; Sat, 27 Aug 2022 08:39:48 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231216AbiH0Ijq (ORCPT ); Sat, 27 Aug 2022 04:39:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230499AbiH0Ijp (ORCPT ); Sat, 27 Aug 2022 04:39:45 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CDED4C00DE for ; Sat, 27 Aug 2022 01:39:43 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 4E893B80E6F for ; Sat, 27 Aug 2022 08:39:42 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id F1A06C433C1; Sat, 27 Aug 2022 08:39:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1661589581; bh=sH6dY5v0mM/ic1eNT4y8rVIIH57brMb+dlbN5USUsGw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ilB/TiCHlYrccfH4ftOVIZyiQ1R4GuB6Zzj6V62nI1cFvZJjbZ2BrxizvtUuJSWv2 qv69idXKo0XHBOi90VDTVQ+4eVUmnz+ku+am34CD92RaR/FAf3+ezOpaKSTehKLxv7 bD/5rmLfjmr3xb1mN1/jYzvsTWb15YC1TKMHDU7ha6IziH5rx1e72bFOySV481c9fs 2sTMhbSYsMLduGZAsl2/Hr1oSlMRENTyPnURmh0tWi2hH235YiMgtdtwjgVwDIeS0o pdmgn3KisTuZHfCO2YWE3okS5y6Ui+bst1oUJBEMVihKMSM3umYa+8Phveb53ikDo3 q131HO9kP+VKQ== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , "James E.J. Bottomley" , Matthew Garrett , Peter Jones , Ilias Apalodimas , Heinrich Schuchardt , AKASHI Takahiro , Palmer Dabbelt , Atish Patra , Arnd Bergmann , Huacai Chen , Xi Ruoyao , Lennart Poettering , Jeremy Linton Subject: [PATCH v4 9/9] loongarch: efi: enable generic EFI compressed boot Date: Sat, 27 Aug 2022 10:38:50 +0200 Message-Id: <20220827083850.2702465-10-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220827083850.2702465-1-ardb@kernel.org> References: <20220827083850.2702465-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1174; i=ardb@kernel.org; h=from:subject; bh=sH6dY5v0mM/ic1eNT4y8rVIIH57brMb+dlbN5USUsGw=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjCdgZe58oCT+uliiLX0A73mYuVZIQDkhOOxyhxeYb GFHXPeyJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCYwnYGQAKCRDDTyI5ktmPJGSiC/ 4ndYoo9PleCRNDXglXythl1gKZCj5w9cQPak/RFMXLJvfXzmSkSqVqDWGTb7RMtpYDp5+2yD6kenF8 /GM7ua2KKAQK+V3kLO05uiCLzQk4sh8JNSg2VbRtwCBh3HFujB5/V9PiHgC2JFeX/p2qs1YzXVQCHH 43v9SfXfeDFTbyD0XUuDXmNzen2umTBZYT1TbxWg6R23U91qU5V2R9YhPTUwkSWxlJcDSzKS6QFw1J wgI+0uEC51slTzJ1h7uUWhthwei7+n+n+jfI6Kg+tCFlQQ8NiuWv8y4bbsiv3dnnP0glE71pxdlPqd bb8R0hO8RJwCruCl+IPOJA0JUunDBtR9FBMFyb58VNIKcChL/LAAcC1Nr0plhfwPoG9gXAW6eUxbZR ebL5ivdXrV39fHRZxY68CNQvFdWq7a4XnRtxeWAPu9VYkqHMjao1CafQbgxWJOVq/8LphAdv1r/xfx oaiGoDJUzVDzIjTq3cy6DJH/mfWcjt9cwHebdga0w/4v0= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Wire up the generic EFI zboot support for LoongArch64 Signed-off-by: Ard Biesheuvel --- arch/loongarch/Makefile | 2 +- arch/loongarch/boot/Makefile | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/arch/loongarch/Makefile b/arch/loongarch/Makefile index 4bc47f47cfd8..7051a95f7f31 100644 --- a/arch/loongarch/Makefile +++ b/arch/loongarch/Makefile @@ -93,7 +93,7 @@ vdso_install: all: $(notdir $(KBUILD_IMAGE)) -vmlinux.elf vmlinux.efi: vmlinux +vmlinux.elf vmlinux.efi vmlinuz.efi: vmlinux $(Q)$(MAKE) $(build)=$(boot) $(bootvars-y) $(boot)/$@ install: diff --git a/arch/loongarch/boot/Makefile b/arch/loongarch/boot/Makefile index fecf34f50e56..4e1c374c5782 100644 --- a/arch/loongarch/boot/Makefile +++ b/arch/loongarch/boot/Makefile @@ -18,3 +18,9 @@ $(obj)/vmlinux.elf: vmlinux FORCE targets += vmlinux.efi $(obj)/vmlinux.efi: vmlinux FORCE $(call if_changed,objcopy) + +EFI_ZBOOT_PAYLOAD := vmlinux.efi +EFI_ZBOOT_BFD_TARGET := elf64-loongarch +EFI_ZBOOT_MACH_TYPE := LOONGARCH64 + +include $(srctree)/drivers/firmware/efi/libstub/Makefile.zboot