lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20251102001411.108385-1-francescopompo2@gmail.com>
Date: Sun,  2 Nov 2025 01:13:11 +0100
From: Francesco Pompo <francescopompo2@...il.com>
To: Ard Biesheuvel <ardb@...nel.org>
Cc: linux-efi@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Francesco Pompo <francescopompo2@...il.com>
Subject: [PATCH] efistub/smbios: Add fallback for SMBIOS record lookup

Some UEFI firmware implementations do not provide the SMBIOS Protocol,
causing efi_get_smbios_record() to fail. This prevents retrieval of
system information such as product name, which is needed by
apple_set_os() to enable the integrated GPU on dual-graphics Intel
MacBooks.

Add a fallback that directly parses the SMBIOS entry point table when
the protocol is unavailable. Log when the fallback is used.

Signed-off-by: Francesco Pompo <francescopompo2@...il.com>
---
 drivers/firmware/efi/libstub/efistub.h | 17 +++++
 drivers/firmware/efi/libstub/smbios.c  | 99 +++++++++++++++++++++++++-
 2 files changed, 113 insertions(+), 3 deletions(-)

diff --git a/drivers/firmware/efi/libstub/efistub.h b/drivers/firmware/efi/libstub/efistub.h
index 685098f9626f..68582ce81370 100644
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -1151,6 +1151,23 @@ void free_screen_info(struct screen_info *si);
 void efi_cache_sync_image(unsigned long image_base,
 			  unsigned long alloc_size);
 
+struct __packed smbios_entry_point {
+	char anchor[4];
+	u8 ep_checksum;
+	u8 ep_length;
+	u8 major_version;
+	u8 minor_version;
+	u16 max_size_entry;
+	u8 ep_rev;
+	u8 reserved[5];
+	char int_anchor[5];
+	u8 int_checksum;
+	u16 st_length;
+	u32 st_address;
+	u16 number_of_entries;
+	u8 bcd_rev;
+};
+
 struct efi_smbios_record {
 	u8	type;
 	u8	length;
diff --git a/drivers/firmware/efi/libstub/smbios.c b/drivers/firmware/efi/libstub/smbios.c
index f31410d7e7e1..21f499035b37 100644
--- a/drivers/firmware/efi/libstub/smbios.c
+++ b/drivers/firmware/efi/libstub/smbios.c
@@ -33,6 +33,93 @@ union efi_smbios_protocol {
 	} mixed_mode;
 };
 
+static bool verify_ep_checksum(const struct smbios_entry_point *ep)
+{
+	const u8 *ptr = (u8 *)ep;
+	u8 sum = 0;
+	int i;
+
+	for (i = 0; i < ep->ep_length; i++)
+		sum += ptr[i];
+
+	return sum == 0;
+}
+
+static bool verify_ep_int_checksum(const struct smbios_entry_point *ep)
+{
+	const u8 *ptr = (u8 *)&ep->int_anchor;
+	u8 sum = 0;
+	int i;
+
+	for (i = 0; i < 15; i++)
+		sum += ptr[i];
+
+	return sum == 0;
+}
+
+static bool verify_ep_integrity(const struct smbios_entry_point *ep)
+{
+	if (memcmp(ep->anchor, "_SM_", sizeof(ep->anchor)) != 0)
+		return false;
+
+	if (memcmp(ep->int_anchor, "_DMI_", sizeof(ep->int_anchor)) != 0)
+		return false;
+
+	if (!verify_ep_checksum(ep) || !verify_ep_int_checksum(ep))
+		return false;
+
+	return true;
+}
+
+static const struct efi_smbios_record *search_record(void *table, u32 length,
+						     u8 type)
+{
+	const u8 *p, *end;
+
+	p = (u8 *)table;
+	end = p + length;
+
+	while (p + sizeof(struct efi_smbios_record) < end) {
+		const struct efi_smbios_record *hdr =
+			(struct efi_smbios_record *)p;
+		const u8 *next;
+
+		if (hdr->type == type)
+			return hdr;
+
+		/* Type 127 = End-of-Table */
+		if (hdr->type == 0x7F)
+			return NULL;
+
+		/* Jumping to the unformed section */
+		next = p + hdr->length;
+
+		/* Unformed section ends with 0000h */
+		while ((next[0] != 0 || next[1] != 0) && next + 1 < end)
+			next++;
+
+		next += 2;
+		p = next;
+	}
+
+	return NULL;
+}
+
+static const struct efi_smbios_record *get_table_record(u8 type)
+{
+	const struct smbios_entry_point *ep;
+
+	ep = get_efi_config_table(SMBIOS_TABLE_GUID);
+	if (!ep)
+		return NULL;
+
+	if (!verify_ep_integrity(ep))
+		return NULL;
+
+	return search_record((void *)(unsigned long)ep->st_address,
+		ep->st_length, type);
+}
+
 const struct efi_smbios_record *efi_get_smbios_record(u8 type)
 {
 	struct efi_smbios_record *record;
@@ -43,9 +130,15 @@ const struct efi_smbios_record *efi_get_smbios_record(u8 type)
 	status = efi_bs_call(locate_protocol, &EFI_SMBIOS_PROTOCOL_GUID, NULL,
 			     (void **)&smbios) ?:
 		 efi_call_proto(smbios, get_next, &handle, &type, &record, NULL);
-	if (status != EFI_SUCCESS)
-		return NULL;
-	return record;
+	if (status == EFI_SUCCESS)
+		return record;
+
+	efi_info(
+		"Cannot access SMBIOS protocol (status 0x%lx), parsing table directly\n",
+		status
+	);
+
+	return get_table_record(type);
 }
 
 const u8 *__efi_get_smbios_string(const struct efi_smbios_record *record,
-- 
2.51.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ