From patchwork Tue Nov 22 16:10:01 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627788 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09701C4332F for ; Tue, 22 Nov 2022 16:10:47 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234173AbiKVQKn (ORCPT ); Tue, 22 Nov 2022 11:10:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42406 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234186AbiKVQKi (ORCPT ); Tue, 22 Nov 2022 11:10:38 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA9AD73421; Tue, 22 Nov 2022 08:10:37 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 6E2B1B81C12; Tue, 22 Nov 2022 16:10:36 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4FF16C433C1; Tue, 22 Nov 2022 16:10:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133435; bh=wDRs75zTAHjH3XwxSS7HuA7vyVpCwR1hlLp7hTGnUFQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Haz5xahkdshlBU/tRr1O4ZnSpYOxX3bxkfza8v1TsQcZ4lMCI9qJ1KM8Lb3FAGcJQ o0RkclgkoVbumV79RLi3iVyHmRbhfQHailej8zQhhfrdqFm1FTmB3o5+kZ51nayvu8 n2aqgIzHAtrDbSEOvSAvmBDa369Ctdd9h9inzeP46OsDo3cZYJxiICuXm7uciseWlB /TLgPGpfJdaifs0CXoGJSzaLzIE9UGda4T4dP1+O9DkO9Yk+q60zWOXWrxV6sw8uUg oNz7Nu4bp8Uanr83MiA7vUjNzQe03ZpY6/pDJvzf1SqR0z997M3rPB4KeXaMUfViIm xOBxti+UdhdTQ== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 01/17] x86/compressed: efi-mixed: rename efi_thunk_64.S to efi-mixed.S Date: Tue, 22 Nov 2022 17:10:01 +0100 Message-Id: <20221122161017.2426828-2-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1576; i=ardb@kernel.org; h=from:subject; bh=wDRs75zTAHjH3XwxSS7HuA7vyVpCwR1hlLp7hTGnUFQ=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRP2cVMH4lvpZYQzGmsO4SCnQ5TYAbG9swSZYuk aYpQndyJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0TwAKCRDDTyI5ktmPJF6UC/ 9BDabprUrkL/8MHA1NYfeEFcxm0F80tRYJR18ArKn7XZL1lIaI7H8gIjlDpkkMwVhnLz6l0H+1cGkl RjuLYE0Mw1g4+mqc+vfhiFxwcR4NxL8KH62C1+MjiF1oe7LoTnDWwB1dB01FA4pwJVfLGbwQ+pm4Rt /XJVU/Y1xczQvY6SjM2B1ZkOA8z8b9G3pwSFiqgKXAdfyX6MJ5A6bdfkhnjJafN74SlbIIYu/DS5LL lIO6xlfBUuz6vmdKgak9m2bN/Z2caFUj2+RtaZepIAEeFbmKgEsEeGfAPpA3J8Gjho+YpmF2Pswyhk i0HlZD9bYErdUa3BP3gbBG0iaDLFq/j1q4zX041vJdzt6eT8OYIlRcYRufTmdzHgNefkNEgV0aT/u4 1vcuyzeh5e5yGxB0h7To97JEJferfJwy1bM54Kh3Vypin+jRc3uqVOaYvLIkuzKPeHjyyJ7TKJhpgO ZXwKwZRWiktn+JJbmig4mlt6PuSmJf5rfEnoWzTo69tU0= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org In preparation for moving the mixed mode specific code out of head_64.S, rename the existing file to clarify that it contains more than just the mixed mode thunk. While at it, clean up the Makefile rules that add it to the build. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/Makefile | 6 +++--- arch/x86/boot/compressed/{efi_thunk_64.S => efi_mixed.S} | 0 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index 3a261abb6d158d62..cd1a6295b957ea1d 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -108,11 +108,11 @@ endif vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o vmlinux-objs-$(CONFIG_INTEL_TDX_GUEST) += $(obj)/tdx.o $(obj)/tdcall.o -vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o vmlinux-objs-$(CONFIG_EFI) += $(obj)/efi.o -efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a +vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_mixed.o +vmlinux-objs-$(CONFIG_EFI_STUB) += $(objtree)/drivers/firmware/efi/libstub/lib.a -$(obj)/vmlinux: $(vmlinux-objs-y) $(efi-obj-y) FORCE +$(obj)/vmlinux: $(vmlinux-objs-y) FORCE $(call if_changed,ld) OBJCOPYFLAGS_vmlinux.bin := -R .comment -S diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_mixed.S similarity index 100% rename from arch/x86/boot/compressed/efi_thunk_64.S rename to arch/x86/boot/compressed/efi_mixed.S From patchwork Tue Nov 22 16:10:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627787 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5959C4332F for ; Tue, 22 Nov 2022 16:10:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233935AbiKVQKs (ORCPT ); Tue, 22 Nov 2022 11:10:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42398 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234100AbiKVQKl (ORCPT ); Tue, 22 Nov 2022 11:10:41 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7A3CC73429; Tue, 22 Nov 2022 08:10:40 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 1787A61791; Tue, 22 Nov 2022 16:10:40 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id BAAD1C433D7; Tue, 22 Nov 2022 16:10:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133439; bh=KfvrPoaWkzJRvf0XbOy9qU26LYABFuWZ+uOX59kfanM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=EK5sUHYbCPyg44a5QEdcfzPTUijM/x+sAhz1052brecEma88JVGdzct71DQVNIMcd S6S0S4NqwvlZylQTyj1eY1w5vC34plwGdN0hy5vl7wzSVf4W1RGcdor+W9bG0F+tgz pWXvaZ8NAJ1Gm2/v42TRqTiT+dmgMLLYZ08PVVZO+/51GmCT6B+jX5xj+6IVsDKMGW VDML93SJ/pB5c8TXzGDO6x+VNkXG52Ss26p7h0w1lUx0+mY3QwZv/LgznxJ0OLyplE mlu8owWhf8yMVKo9XtbT8vIvjpowaqKCu24IpVo9Dm7vq0ssJTE9b3M2gTTnKdkAC8 F/GS9+y5Pi/uA== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 03/17] x86/compressed: efi-mixed: move bootargs parsing out of 32-bit startup code Date: Tue, 22 Nov 2022 17:10:03 +0100 Message-Id: <20221122161017.2426828-4-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4635; i=ardb@kernel.org; h=from:subject; bh=KfvrPoaWkzJRvf0XbOy9qU26LYABFuWZ+uOX59kfanM=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRShXyE1GvhFiSLXTLUcUldPrqnDBDLhfLxB4Aa F9dYrG+JAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0UgAKCRDDTyI5ktmPJDu9C/ 9ESxGwyIL6L1ilqx93mfMCQz6rAjCDYRrhkNB15R9N9XJtfEewGixWk2sE8Nac5z/X1RaXXeIs+6O5 TT7RUk2K9mm3lPDk3Vm8jiR7NVu7xV5ZEX9Cus+3y3v9xmUJArOfr7Lv97nrASuJpNG4BPiwDQjXny 2Zk77aQfOVBc3ryGOXWpArOWKQxQBNUeYwWpRX2iGhg8dG4ufZdEt26dAq1MZYW1N8TlmI7R37jaCT b/pZ93YYFPsiyx9IGE0vqBLoxj1FLighmYq0elMdO4OuEAxiMb8/8bLSJfsFokRttwQZL+jemY5Xg5 VK0TH+CzAhq7joaEm+yCczEd6atxKC1EHzgaLpfikCRkHyi6+XsFpBE55awF1zO9MOFvAYRTMWyKRG bhy+2g6Y60Pvf6ACoy0BUfa2fg7QXou6m+5+ayLvapEtWO2+3pglJps9RiikqccJ/CH2dRaxas/XSi oDV1tZpwsg6paewplofTbvLKpxPjNw5cRWRO2gK9nL/a0= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Move the logic that chooses between the different EFI entrypoints out of the 32-bit boot path, and into a 64-bit helper that can perform the same task much more cleanly. While at it, document the mixed mode boot flow in a code comment. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/efi_mixed.S | 43 ++++++++++++++++++++ arch/x86/boot/compressed/head_64.S | 24 ++--------- 2 files changed, 47 insertions(+), 20 deletions(-) diff --git a/arch/x86/boot/compressed/efi_mixed.S b/arch/x86/boot/compressed/efi_mixed.S index 67e7edcdfea8fa44..58ab2e1ffd92afbc 100644 --- a/arch/x86/boot/compressed/efi_mixed.S +++ b/arch/x86/boot/compressed/efi_mixed.S @@ -22,6 +22,49 @@ .code64 .text +/* + * When booting in 64-bit mode on 32-bit EFI firmware, startup_64_mixed_mode() + * is the first thing that runs after switching to long mode. Depending on + * whether the EFI handover protocol or the compat entry point was used to + * enter the kernel, it will either branch to the 64-bit EFI handover + * entrypoint at offset 0x390 in the image, or to the 64-bit EFI PE/COFF + * entrypoint efi_pe_entry(). In the former case, the bootloader must provide a + * struct bootparams pointer as the third argument, so the presence of such a + * pointer is used to disambiguate. + * + * +--------------+ + * +------------------+ +------------+ +------>| efi_pe_entry | + * | efi32_pe_entry |---->| | | +-----------+--+ + * +------------------+ | | +------+----------------+ | + * | startup_32 |---->| startup_64_mixed_mode | | + * +------------------+ | | +------+----------------+ V + * | efi32_stub_entry |---->| | | +------------------+ + * +------------------+ +------------+ +---->| efi64_stub_entry | + * +-------------+----+ + * +------------+ +----------+ | + * | startup_64 |<----| efi_main |<--------------+ + * +------------+ +----------+ + */ +SYM_FUNC_START(startup_64_mixed_mode) + lea efi32_boot_args(%rip), %rdx + mov 0(%rdx), %edi + mov 4(%rdx), %esi + mov 8(%rdx), %edx // saved bootparams pointer + test %edx, %edx + jnz efi64_stub_entry + /* + * efi_pe_entry uses MS calling convention, which requires 32 bytes of + * shadow space on the stack even if all arguments are passed in + * registers. We also need an additional 8 bytes for the space that + * would be occupied by the return address, and this also results in + * the correct stack alignment for entry. + */ + sub $40, %rsp + mov %rdi, %rcx // MS calling convention + mov %rsi, %rdx + jmp efi_pe_entry +SYM_FUNC_END(startup_64_mixed_mode) + SYM_FUNC_START(__efi64_thunk) push %rbp push %rbx diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 74aaffd22b7425f4..b9dbc8127038c315 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -269,25 +269,9 @@ SYM_FUNC_START(startup_32) */ leal rva(startup_64)(%ebp), %eax #ifdef CONFIG_EFI_MIXED - movl rva(efi32_boot_args)(%ebp), %edi - testl %edi, %edi - jz 1f - leal rva(efi64_stub_entry)(%ebp), %eax - movl rva(efi32_boot_args+4)(%ebp), %esi - movl rva(efi32_boot_args+8)(%ebp), %edx // saved bootparams pointer - testl %edx, %edx - jnz 1f - /* - * efi_pe_entry uses MS calling convention, which requires 32 bytes of - * shadow space on the stack even if all arguments are passed in - * registers. We also need an additional 8 bytes for the space that - * would be occupied by the return address, and this also results in - * the correct stack alignment for entry. - */ - subl $40, %esp - leal rva(efi_pe_entry)(%ebp), %eax - movl %edi, %ecx // MS calling convention - movl %esi, %edx + cmpb $1, rva(efi_is64)(%ebp) + je 1f + leal rva(startup_64_mixed_mode)(%ebp), %eax 1: #endif /* Check if the C-bit position is correct when SEV is active */ @@ -787,7 +771,7 @@ SYM_DATA_END_LABEL(boot32_idt, SYM_L_GLOBAL, boot32_idt_end) SYM_DATA(image_offset, .long 0) #endif #ifdef CONFIG_EFI_MIXED -SYM_DATA_LOCAL(efi32_boot_args, .long 0, 0, 0) +SYM_DATA(efi32_boot_args, .long 0, 0, 0) SYM_DATA(efi_is64, .byte 1) #define ST32_boottime 60 // offsetof(efi_system_table_32_t, boottime) From patchwork Tue Nov 22 16:10:05 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627786 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E6402C43217 for ; Tue, 22 Nov 2022 16:11:10 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234186AbiKVQLJ (ORCPT ); Tue, 22 Nov 2022 11:11:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42400 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234205AbiKVQLD (ORCPT ); Tue, 22 Nov 2022 11:11:03 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 91272742CB; Tue, 22 Nov 2022 08:10:46 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 434A0B81C0D; Tue, 22 Nov 2022 16:10:45 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 31F17C433D7; Tue, 22 Nov 2022 16:10:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133444; bh=tZGzPcZmAcGsWu7+zFKgxe2N03AY23KDGmZFylxg1pw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KasLeOcVIxriQma5aHt7FjrY54w9HG/jfjpYCQAnvLgcRI+e1Ba5vxJqGqJ0+qMAT tSapIi4LRGoSwU1eoFrGhJBoqkqVPqH2ubaNNGPKYm4BQ67oyEGdKeYpVqhkmBVClm vsFwlprf212IYPyfM77CFRXkmTgibgquvD7l996RnsWf8z0eupycBBMNWFDdsYteUy t7jwMqwJdbhELhmePiiuu5zPquyMLuGoiUOWhucjm2MjVEjQ7rQSsdKiHDDtImHd4d oaIZr7hclo/3o5effQ8pODCMLLFNcOJ9JTNGenE5MLkxDwUQVhXFncczZEAbwEKeY4 7YxA0fHYlowwg== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 05/17] x86/compressed: efi-mixed: move efi32_entry out of head_64.S Date: Tue, 22 Nov 2022 17:10:05 +0100 Message-Id: <20221122161017.2426828-6-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=4945; i=ardb@kernel.org; h=from:subject; bh=tZGzPcZmAcGsWu7+zFKgxe2N03AY23KDGmZFylxg1pw=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRVvLVcT2XQ/GHHG/VENjFiTSdl7lZ35vBnkfbI JTrxCIaJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0VQAKCRDDTyI5ktmPJPcCC/ 98FrxNmvlO1mtu+HHPbrIllxlSyVNnVqrA4M+I2uawGhlAMQoGEaFsIo36jghE3ejgPhavycmvjI7e p3zHiALSK8T8ekTwwfGGaK4AcCFcUPjzr25D/ka0lJnMoq7Jtt1qPzft3n7bCo4yGedh5F3rluu8lg u8P8i/S++sq8Mnq3dzF8XHnXogE7V/e1a/P42Q8vKj3sb0DWmKzO3VnirAyTR+1Z+4kB5UEWR5THW+ XAc2uPg8FCLHxonSn7jtECB9mgl8RJdoT/mk77yUC7e9T9kb0TfqyqSjaI029B4hoRHeoQMlVxgPAh PiSXxGzCpPjOWqTFxyTw8Vmiyuh1LLo9A09BJdP3hppk2gHwSCIwkKFg98NupUVZb9hULE9/4fGjDL pDL6pYa+aIvsCbyKtsEnIh/npJNZM31cvLBMpelvgHGsa8GZt+3uzYovwV1tZ2sQXRP62XV6J59E29 32WaILJrHCIsNoeNcAM4XmJRIo84qo9cXxCY2PbUqDyTg= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Move the efi32_entry() routine out of head_64.S and into efi-mixed.S, which reduces clutter in the complicated startup routines. It also permits linkage of some symbols used by code to be made local. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/efi_mixed.S | 57 ++++++++++++++++---- arch/x86/boot/compressed/head_64.S | 45 ---------------- 2 files changed, 47 insertions(+), 55 deletions(-) diff --git a/arch/x86/boot/compressed/efi_mixed.S b/arch/x86/boot/compressed/efi_mixed.S index 58ab2e1ffd92afbc..3487484ac1fd5c6c 100644 --- a/arch/x86/boot/compressed/efi_mixed.S +++ b/arch/x86/boot/compressed/efi_mixed.S @@ -105,7 +105,7 @@ SYM_FUNC_START(__efi64_thunk) /* * Switch to IDT and GDT with 32-bit segments. This is the firmware GDT * and IDT that was installed when the kernel started executing. The - * pointers were saved at the EFI stub entry point in head_64.S. + * pointers were saved by the efi32_entry() routine below. * * Pass the saved DS selector to the 32-bit code, and use far return to * restore the saved CS selector. @@ -217,22 +217,59 @@ SYM_FUNC_START_LOCAL(efi_enter32) lret SYM_FUNC_END(efi_enter32) +/* + * This is the common EFI stub entry point for mixed mode. + * + * Arguments: %ecx image handle + * %edx EFI system table pointer + * %esi struct bootparams pointer (or NULL when not using + * the EFI handover protocol) + * + * Since this is the point of no return for ordinary execution, no registers + * are considered live except for the function parameters. [Note that the EFI + * stub may still exit and return to the firmware using the Exit() EFI boot + * service.] + */ +SYM_FUNC_START(efi32_entry) + call 1f +1: pop %ebx + + /* Save firmware GDTR and code/data selectors */ + sgdtl (efi32_boot_gdt - 1b)(%ebx) + movw %cs, (efi32_boot_cs - 1b)(%ebx) + movw %ds, (efi32_boot_ds - 1b)(%ebx) + + /* Store firmware IDT descriptor */ + sidtl (efi32_boot_idt - 1b)(%ebx) + + /* Store boot arguments */ + leal (efi32_boot_args - 1b)(%ebx), %ebx + movl %ecx, 0(%ebx) + movl %edx, 4(%ebx) + movl %esi, 8(%ebx) + movb $0x0, 12(%ebx) // efi_is64 + + /* Disable paging */ + movl %cr0, %eax + btrl $X86_CR0_PG_BIT, %eax + movl %eax, %cr0 + + jmp startup_32 +SYM_FUNC_END(efi32_entry) + .data .balign 8 -SYM_DATA_START(efi32_boot_gdt) +SYM_DATA_START_LOCAL(efi32_boot_gdt) .word 0 .quad 0 SYM_DATA_END(efi32_boot_gdt) -SYM_DATA_START(efi32_boot_idt) +SYM_DATA_START_LOCAL(efi32_boot_idt) .word 0 .quad 0 SYM_DATA_END(efi32_boot_idt) -SYM_DATA_START(efi32_boot_cs) - .word 0 -SYM_DATA_END(efi32_boot_cs) - -SYM_DATA_START(efi32_boot_ds) - .word 0 -SYM_DATA_END(efi32_boot_ds) +SYM_DATA_LOCAL(efi32_boot_cs, .word 0) +SYM_DATA_LOCAL(efi32_boot_ds, .word 0) +SYM_DATA_LOCAL(efi32_boot_args, .long 0, 0, 0) +SYM_DATA(efi_is64, .byte 1) diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 8192ab1c308567ce..8fa92ce5610e5329 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -297,48 +297,6 @@ SYM_FUNC_START(efi32_stub_entry) popl %esi jmp efi32_entry SYM_FUNC_END(efi32_stub_entry) - - .text -/* - * This is the common EFI stub entry point for mixed mode. - * - * Arguments: %ecx image handle - * %edx EFI system table pointer - * %esi struct bootparams pointer (or NULL when not using - * the EFI handover protocol) - * - * Since this is the point of no return for ordinary execution, no registers - * are considered live except for the function parameters. [Note that the EFI - * stub may still exit and return to the firmware using the Exit() EFI boot - * service.] - */ -SYM_FUNC_START_LOCAL(efi32_entry) - call 1f -1: pop %ebx - - /* Save firmware GDTR and code/data selectors */ - sgdtl (efi32_boot_gdt - 1b)(%ebx) - movw %cs, (efi32_boot_cs - 1b)(%ebx) - movw %ds, (efi32_boot_ds - 1b)(%ebx) - - /* Store firmware IDT descriptor */ - sidtl (efi32_boot_idt - 1b)(%ebx) - - /* Store boot arguments */ - leal (efi32_boot_args - 1b)(%ebx), %ebx - movl %ecx, 0(%ebx) - movl %edx, 4(%ebx) - movl %esi, 8(%ebx) - movb $0x0, 12(%ebx) // efi_is64 - - /* Disable paging */ - movl %cr0, %eax - btrl $X86_CR0_PG_BIT, %eax - movl %eax, %cr0 - - jmp startup_32 -SYM_FUNC_END(efi32_entry) - __HEAD #endif .code64 @@ -771,9 +729,6 @@ SYM_DATA_END_LABEL(boot32_idt, SYM_L_GLOBAL, boot32_idt_end) SYM_DATA(image_offset, .long 0) #endif #ifdef CONFIG_EFI_MIXED -SYM_DATA(efi32_boot_args, .long 0, 0, 0) -SYM_DATA(efi_is64, .byte 1) - #define ST32_boottime 60 // offsetof(efi_system_table_32_t, boottime) #define BS32_handle_protocol 88 // offsetof(efi_boot_services_32_t, handle_protocol) #define LI32_image_base 32 // offsetof(efi_loaded_image_32_t, image_base) From patchwork Tue Nov 22 16:10:07 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627785 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93A3AC433FE for ; Tue, 22 Nov 2022 16:11:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234235AbiKVQLV (ORCPT ); Tue, 22 Nov 2022 11:11:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42616 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234224AbiKVQLF (ORCPT ); Tue, 22 Nov 2022 11:11:05 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1AEED742DA; Tue, 22 Nov 2022 08:10:51 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 988C5B81C10; Tue, 22 Nov 2022 16:10:49 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9C880C433B5; Tue, 22 Nov 2022 16:10:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133448; bh=tOdWUuW+7rgqllOBTMdmkxOryu+AGCsLR6dgpWQteso=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=BiufXI+mj44YUUusTzdntIlg0lRmgwZYJPkPpwLrUsCR8FBC+urQixAow657MZ5QW CefK9ug9CnRFw8SbUFp+/CII3Zge+H426s8CUgwsJoEJ2WDM5xfERDkex3DknWnJXE gcx85eg+sh9YXyyRTcOy+yAf+GjtKhu7kJ1JCe5Bttfb8F18WaSr8nENWtPKqepLLj ykaqG7c8+06m2HVtvxEdHHhKdM3XgitW1YRsswnVjrwHw7n8r6af9kVH3bfkn89KOO TE+3/6tvztwMbs0DycWr500DEizlVVgMpz1rh5csu5nasd2MscRDD/MPeLlbomsj2g /QL8HHe7ziJbg== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 07/17] x86/compressed: efi: merge multiple definitions of image_offset into one Date: Tue, 22 Nov 2022 17:10:07 +0100 Message-Id: <20221122161017.2426828-8-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1868; i=ardb@kernel.org; h=from:subject; bh=tOdWUuW+7rgqllOBTMdmkxOryu+AGCsLR6dgpWQteso=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRYC6Q2FjOROO3g/kYMKd+j9GKGxB5vZLG55iXf a8HbgceJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0WAAKCRDDTyI5ktmPJMJoC/ 9tRpz6EuotfivDhIcQDtygpLQicCtE3UjIExGFiK0FyZ9yappBSj+HZXMRE7UK2j9VvkxNB+6fubLx HPXGIWaFPass4WDoo+RPCJjtrMhyQ8o+Tvaf9BglY981Bikni+FdPVomUa2FVTmWeitHLY2EjyldVb HM+gMQFyFwbssI85/Hhm7RiLr6BF6Qo47Dj2rvrOfzVgnMYy4q44RZJ9lGfNIzZhkRB9lndQC7ksb+ 6u5UbObuRQh20g+49oLscw8CybFdLj7T8k1AHX5Wv3W7/rFl5z1qU1hT61bwXglm82elPDhxqvekXM PzK0lnEWOBzXn1jCC6T77I64FUQPiP6DGyaWJ3TJ82VACxjBoBTOK8dw+CeYdA2KGRC6rOkX/SaXaQ pkq9Cg00EY8HinC+0SWf3PJgOnTVEXQ/az5HRkUhbFNhdV/Jx5WxKPOFkHjlk3v0GjGfNS2anD++Rc XukCkruMnp+ffXQlSPydA036uiPwNKmvXkPKMax5kjc7A= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org There is no need for head_32.S and head_64.S both declaring a copy of the globale 'image_offset' variable, so drop those and make the extern C declaration the definition. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/head_32.S | 4 ---- arch/x86/boot/compressed/head_64.S | 4 ---- drivers/firmware/efi/libstub/x86-stub.c | 2 +- 3 files changed, 1 insertion(+), 9 deletions(-) diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S index 3b354eb9516df416..6589ddd4cfaf2cb6 100644 --- a/arch/x86/boot/compressed/head_32.S +++ b/arch/x86/boot/compressed/head_32.S @@ -208,10 +208,6 @@ SYM_DATA_START_LOCAL(gdt) .quad 0x00cf92000000ffff /* __KERNEL_DS */ SYM_DATA_END_LABEL(gdt, SYM_L_LOCAL, gdt_end) -#ifdef CONFIG_EFI_STUB -SYM_DATA(image_offset, .long 0) -#endif - /* * Stack and heap for uncompression */ diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 987f0a3c284fad43..66ad3ab802ca9d0c 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -726,10 +726,6 @@ SYM_DATA_START(boot32_idt) SYM_DATA_END_LABEL(boot32_idt, SYM_L_GLOBAL, boot32_idt_end) #endif -#ifdef CONFIG_EFI_STUB -SYM_DATA(image_offset, .long 0) -#endif - #ifdef CONFIG_AMD_MEM_ENCRYPT __HEAD .code32 diff --git a/drivers/firmware/efi/libstub/x86-stub.c b/drivers/firmware/efi/libstub/x86-stub.c index 33a7811e12c65642..cb5f0befee57d2ec 100644 --- a/drivers/firmware/efi/libstub/x86-stub.c +++ b/drivers/firmware/efi/libstub/x86-stub.c @@ -23,7 +23,7 @@ const efi_system_table_t *efi_system_table; const efi_dxe_services_table_t *efi_dxe_table; -extern u32 image_offset; +u32 image_offset; static efi_loaded_image_t *image = NULL; static efi_status_t From patchwork Tue Nov 22 16:10:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627784 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 65936C4332F for ; Tue, 22 Nov 2022 16:11:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234253AbiKVQLg (ORCPT ); Tue, 22 Nov 2022 11:11:36 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43106 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234252AbiKVQLG (ORCPT ); Tue, 22 Nov 2022 11:11:06 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D0B7A742FA; Tue, 22 Nov 2022 08:10:53 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 69CDE61740; Tue, 22 Nov 2022 16:10:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 13562C4347C; Tue, 22 Nov 2022 16:10:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133452; bh=ZQv9+X1iJK9wCaH0UdAvPwmkreYOyHzQ5yoM8JDBf4A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rP8QYEhs/Yv0vTP+DydzJhp++6EoqkR+xXkXY9SUY5zVuPKW1OBmTPtU0HKQx9RfQ l8QCamavVEscgs9v9wyLMTuoMUeqMnoayuFBcYlKI15qaAyZD15DJlYJJxqlTmRr7N 1N2iMl0xAskzGmrLhzq7+E3uyNBBy9aP6jve3ps7wf3SB1xOHQDIBLrxAlQ8bKSd9+ Ggt/pt5ISA0QROeCTn4ygrZ8dAs1BNJlchPnuhJsFVAPD6fsUSLnpOGBgV5wMT0thI WD/d367a/gVrSUGleowaH3aEm3ohjc2xSP/Hkagm+Fh2D/AR+Obbvtrj9EFve4I9Xv DXcMAPhz2tPiQ== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 09/17] x86/compressed: avoid touching ECX in startup32_set_idt_entry() Date: Tue, 22 Nov 2022 17:10:09 +0100 Message-Id: <20221122161017.2426828-10-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1572; i=ardb@kernel.org; h=from:subject; bh=ZQv9+X1iJK9wCaH0UdAvPwmkreYOyHzQ5yoM8JDBf4A=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRbNOEMtTo47vx2jAN2Z59KRsBmjvCYdb205ac7 Cv/CzdaJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0WwAKCRDDTyI5ktmPJMBhC/ 9YvZjPjTtVifhaj3PVkOErn74GJ54+p0Yk1QiI2OSd+mr6sNcibNqgldEtqhOUXOpWxoNUld2Na7sx TbCsuvenJqmE6G3NX3B/qpnikHYnLm9vjgoZPxIgGFkBA5iIf9WF3wY3kl/31Pw7XkGoFFGyXODjs0 tWeAVgmWJE5S0RQodZ6fQUuESapXpwcobXuJUslwDqhgtUMKm8o9itj+FCEb1XuWU98LzzMJFLa48D Yek7l/df2rVTYUcybGjCVVBqqUMoAeoU6/5oQRTW9k7OmccRfXY1KimPLtujCGYwdD4mVjGHyWxnZP o3szwaE70Fp6vDbxvjLslV4Z0yadrsVJu/O9EdMLpSwuT3AFi3T505Vv0EcN97T59J2rRWDnKUr/AC L9EvMhOsePPNQo7NdixlnvUVCjR1D9gdTQ+tyejktKrDnL2pX41YPpeq6f8Zu7yJ1mX+efsXDluYz8 cbNV+G80miTg9qaZX2m3WE9CTqQsGRBr2xpwCkI0d8Mf0= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Avoid touching register %ecx in startup32_set_idt_entry(), by folding the MOV, SHL and ORL instructions into a single ORL which no longer requires a temp register. This permits ECX to be used as a function argument in a subsequent patch. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/head_64.S | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 66ad3ab802ca9d0c..f31277f455e63f5f 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -741,7 +741,6 @@ SYM_DATA_END_LABEL(boot32_idt, SYM_L_GLOBAL, boot32_idt_end) */ SYM_FUNC_START(startup32_set_idt_entry) push %ebx - push %ecx /* IDT entry address to %ebx */ leal rva(boot32_idt)(%ebp), %ebx @@ -750,10 +749,8 @@ SYM_FUNC_START(startup32_set_idt_entry) /* Build IDT entry, lower 4 bytes */ movl %eax, %edx - andl $0x0000ffff, %edx # Target code segment offset [15:0] - movl $__KERNEL32_CS, %ecx # Target code segment selector - shl $16, %ecx - orl %ecx, %edx + andl $0x0000ffff, %edx # Target code segment offset [15:0] + orl $(__KERNEL32_CS << 16), %edx # Target code segment selector /* Store lower 4 bytes to IDT */ movl %edx, (%ebx) @@ -766,7 +763,6 @@ SYM_FUNC_START(startup32_set_idt_entry) /* Store upper 4 bytes to IDT */ movl %edx, 4(%ebx) - pop %ecx pop %ebx RET SYM_FUNC_END(startup32_set_idt_entry) From patchwork Tue Nov 22 16:10:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627783 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1865EC43219 for ; Tue, 22 Nov 2022 16:11:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232997AbiKVQLm (ORCPT ); Tue, 22 Nov 2022 11:11:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43246 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234213AbiKVQLK (ORCPT ); Tue, 22 Nov 2022 11:11:10 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 04194748FB; Tue, 22 Nov 2022 08:11:00 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 85C39B81C13; Tue, 22 Nov 2022 16:10:58 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7E52EC433C1; Tue, 22 Nov 2022 16:10:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133457; bh=SrH5jbYTxjPDhorKLJI/pQ/HZBcFhclTx5SIgKR45/I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=N9Ejx0kbSXA96CEjy61IkPDqpmm1iw1V1KwL0o2BrG4acpyUjnYU9usTt6Ls8cLzD kMlFz8uxuQ6dZg87fNyuT0XWjepFVa2cyw6oM1OfAVOqlZ805x2tFTuC3g5ZkZ5iPy YBNDpze0/sxPDOrc4iRNXj87GS46gTDMSKudG7AxDcJX3Ndofcmsk2ve1HVVNDiMBE 1iH8VIlxbPJqRATMm90hIlBRSKyQrTE+XiMnNwPSAVPSlfEDS20au70UuKKV9bKyuY gKYePZbTQ+MwyLH12YPPBIVy40anPo86w4EKJhWO9f2kzjFsgHQxaZmPBjhAXjhf8f xaOwx+Iv2igHw== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 11/17] x86/compressed: move startup32_load_idt() into .text section Date: Tue, 22 Nov 2022 17:10:11 +0100 Message-Id: <20221122161017.2426828-12-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2553; i=ardb@kernel.org; h=from:subject; bh=SrH5jbYTxjPDhorKLJI/pQ/HZBcFhclTx5SIgKR45/I=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRegW+LXkyS9XpbbTToVmr/bYaRmK4xRgfZVjFu VylwNGuJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0XgAKCRDDTyI5ktmPJPAbDA C1qWwSmTQMOLDl4vc3rYbsHc2TXkRVTM6lA1KrxI5apzzolEqlcBxQp7wlhWptFkcUfEl0u+eeFjK6 vqr+IMvzXMi3jC7BUkDw/FtaqOUhnJk4bFhgxcE36OqHyPrPDNh9iDUHjvGYpLZcQhyn128xnRxv18 Al1yWVFu3MisoXr4ZqRo3rkOvjrsNYLfVsTn6y3+kjr5msePHR5qxALRb9z/NClK/JYafkS8sFvRrN A3Nv9GhYBoR92f2W2hCM8zYUtdCXM2MsVwW3VBKcyBgHQROshPacOUXj3CYLhHcwJ7CMMpgBAQwMQG lVXjXzBtq16sj8KLefvjpeD256WhOa9kTr3m5RRhaI9P70TzkQcF0EHsd7MjPnvOI8Jkc1T/qkYRbA CYxgX+Nlq8EyMOD1Lfz5niaZG3m3sIPPh8vsnTDpju0EjAmvYDJNJYRb+h3pwazRvVUBU27kS+Kv2g Mz2MqRTCxZNCOgDxgYi4ANIbp3NLlBxa8IFHWUIcU2cmk= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Convert startup32_load_idt() into an ordinary function and move it into the .text section. This involves turning the rva() immediates into ones derived from a local label, and preserving/restoring the %ebp and %ebx as per the calling convention. Also move the #ifdef to the only existing call site. This makes it clear that the function call does nothing if support for memory encryption is not compiled in. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/head_64.S | 31 +++++++++++++------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 82d7fab99422129f..2d42852d5b828209 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -126,7 +126,9 @@ SYM_FUNC_START(startup_32) 1: /* Setup Exception handling for SEV-ES */ +#ifdef CONFIG_AMD_MEM_ENCRYPT call startup32_load_idt +#endif /* Make sure cpu supports long mode. */ call verify_cpu @@ -724,10 +726,8 @@ SYM_DATA_START(boot32_idt) .quad 0 .endr SYM_DATA_END_LABEL(boot32_idt, SYM_L_GLOBAL, boot32_idt_end) -#endif -#ifdef CONFIG_AMD_MEM_ENCRYPT - __HEAD + .text .code32 /* * Write an IDT entry into boot32_idt @@ -760,24 +760,32 @@ SYM_FUNC_START_LOCAL(startup32_set_idt_entry) RET SYM_FUNC_END(startup32_set_idt_entry) -#endif SYM_FUNC_START(startup32_load_idt) -#ifdef CONFIG_AMD_MEM_ENCRYPT - leal rva(boot32_idt)(%ebp), %ecx + push %ebp + push %ebx + + call 1f +1: pop %ebp + + leal (boot32_idt - 1b)(%ebp), %ebx /* #VC handler */ - leal rva(startup32_vc_handler)(%ebp), %eax + leal (startup32_vc_handler - 1b)(%ebp), %eax movl $X86_TRAP_VC, %edx + movl %ebx, %ecx call startup32_set_idt_entry /* Load IDT */ - leal rva(boot32_idt)(%ebp), %eax - movl %eax, rva(boot32_idt_desc+2)(%ebp) - lidt rva(boot32_idt_desc)(%ebp) -#endif + leal (boot32_idt_desc - 1b)(%ebp), %ecx + movl %ebx, 2(%ecx) + lidt (%ecx) + + pop %ebx + pop %ebp RET SYM_FUNC_END(startup32_load_idt) +#endif /* * Check for the correct C-bit position when the startup_32 boot-path is used. @@ -796,6 +804,7 @@ SYM_FUNC_END(startup32_load_idt) * succeed. An incorrect C-bit position will map all memory unencrypted, so that * the compare will use the encrypted random data and fail. */ + __HEAD SYM_FUNC_START(startup32_check_sev_cbit) #ifdef CONFIG_AMD_MEM_ENCRYPT pushl %eax From patchwork Tue Nov 22 16:10:13 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627782 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 02DB8C4332F for ; Tue, 22 Nov 2022 16:11:49 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234277AbiKVQLp (ORCPT ); Tue, 22 Nov 2022 11:11:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42616 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234221AbiKVQLU (ORCPT ); Tue, 22 Nov 2022 11:11:20 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5926B73B99; Tue, 22 Nov 2022 08:11:04 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 050F8B81BEE; Tue, 22 Nov 2022 16:11:03 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB187C433D6; Tue, 22 Nov 2022 16:10:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133461; bh=85eC+ySfoxQeQEcBlvmMcXBwdjRppgUeZ0M247EDQDM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=I//ZrAZmTJ1txf5Y/1fGo5drBOkN5LfXiNxXkPgDHW9xs+Mwma6Paqk0dRAlCMezo pJRkZ21Q0uONcvkn6d/29R83VdXOJIZ5IDyBdiZ+bFi9zH+o0hQOIovG2qBMlFt8Ow /Ybg6mBDfBFhdxrr2hm8LB4/ZRjA7D2KohdILSamCXkVDX+0FbUVHBlSk52Hq3fd1H /kbo3bKmZb2Zot5CW7V1+PAV3P2CwfQgFP2Rzfz2rGCp4NWp2xfWu3a4aivzBaxjdh aajqA1Ie9SDomu5DJtlX7uqv2WIR82cU9x6zW+oPYz8v8rwaNFyiedmUdylQTRmELR WJRv2ROATtP/Q== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 13/17] x86/compressed: move startup32_check_sev_cbit() into .text Date: Tue, 22 Nov 2022 17:10:13 +0100 Message-Id: <20221122161017.2426828-14-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=3035; i=ardb@kernel.org; h=from:subject; bh=85eC+ySfoxQeQEcBlvmMcXBwdjRppgUeZ0M247EDQDM=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRhxAUgWKtkqItF3n9UJ4nYtoljvO9zCeQ4S9+k up0wnf+JAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0YQAKCRDDTyI5ktmPJJBSC/ 9q9Wltr368Rkd3nUNyrxiuLzJKyXgPONP0594v0bUzNK/F5fmL8ncG+SKYY1AkUj8IKUYm+4KGeSb5 jArtd/pqC03Go1JdiIkirTqiT1V+bD/2o1qsBxxe/D+ofktJAzDJ/0Gp2gf9dL/vRiIy4LTubQJoZY Fto2/7imcoAgpHwwoZ8j454Ryp3l3gwT+o+FVTSS2IHGtaW6USmH1VU1cfx21tOmDNbwD7GTNETBls UIW15ILLM/l1vdJBSrQC7Q8mbxv/Lg7ZAubZ4WWj0spI4b8dd5rVu3dOJOk1qdO9O9jsyPJXqVohxW ZXo3TQutG1SGLlQmwOPmklOdmoS0/Z5Kn56dG+S1oOvLaBImwSsETj1Pjsyvmel1nYtC1i4wSTZwe3 MEgLCDcDVeLUjNkvt7Kvb3ddq3Qug+6uD7frW6IEh37/ceW7+sDEG/RmFnGlKHQeEKiU0St7BldID8 a5TfvP5ufkzrtn+N6u7lu3RWn3JcmgwhLEKXvmVc3IQvw= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Move startup32_check_sev_cbit() into the .text section and turn it into an ordinary function using the ordinary 32-bit calling convention, instead of saving/restoring the registers that are known to be live at the only call site. This improves maintainability, and makes it possible to move this function out of head_64.S and into a separate compilation unit that is specific to memory encryption. Note that this requires the call site to be moved before the mixed mode check, as %eax will be live otherwise. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/head_64.S | 35 +++++++++++--------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index 97b2167f128cbefe..272b2e97456f0dcf 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -259,6 +259,11 @@ SYM_FUNC_START(startup_32) movl $__BOOT_TSS, %eax ltr %ax +#ifdef CONFIG_AMD_MEM_ENCRYPT + /* Check if the C-bit position is correct when SEV is active */ + call startup32_check_sev_cbit +#endif + /* * Setup for the jump to 64bit mode * @@ -276,8 +281,6 @@ SYM_FUNC_START(startup_32) leal rva(startup_64_mixed_mode)(%ebp), %eax 1: #endif - /* Check if the C-bit position is correct when SEV is active */ - call startup32_check_sev_cbit pushl $__KERNEL_CS pushl %eax @@ -732,16 +735,17 @@ SYM_DATA_END_LABEL(boot_idt, SYM_L_GLOBAL, boot_idt_end) * succeed. An incorrect C-bit position will map all memory unencrypted, so that * the compare will use the encrypted random data and fail. */ - __HEAD -SYM_FUNC_START(startup32_check_sev_cbit) #ifdef CONFIG_AMD_MEM_ENCRYPT - pushl %eax + .text +SYM_FUNC_START(startup32_check_sev_cbit) pushl %ebx - pushl %ecx - pushl %edx + pushl %ebp + + call 0f +0: popl %ebp /* Check for non-zero sev_status */ - movl rva(sev_status)(%ebp), %eax + movl (sev_status - 0b)(%ebp), %eax testl %eax, %eax jz 4f @@ -756,17 +760,18 @@ SYM_FUNC_START(startup32_check_sev_cbit) jnc 2b /* Store to memory and keep it in the registers */ - movl %eax, rva(sev_check_data)(%ebp) - movl %ebx, rva(sev_check_data+4)(%ebp) + leal (sev_check_data - 0b)(%ebp), %ebp + movl %eax, 0(%ebp) + movl %ebx, 4(%ebp) /* Enable paging to see if encryption is active */ movl %cr0, %edx /* Backup %cr0 in %edx */ movl $(X86_CR0_PG | X86_CR0_PE), %ecx /* Enable Paging and Protected mode */ movl %ecx, %cr0 - cmpl %eax, rva(sev_check_data)(%ebp) + cmpl %eax, 0(%ebp) jne 3f - cmpl %ebx, rva(sev_check_data+4)(%ebp) + cmpl %ebx, 4(%ebp) jne 3f movl %edx, %cr0 /* Restore previous %cr0 */ @@ -778,13 +783,11 @@ SYM_FUNC_START(startup32_check_sev_cbit) jmp 3b 4: - popl %edx - popl %ecx + popl %ebp popl %ebx - popl %eax -#endif RET SYM_FUNC_END(startup32_check_sev_cbit) +#endif /* * Stack and heap for uncompression From patchwork Tue Nov 22 16:10:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627781 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A070C4321E for ; Tue, 22 Nov 2022 16:12:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229507AbiKVQMR (ORCPT ); Tue, 22 Nov 2022 11:12:17 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43154 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234297AbiKVQLi (ORCPT ); Tue, 22 Nov 2022 11:11:38 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 66EAB74AA5; Tue, 22 Nov 2022 08:11:09 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EB0526178F; Tue, 22 Nov 2022 16:11:08 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 98F21C433B5; Tue, 22 Nov 2022 16:11:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133468; bh=WhXdkD4dUeFlbCa2uQ7/WXKYDJLeVqOD82K+vPxNRBU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=XP2d5Vn5IhYOWUComKlIB6Z9cXXN/cA51C1aeGE9gGN8yeNbmQRq1ICdueb71n0lH obE7QRwE3PL44uUF9iCUvBppYz/p3rsCzWPsPAOnMa/cjNsCIlQwIsrJKVa7mptG6J 3K0iR9VKg97H5GHa10EkGRiPp4/jy9qoW+kyovoGqWrewCTfC+PVBlCtoVtrtnNKrF hP46x1yNmA4pxsd08Hlxx0jM1nJ+jpcVyJIImgIdBTbOwnDnBYMj+gMEVXZT646uQI vNWOzqoeSG2rOb2eLvu9krtCbJPnR8tf105bt+sEt9SiYVAD9DOlL3fOZnZ3JYa/ob 3Ha6DFMdavgKw== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 16/17] x86/compressed: only build mem_encrypt.S if AMD_MEM_ENCRYPT=y Date: Tue, 22 Nov 2022 17:10:16 +0100 Message-Id: <20221122161017.2426828-17-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1513; i=ardb@kernel.org; h=from:subject; bh=WhXdkD4dUeFlbCa2uQ7/WXKYDJLeVqOD82K+vPxNRBU=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRmkT6ecGA/cAN7llRJkxgNCUnGuU4XlPtqQLSt MJfoSUKJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0ZgAKCRDDTyI5ktmPJIROC/ 47FixYSC5DsCya9EY2tPWjzFOO3btlyqulJ0T+UDx2P378vfkSo7epzYht6hTrbu0eyKl8sbBbOJod HOzI5it103YIBtch6jbzm+ecyPY/6Liuku1ipJgc7uCOmfoHVUWa4/2CUinI0+lPqV2ZQmOlPXw9eS VeowN57ItdpLsaYa4kph88PLKON7dl7eZlIAi/lATz1moiBiuiHHo+HUQBQw+V6NW0feamxq7zD+cS XLotitFVa3AccaAAzAI1Pw960takGXHX7h+fVe60wZVHwI9LedRUcESNqpnjZKqZpPkvdotIQsyHaW 78iubNh1PsE8xpHF1GlcaCqaMg1iXb652wywgjIySJg8lmIAo5dM8hUUPtTRUHb69VOQJnYDiv/O8Q 7WnF4vfyjCRDhMqSy+ofLnqY2SS+flxH/p/8TTX+afsj8e63dc/WmCfIjPqfU955GIg2Flj1oSPi1S DVK98PcqjDCeIfDfwDzWB3sEh/W64p5dt4vTlomv+Qc3Q= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Avoid building the mem_encrypt.o object if memory encryption support is not enabled to begin with. Signed-off-by: Ard Biesheuvel --- arch/x86/boot/compressed/Makefile | 2 +- arch/x86/boot/compressed/mem_encrypt.S | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile index cd1a6295b957ea1d..3dc5db651dd0a197 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -100,7 +100,7 @@ vmlinux-objs-$(CONFIG_RANDOMIZE_BASE) += $(obj)/kaslr.o ifdef CONFIG_X86_64 vmlinux-objs-y += $(obj)/ident_map_64.o vmlinux-objs-y += $(obj)/idt_64.o $(obj)/idt_handlers_64.o - vmlinux-objs-y += $(obj)/mem_encrypt.o + vmlinux-objs-$(CONFIG_AMD_MEM_ENCRYPT) += $(obj)/mem_encrypt.o vmlinux-objs-y += $(obj)/pgtable_64.o vmlinux-objs-$(CONFIG_AMD_MEM_ENCRYPT) += $(obj)/sev.o endif diff --git a/arch/x86/boot/compressed/mem_encrypt.S b/arch/x86/boot/compressed/mem_encrypt.S index e69674588a31c81f..32f7cc8a862547e4 100644 --- a/arch/x86/boot/compressed/mem_encrypt.S +++ b/arch/x86/boot/compressed/mem_encrypt.S @@ -307,7 +307,6 @@ SYM_FUNC_END(startup32_check_sev_cbit) .data -#ifdef CONFIG_AMD_MEM_ENCRYPT .balign 8 SYM_DATA(sme_me_mask, .quad 0) SYM_DATA(sev_status, .quad 0) @@ -323,4 +322,3 @@ SYM_DATA_START_LOCAL(boot32_idt_desc) .word . - boot32_idt - 1 .long 0 SYM_DATA_END(boot32_idt_desc) -#endif From patchwork Tue Nov 22 16:10:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 627780 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E48C7C433FE for ; Tue, 22 Nov 2022 16:12:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233120AbiKVQMS (ORCPT ); Tue, 22 Nov 2022 11:12:18 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42426 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233774AbiKVQLn (ORCPT ); Tue, 22 Nov 2022 11:11:43 -0500 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A07374ABB; Tue, 22 Nov 2022 08:11:11 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 3379D61792; Tue, 22 Nov 2022 16:11:11 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CF4A0C433D6; Tue, 22 Nov 2022 16:11:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1669133470; bh=del+B43pK6TaccphvXJ28jvfSBKGUxy0I/ywjkZvIh4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Ghf5qSEjhCwO8mImCexfclPr2cgk8g7ybZwCCDfsU2JnXT9uDwY22pj+sXZVrItjy gO3ZiYewO5cehMYcpk6b0fJKtmYzUEXYmxTYNvtceezVHPzFCTV3w7heQyfqAGs7RL aPPm5fYdZV4dKcAgWbWoqnukRCpcK0pgxjTk9GfbnCwmHD2O+yD1lx52n5Tl5F+lfb ox+ylrMMBqTPNwOMsjdjN3MgGT+7JLW7ncndCFDn2AZ0IOB34mZkIqd3ZlVqbIQcaw ag6ZvVY269JHRuHj7dhFSvA2XLV8BzG915R8giWuoegS/Qv1s5sCsKDvSxWMUvLv5v hzIpjPQTRIr/g== From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , Michael Roth Subject: [PATCH v3 17/17] efi: x86: Make the deprecated EFI handover protocol optional Date: Tue, 22 Nov 2022 17:10:17 +0100 Message-Id: <20221122161017.2426828-18-ardb@kernel.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20221122161017.2426828-1-ardb@kernel.org> References: <20221122161017.2426828-1-ardb@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5730; i=ardb@kernel.org; h=from:subject; bh=del+B43pK6TaccphvXJ28jvfSBKGUxy0I/ywjkZvIh4=; b=owEB7QES/pANAwAKAcNPIjmS2Y8kAcsmYgBjfPRoPMfnVKZwz5TVDvfM40lKX97xivaJebCGV9yg 0jObB5uJAbMEAAEKAB0WIQT72WJ8QGnJQhU3VynDTyI5ktmPJAUCY3z0aAAKCRDDTyI5ktmPJAiEC/ 0WnKjV6l38MPlBU5LQOa2epZox5wXjIBSu8wF6UL6c4k/Zx24rnjzt3ZHyakoT5fqvVxFlRiSiLXSd oGqf7/kd+/rzlJTZkpFiXXU8Lvy0uFQNY+MDCWkEavdh9cr5KcR8+WMbYnlZVXE+LMBo77h5Wg8J5F /kwUsYxFROg31iCQ6bKEOFSS4qvH9uGApGyY9+Mzci45PfrmgN6N3JAffKBnePjQAE6inOvojvRdc8 uDzX7Qf0yofJuJXlxze2kNQC4JXQfbF45oz9N88sboM4xy1D/kpN1mHP0nWtbyaVBDUBtUmPItOU2G OR1Mu8QCYSM3EpharKpESrb9J/A2YDiV3S/MN+pfz8SoNEZbamfulQs8+ojdcIE+OA/uz5rnwy6+aU 6E693wigxKwYEsEPsPgxBtd6N1SlirYo0sLqrJzH3hHPK2vGx3dlJlqt2QGDj7ofJXRW+yN9gTMpzQ pV6cOaIHtCL/RGw310nCHzrSTUtyg42DV2CLmijs7xt9E= X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The EFI handover protocol permits a bootloader to invoke the kernel as a EFI PE/COFF application, while passing a bootparams struct as a third argument to the entrypoint function call. This has no basis in the UEFI specification, and there are better ways to pass additional data to a UEFI application (UEFI configuration tables, UEFI variables, UEFI protocols) than going around the StartImage() boot service and jumping to a fixed offset in the loaded image, just to call a different function that takes a third parameter. The reason for handling struct bootparams in the bootloader was that the EFI stub could only load initrd images from the EFI system partition, and so passing it via struct bootparams was needed for loaders like GRUB, which pass the initrd in memory, and may load it from anywhere, including from the network. Another motivation was EFI mixed mode, which could not use the initrd loader in the EFI stub at all due to 32/64 bit incompatibilities (which will be fixed shortly [0]), and could not invoke the ordinary PE/COFF entry point either, for the same reasons. Given that loaders such as GRUB already carried the bootparams handling in order to implement non-EFI boot, retaining that code and just passing bootparams to the EFI stub was a reasonable choice (although defining an alternate entrypoint could have been avoided.) However, the GRUB side changes never made it upstream, and are only shipped by some of the distros in their downstream versions. In the meantime, EFI support has been added to other Linux architecture ports, as well as to U-boot and systemd, including arch-agnostic methods for passing initrd images in memory [1], and for doing mixed mode boot [2], none of them requiring anything like the EFI handover protocol. So given that only out-of-tree distro GRUB relies on this, let's permit it to be omitted from the build, in preparation for retiring it completely at a later date. (Note that systemd-boot does have an implementation as well, but only uses it as a fallback for booting images that do not implement the LoadFile2 based initrd loading method, i.e., v5.8 or older) [0] https://lore.kernel.org/all/20220927085842.2860715-1-ardb@kernel.org/ [1] ec93fc371f01 ("efi/libstub: Add support for loading the initrd ...") [2] 97aa276579b2 ("efi/x86: Add true mixed mode entry point into ...") Signed-off-by: Ard Biesheuvel --- arch/x86/Kconfig | 17 +++++++++++++++++ arch/x86/boot/compressed/head_64.S | 4 +++- arch/x86/boot/header.S | 2 +- arch/x86/boot/tools/build.c | 2 ++ 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 8c6da5e42d5a6c25..121f1fdca3145fd2 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1981,6 +1981,23 @@ config EFI_STUB See Documentation/admin-guide/efi-stub.rst for more information. +config EFI_HANDOVER_PROTOCOL + bool "EFI handover protocol (DEPRECATED)" + depends on EFI_STUB + default y + help + Select this in order to include support for the deprecated EFI + handover protocol, which defines alternative entry points into the + EFI stub. This is a practice that has no basis in the UEFI + specification, and requires a priori knowledge on the part of the + bootloader about Linux/x86 specific ways of passing the command line + and initrd, and where in memory those assets may be loaded. + + If in doubt, say Y. Even though he corresponding support is not + present in upstream GRUB or other bootloaders, most distros build + GRUB with numerous downstream patches applied, and may rely on the + handover protocol as as result. + config EFI_MIXED bool "EFI mixed-mode support" depends on EFI_STUB && X86_64 diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S index dd18216cff5c37e0..a75712991df3e936 100644 --- a/arch/x86/boot/compressed/head_64.S +++ b/arch/x86/boot/compressed/head_64.S @@ -294,7 +294,7 @@ SYM_FUNC_START(startup_32) lret SYM_FUNC_END(startup_32) -#ifdef CONFIG_EFI_MIXED +#if IS_ENABLED(CONFIG_EFI_MIXED) && IS_ENABLED(CONFIG_EFI_HANDOVER_PROTOCOL) .org 0x190 SYM_FUNC_START(efi32_stub_entry) add $0x4, %esp /* Discard return address */ @@ -524,7 +524,9 @@ trampoline_return: SYM_CODE_END(startup_64) #ifdef CONFIG_EFI_STUB +#ifdef CONFIG_EFI_HANDOVER_PROTOCOL .org 0x390 +#endif SYM_FUNC_START(efi64_stub_entry) and $~0xf, %rsp /* realign the stack */ movq %rdx, %rbx /* save boot_params pointer */ diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S index f912d777013052ea..d31982509654dcb1 100644 --- a/arch/x86/boot/header.S +++ b/arch/x86/boot/header.S @@ -406,7 +406,7 @@ xloadflags: # define XLF1 0 #endif -#ifdef CONFIG_EFI_STUB +#ifdef CONFIG_EFI_HANDOVER_PROTOCOL # ifdef CONFIG_EFI_MIXED # define XLF23 (XLF_EFI_HANDOVER_32|XLF_EFI_HANDOVER_64) # else diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c index a3725ad46c5a0b49..bd247692b70174f0 100644 --- a/arch/x86/boot/tools/build.c +++ b/arch/x86/boot/tools/build.c @@ -290,6 +290,7 @@ static void efi_stub_entry_update(void) { unsigned long addr = efi32_stub_entry; +#ifdef CONFIG_EFI_HANDOVER_PROTOCOL #ifdef CONFIG_X86_64 /* Yes, this is really how we defined it :( */ addr = efi64_stub_entry - 0x200; @@ -298,6 +299,7 @@ static void efi_stub_entry_update(void) #ifdef CONFIG_EFI_MIXED if (efi32_stub_entry != addr) die("32-bit and 64-bit EFI entry points do not match\n"); +#endif #endif put_unaligned_le32(addr, &buf[0x264]); }