lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMj1kXHVJ35CrT2RePx7njW-iCvqoACwZKM0m7x0mUDe17YUiQ@mail.gmail.com>
Date:   Wed, 19 Oct 2022 09:39:47 +0200
From:   Ard Biesheuvel <ardb@...nel.org>
To:     Evgeniy Baskov <baskov@...ras.ru>
Cc:     Borislav Petkov <bp@...en8.de>, Andy Lutomirski <luto@...nel.org>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Ingo Molnar <mingo@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Alexey Khoroshilov <khoroshilov@...ras.ru>,
        lvc-project@...uxtesting.org, x86@...nel.org,
        linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: Re: [PATCH 15/16] efi/libstub: Add memory attribute protocol definitions

On Tue, 6 Sept 2022 at 12:42, Evgeniy Baskov <baskov@...ras.ru> wrote:
>
> EFI_MEMORY_ATTRIBUTE_PROTOCOL servers as a better alternative to
> DXE services for setting memory attributes in EFI Boot Services
> environment. This protocol is better since it is a part of UEFI
> specification itself and not UEFI PI specification like DXE
> services.
>
> Add EFI_MEMORY_ATTRIBUTE_PROTOCOL definitions.
> Support mixed mode properly for its calls.
>
> Signed-off-by: Evgeniy Baskov <baskov@...ras.ru>

Acked-by: Ard Biesheuvel <ardb@...nel.org>

> ---
>  arch/x86/include/asm/efi.h             |  7 +++++++
>  drivers/firmware/efi/libstub/efistub.h | 22 ++++++++++++++++++++++
>  include/linux/efi.h                    |  1 +
>  3 files changed, 30 insertions(+)
>
> diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
> index 233ae6986d6f..522ff2e443b3 100644
> --- a/arch/x86/include/asm/efi.h
> +++ b/arch/x86/include/asm/efi.h
> @@ -325,6 +325,13 @@ static inline u32 efi64_convert_status(efi_status_t status)
>  #define __efi64_argmap_set_memory_space_attributes(phys, size, flags) \
>         (__efi64_split(phys), __efi64_split(size), __efi64_split(flags))
>
> +/* Memory Attribute Protocol */
> +#define __efi64_argmap_set_memory_attributes(protocol, phys, size, flags) \
> +       ((protocol), __efi64_split(phys), __efi64_split(size), __efi64_split(flags))
> +
> +#define __efi64_argmap_clear_memory_attributes(protocol, phys, size, flags) \
> +       ((protocol), __efi64_split(phys), __efi64_split(size), __efi64_split(flags))
> +
>  /*
>   * The macros below handle the plumbing for the argument mapping. To add a
>   * mapping for a specific EFI method, simply define a macro
> diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
> index cdd1bb50c786..87973f104731 100644
> --- a/drivers/firmware/efi/libstub/efistub.h
> +++ b/drivers/firmware/efi/libstub/efistub.h
> @@ -39,6 +39,9 @@ extern const efi_system_table_t *efi_system_table;
>  typedef union efi_dxe_services_table efi_dxe_services_table_t;
>  extern const efi_dxe_services_table_t *efi_dxe_table;
>
> +typedef union efi_memory_attribute_protocol efi_memory_attribute_protocol_t;
> +extern efi_memory_attribute_protocol_t *efi_mem_attrib_proto;
> +
>  efi_status_t __efiapi efi_pe_entry(efi_handle_t handle,
>                                    efi_system_table_t *sys_table_arg);
>
> @@ -403,6 +406,25 @@ union efi_dxe_services_table {
>         } mixed_mode;
>  };
>
> +union  efi_memory_attribute_protocol {
> +       struct {
> +               void *get_memory_attributes;
> +               efi_status_t (__efiapi *set_memory_attributes)(efi_memory_attribute_protocol_t *,
> +                                                               efi_physical_addr_t,
> +                                                               u64,
> +                                                               u64);
> +               efi_status_t (__efiapi *clear_memory_attributes)(efi_memory_attribute_protocol_t *,
> +                                                                 efi_physical_addr_t,
> +                                                                 u64,
> +                                                                 u64);
> +       };
> +       struct {
> +               u32 get_memory_attributes;
> +               u32 set_memory_attributes;
> +               u32 clear_memory_attributes;
> +       } mixed_mode;
> +};
> +
>  typedef union efi_uga_draw_protocol efi_uga_draw_protocol_t;
>
>  union efi_uga_draw_protocol {
> diff --git a/include/linux/efi.h b/include/linux/efi.h
> index d2b84c2fec39..d32368a32285 100644
> --- a/include/linux/efi.h
> +++ b/include/linux/efi.h
> @@ -386,6 +386,7 @@ void efi_native_runtime_setup(void);
>  #define EFI_LOAD_FILE2_PROTOCOL_GUID           EFI_GUID(0x4006c0c1, 0xfcb3, 0x403e,  0x99, 0x6d, 0x4a, 0x6c, 0x87, 0x24, 0xe0, 0x6d)
>  #define EFI_RT_PROPERTIES_TABLE_GUID           EFI_GUID(0xeb66918a, 0x7eef, 0x402a,  0x84, 0x2e, 0x93, 0x1d, 0x21, 0xc3, 0x8a, 0xe9)
>  #define EFI_DXE_SERVICES_TABLE_GUID            EFI_GUID(0x05ad34ba, 0x6f02, 0x4214,  0x95, 0x2e, 0x4d, 0xa0, 0x39, 0x8e, 0x2b, 0xb9)
> +#define EFI_MEMORY_ATTRIBUTE_PROTOCOL_GUID     EFI_GUID(0xf4560cf6, 0x40ec, 0x4b4a,  0xa1, 0x92, 0xbf, 0x1d, 0x57, 0xd0, 0xb1, 0x89)
>
>  #define EFI_IMAGE_SECURITY_DATABASE_GUID       EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596,  0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
>  #define EFI_SHIM_LOCK_GUID                     EFI_GUID(0x605dab50, 0xe046, 0x4300,  0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
> --
> 2.35.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ