lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue,  6 Dec 2016 11:15:59 -0800
From:   Sai Praneeth Prakhya <sai.praneeth.prakhya@...el.com>
To:     linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     jlee@...e.com, bp@...en8.de, ricardo.neri@...el.com,
        matt@...eblueprint.co.uk, ard.biesheuvel@...aro.org,
        ravi.v.shankar@...el.com, fenghua.yu@...el.com,
        Sai Praneeth <sai.praneeth.prakhya@...el.com>
Subject: [PATCH 0/4] UEFI: EFI_MEMORY_ATTRIBUTES_TABLE support for x86

From: Sai Praneeth <sai.praneeth.prakhya@...el.com>

UEFI v2.6 introduces EFI_MEMORY_ATTRIBUTES_TABLE which describes memory 
protections that may be applied to EFI Runtime code and data regions by 
kernel. This helps kernel to map efi runtime regions more strictly and 
hence allowing only appropriate accesses to these regions. Please refer 
to "EFI_MEMORY_ATTRIBUTES_TABLE" in section 4.6 of UEFI specification 
v2.6 for more information on this table.

This patch set relies on commit a604af075a32 ("efi: Add support for the 
EFI_MEMORY_ATTRIBUTES_TABLE config table"), commit 10f0d2f57705 ("efi: 
Implement generic support for the Memory Attributes table") and hence 
implements support for only x86.

Since the above commits have already implemented early discovery and 
validation of table, the following patches implement a call back 
function for x86 which is called only when EFI_MEMORY_ATTRIBUTES_TABLE 
is detected.

Patch #1 makes the efi_memory_attributes table detection code generic 
across all architectures

Patch #2 adds EFI_MEM_ATTR bit to keep track of this feature

Patch #3 Implements call back function that does stricter mappings based 
on this table

Patch #4 Skip parsing of EFI_PROPERTIES_TABLE if EFI_MEMORY_ATTRIBUTES_TABLE 
is detected

Sai Praneeth (4):
  efi: Make EFI_MEMORY_ATTRIBUTES_TABLE initialization common across all
    architectures
  efi: Introduce EFI_MEM_ATTR bit and set it from memory attributes
    table
  x86/efi: Add support for EFI_MEMORY_ATTRIBUTES_TABLE
  efi: Skip parsing of EFI_PROPERTIES_TABLE if
    EFI_MEMORY_ATTRIBUTES_TABLE is detected

 arch/x86/platform/efi/efi_64.c  | 64 ++++++++++++++++++++++++++++++++++-------
 drivers/firmware/efi/arm-init.c |  1 -
 drivers/firmware/efi/efi.c      | 13 +++++++++
 drivers/firmware/efi/memattr.c  |  6 +++-
 include/linux/efi.h             |  1 +
 5 files changed, 73 insertions(+), 12 deletions(-)

-- 
2.1.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ