lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 Feb 2020 01:16:48 +0000
From:   Atish Patra <Atish.Patra@....com>
To:     "ardb@...nel.org" <ardb@...nel.org>
CC:     "alexios.zavras@...el.com" <alexios.zavras@...el.com>,
        "tglx@...utronix.de" <tglx@...utronix.de>,
        "mchehab+samsung@...nel.org" <mchehab+samsung@...nel.org>,
        "pbonzini@...hat.com" <pbonzini@...hat.com>,
        "michal.simek@...inx.com" <michal.simek@...inx.com>,
        "linux@...linux.org.uk" <linux@...linux.org.uk>,
        "abner.chang@....com" <abner.chang@....com>,
        "linux-riscv@...ts.infradead.org" <linux-riscv@...ts.infradead.org>,
        "catalin.marinas@....com" <catalin.marinas@....com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "daniel.schaefer@....com" <daniel.schaefer@....com>,
        Anup Patel <Anup.Patel@....com>,
        "kstewart@...uxfoundation.org" <kstewart@...uxfoundation.org>,
        "palmer@...belt.com" <palmer@...belt.com>,
        "aou@...s.berkeley.edu" <aou@...s.berkeley.edu>,
        "arnd@...db.de" <arnd@...db.de>,
        "rppt@...ux.ibm.com" <rppt@...ux.ibm.com>,
        "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>,
        "bp@...e.de" <bp@...e.de>,
        "greentime.hu@...ive.com" <greentime.hu@...ive.com>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "agraf@...raf.de" <agraf@...raf.de>,
        "will@...nel.org" <will@...nel.org>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        "mingo@...nel.org" <mingo@...nel.org>,
        "allison@...utok.net" <allison@...utok.net>,
        "han_mao@...ky.com" <han_mao@...ky.com>,
        "paul.walmsley@...ive.com" <paul.walmsley@...ive.com>,
        "linus.walleij@...aro.org" <linus.walleij@...aro.org>,
        "leif@...iainc.com" <leif@...iainc.com>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>
Subject: Re: [RFC PATCH 1/5] efi: Move arm-stub to a common file

On Wed, 2020-02-26 at 08:04 +0100, Ard Biesheuvel wrote:
> Hi Atish,
> 
> On Wed, 26 Feb 2020 at 02:10, Atish Patra <atish.patra@....com>
> wrote:
> > Most of the arm-stub code is written in an architecture independent
> > manner.
> > As a result, RISC-V can reuse most of the arm-stub code.
> > 
> > Rename the arm-stub.c to efi-stub.c so that ARM, ARM64 and RISC-V
> > can use it.
> > This patch doesn't introduce any functional changes.
> > 
> > Signed-off-by: Atish Patra <atish.patra@....com>
> > ---
> >  arch/arm/Kconfig                                     |  2 +-
> >  arch/arm64/Kconfig                                   |  2 +-
> >  drivers/firmware/efi/Kconfig                         |  6 +++---
> >  drivers/firmware/efi/libstub/Makefile                | 12 ++++++
> > ------
> >  .../firmware/efi/libstub/{arm-stub.c => efi-stub.c}  |  7 ++++++-
> >  5 files changed, 17 insertions(+), 12 deletions(-)
> >  rename drivers/firmware/efi/libstub/{arm-stub.c => efi-stub.c}
> > (98%)
> > 
> > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> > index 97864aabc2a6..9931fea06076 100644
> > --- a/arch/arm/Kconfig
> > +++ b/arch/arm/Kconfig
> > @@ -1955,7 +1955,7 @@ config EFI
> >         select UCS2_STRING
> >         select EFI_PARAMS_FROM_FDT
> >         select EFI_STUB
> > -       select EFI_ARMSTUB
> > +       select EFI_GENERIC_ARCH_STUB
> >         select EFI_RUNTIME_WRAPPERS
> >         ---help---
> >           This option provides support for runtime services
> > provided
> > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> > index 0b30e884e088..ae776d8ef2f9 100644
> > --- a/arch/arm64/Kconfig
> > +++ b/arch/arm64/Kconfig
> > @@ -1720,7 +1720,7 @@ config EFI
> >         select EFI_PARAMS_FROM_FDT
> >         select EFI_RUNTIME_WRAPPERS
> >         select EFI_STUB
> > -       select EFI_ARMSTUB
> > +       select EFI_GENERIC_ARCH_STUB
> >         default y
> >         help
> >           This option provides support for runtime services
> > provided
> > diff --git a/drivers/firmware/efi/Kconfig
> > b/drivers/firmware/efi/Kconfig
> > index ecc83e2f032c..1bcedb7812da 100644
> > --- a/drivers/firmware/efi/Kconfig
> > +++ b/drivers/firmware/efi/Kconfig
> > @@ -106,12 +106,12 @@ config EFI_PARAMS_FROM_FDT
> >  config EFI_RUNTIME_WRAPPERS
> >         bool
> > 
> > -config EFI_ARMSTUB
> > +config EFI_GENERIC_ARCH_STUB
> 
> Let's call it EFI_GENERIC_STUB
> 
> >         bool
> > 
> > -config EFI_ARMSTUB_DTB_LOADER
> > +config EFI_STUB_DTB_LOADER
> >         bool "Enable the DTB loader"
> > -       depends on EFI_ARMSTUB
> > +       depends on EFI_GENERIC_ARCH_STUB
> 
> Do you actually need the DTB loader? I feel adding this for ARM was a
> mistake, so you may want to make this depend on !RISCV while you're
> at
> it.
> 

Actually we don't need it RISC-V. I think I added that that's a valid
option to have. But your recent cleaup seems otherwise. I will make it
depend on !RISCV. It also doesn't make sense to rename it to
EFI_STUB_DTB_LOADER. So I will just leave EFI_ARMSTUB_DTB_LOADER as it
is.

> >         default y
> >         help
> >           Select this config option to add support for the dtb=
> > command
> > diff --git a/drivers/firmware/efi/libstub/Makefile
> > b/drivers/firmware/efi/libstub/Makefile
> > index 4d6246c6f651..2c5b76787126 100644
> > --- a/drivers/firmware/efi/libstub/Makefile
> > +++ b/drivers/firmware/efi/libstub/Makefile
> > @@ -22,7 +22,7 @@ cflags-$(CONFIG_ARM)          := $(subst
> > $(CC_FLAGS_FTRACE),,$(KBUILD_CFLAGS)) \
> >                                    -fno-builtin -fpic \
> >                                    $(call cc-option,-mno-single-
> > pic-base)
> > 
> > -cflags-$(CONFIG_EFI_ARMSTUB)   += -I$(srctree)/scripts/dtc/libfdt
> > +cflags-$(CONFIG_EFI_GENERIC_ARCH_STUB) +=
> > -I$(srctree)/scripts/dtc/libfdt
> > 
> >  KBUILD_CFLAGS                  := $(cflags-y)
> > -DDISABLE_BRANCH_PROFILING \
> >                                    -include
> > $(srctree)/drivers/firmware/efi/libstub/hidden.h \
> > @@ -44,13 +44,13 @@ lib-y                               := efi-
> > stub-helper.o gop.o secureboot.o tpm.o \
> >                                    skip_spaces.o lib-cmdline.o lib-
> > ctype.o
> > 
> >  # include the stub's generic dependencies from lib/ when building
> > for ARM/arm64
> > -arm-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c
> > fdt_sw.c
> > +efi-deps-y := fdt_rw.c fdt_ro.c fdt_wip.c fdt.c fdt_empty_tree.c
> > fdt_sw.c
> > 
> >  $(obj)/lib-%.o: $(srctree)/lib/%.c FORCE
> >         $(call if_changed_rule,cc_o_c)
> > 
> > -lib-$(CONFIG_EFI_ARMSTUB)      += arm-stub.o fdt.o string.o \
> > -                                  $(patsubst %.c,lib-%.o,$(arm-
> > deps-y))
> > +lib-$(CONFIG_EFI_GENERIC_ARCH_STUB)            += efi-stub.o fdt.o
> > string.o \
> > +                                  $(patsubst %.c,lib-%.o,$(efi-
> > deps-y))
> > 
> >  lib-$(CONFIG_ARM)              += arm32-stub.o
> >  lib-$(CONFIG_ARM64)            += arm64-stub.o
> > @@ -72,8 +72,8 @@ CFLAGS_arm64-stub.o           :=
> > -DTEXT_OFFSET=$(TEXT_OFFSET)
> >  # a verification pass to see if any absolute relocations exist in
> > any of the
> >  # object files.
> >  #
> > -extra-$(CONFIG_EFI_ARMSTUB)    := $(lib-y)
> > -lib-$(CONFIG_EFI_ARMSTUB)      := $(patsubst %.o,%.stub.o,$(lib-
> > y))
> > +extra-$(CONFIG_EFI_GENERIC_ARCH_STUB)  := $(lib-y)
> > +lib-$(CONFIG_EFI_GENERIC_ARCH_STUB)    := $(patsubst
> > %.o,%.stub.o,$(lib-y))
> > 
> >  STUBCOPY_FLAGS-$(CONFIG_ARM64) += --prefix-alloc-sections=.init \
> >                                    --prefix-symbols=__efistub_
> > diff --git a/drivers/firmware/efi/libstub/arm-stub.c
> > b/drivers/firmware/efi/libstub/efi-stub.c
> > similarity index 98%
> > rename from drivers/firmware/efi/libstub/arm-stub.c
> > rename to drivers/firmware/efi/libstub/efi-stub.c
> > index 13559c7e6643..b87c3f70430c 100644
> > --- a/drivers/firmware/efi/libstub/arm-stub.c
> > +++ b/drivers/firmware/efi/libstub/efi-stub.c
> > @@ -15,6 +15,7 @@
> > 
> >  #include "efistub.h"
> > 
> > +#if IS_ENABLED(CONFIG_ARM64) || IS_ENABLED(CONFIG_ARM)
> >  /*
> >   * This is the base address at which to start allocating virtual
> > memory ranges
> >   * for UEFI Runtime Services. This is in the low TTBR0 range so
> > that we can use
> > @@ -27,6 +28,10 @@
> >   * entire footprint of the UEFI runtime services memory regions)
> >   */
> >  #define EFI_RT_VIRTUAL_BASE    SZ_512M
> > +#else
> > +#define EFI_RT_VIRTUAL_BASE    SZ_2G
> > +#endif
> > +
> 
> Can we drop this hunk for now? It should be part of your runtime
> services series.
> 

Sure. Will do it.

> >  #define EFI_RT_VIRTUAL_SIZE    SZ_512M
> > 
> >  #ifdef CONFIG_ARM64
> > @@ -243,7 +248,7 @@ efi_status_t efi_entry(efi_handle_t handle,
> > efi_system_table_t *sys_table_arg)
> >          * 'dtb=' unless UEFI Secure Boot is disabled.  We assume
> > that secure
> >          * boot is enabled if we can't determine its state.
> >          */
> > -       if (!IS_ENABLED(CONFIG_EFI_ARMSTUB_DTB_LOADER) ||
> > +       if (!IS_ENABLED(CONFIG_EFI_STUB_DTB_LOADER) ||
> >              secure_boot != efi_secureboot_mode_disabled) {
> >                 if (strstr(cmdline_ptr, "dtb="))
> >                         pr_efi("Ignoring DTB from command
> > line.\n");
> > --
> > 2.24.0
> > 

-- 
Regards,
Atish

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ