| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20191214175735.22518-1-ardb@kernel.org>
Date: Sat, 14 Dec 2019 18:57:25 +0100
From: Ard Biesheuvel <ardb@...nel.org>
To: linux-kernel@...r.kernel.org
Cc: linux-efi@...r.kernel.org, Ard Biesheuvel <ardb@...nel.org>,
Hans de Goede <hdegoede@...hat.com>,
Matthew Garrett <matthewgarrett@...gle.com>,
Ingo Molnar <mingo@...nel.org>,
Andy Lutomirski <luto@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Arvind Sankar <nivedita@...m.mit.edu>
Subject: [PATCH 00/10] efi/x86: confine type unsafe casting to mixed mode
Currently, we support mixed mode (64-bit Linux running on 32-bit firmware)
by explicitly reasoning about pointer sizes for every call into the
firmware: on x86, there are 32-bit and 64-bit versions of each protocol
interface, and each call gets routed via one of the two, depending on the
native size of the firmware.
There is a lot of casting and pointer mangling involved in this, and as
a result, we end up with much less coverage in terms of type checking by
the compiler, due to the indirection via an anonymous, variadic thunking
routine.
This peculiarity of x86 is also leaking into generic EFI code, which is
shared with ia64, arm64, ARM and likely RiscV in the future. So let's
try to clean this up a bit.
The approach taken by this series is to replace the 32/64 bit distinction
with a distinction between native calls and mixed mode calls, where the
former can be either 32 or 64 bit [depending on the platform] and use
the ordinary native protocol definitions, while mixed mode calls retain
the existing casting/thunking approach based on the 32-bit protocol
definitions.
Given that GCC now supports emitting function calls using the MS calling
convention, we can get rid of all the wrapping and casting, and emit the
indirect calls directly.
Code can be found here
https://git.kernel.org/pub/scm/linux/kernel/git/ardb/linux.git/log/?h=efistub-x86-cleanup
Cc: Hans de Goede <hdegoede@...hat.com>
Cc: Matthew Garrett <matthewgarrett@...gle.com>
Cc: Ingo Molnar <mingo@...nel.org>
Cc: Andy Lutomirski <luto@...nel.org>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Arvind Sankar <nivedita@...m.mit.edu>
Ard Biesheuvel (10):
efi/libstub: remove unused __efi_call_early() macro
efi/x86: rename efi_is_native() to efi_is_mixed()
efi/libstub: use a helper to iterate over a EFI handle array
efi/libstub: add missing apple_properties_protocol_t definition
efi/libstub: distinguish between native/mixed not 32/64 bit
efi/libstub/x86: use mixed mode helpers to populate efi_config
efi/libstub: drop explicit 64-bit protocol definitions
efi/libstub: use stricter typing for firmware function pointers
efi/libstub: annotate firmware routines as __efiapi
efi/libstub/x86: avoid thunking for native firmware calls
arch/arm/include/asm/efi.h | 3 +-
arch/arm64/include/asm/efi.h | 3 +-
arch/x86/Kconfig | 1 +
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/boot/compressed/eboot.c | 51 ++--
arch/x86/boot/compressed/eboot.h | 11 +-
arch/x86/boot/compressed/efi_stub_32.S | 87 ------
arch/x86/boot/compressed/efi_stub_64.S | 5 -
arch/x86/boot/compressed/head_32.S | 8 +-
arch/x86/boot/compressed/head_64.S | 12 -
arch/x86/include/asm/efi.h | 64 ++--
arch/x86/platform/efi/efi.c | 12 +-
arch/x86/platform/efi/efi_64.c | 6 +-
arch/x86/platform/efi/quirks.c | 2 +-
.../firmware/efi/libstub/efi-stub-helper.c | 46 ++-
drivers/firmware/efi/libstub/gop.c | 9 +-
drivers/firmware/efi/libstub/pci.c | 9 +-
drivers/firmware/efi/libstub/random.c | 13 +-
drivers/firmware/efi/libstub/tpm.c | 4 +-
include/linux/efi.h | 278 ++++++------------
20 files changed, 195 insertions(+), 431 deletions(-)
delete mode 100644 arch/x86/boot/compressed/efi_stub_32.S
delete mode 100644 arch/x86/boot/compressed/efi_stub_64.S
--
2.17.1
Powered by blists - more mailing lists