Commit 93ce7948 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'efi-next-for-v5.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi 

Pull more EFI updates from Ard Biesheuvel:
 "Follow-up tweaks for EFI changes - they mostly address issues
  introduced this merge window, except for Heinrich's patch:

   - fix new DXE service invocations for mixed mode

   - use correct Kconfig symbol when setting PE header flag

   - clean up the drivers/firmware/efi Kconfig dependencies so that
     features that depend on CONFIG_EFI are hidden from the UI when the
     symbol is not enabled.

  Also included is a RISC-V bugfix from Heinrich to avoid read-write
  mappings of read-only firmware regions in the EFI page tables"

* tag 'efi-next-for-v5.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
  efi: clean up Kconfig dependencies on CONFIG_EFI
  efi/x86: libstub: Make DXE calls mixed mode safe
  efi: x86: Fix config name for setting the NX-compatibility flag in the PE header
  riscv: read-only pages should not be writable
parents 9be4cbd0 75ed63d9

arch/riscv/kernel/efi.c

+1 −1
Original line number Diff line number Diff line
@@ -65,7 +65,7 @@ static int __init set_permissions(pte_t *ptep, unsigned long addr, void *data) 


	if (md->attribute & EFI_MEMORY_RO) {

		val = pte_val(pte) & ~_PAGE_WRITE;

		val = pte_val(pte) | _PAGE_READ;

		val |= _PAGE_READ;

		pte = __pte(val);

	}

	if (md->attribute & EFI_MEMORY_XP) {

arch/x86/boot/header.S

+1 −1
Original line number Diff line number Diff line
@@ -163,7 +163,7 @@ extra_header_fields: 
	.long	0x200				# SizeOfHeaders

	.long	0				# CheckSum

	.word	IMAGE_SUBSYSTEM_EFI_APPLICATION	# Subsystem (EFI application)

#ifdef CONFIG_DXE_MEM_ATTRIBUTES

#ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES

	.word	IMAGE_DLL_CHARACTERISTICS_NX_COMPAT	# DllCharacteristics

#else

	.word	0				# DllCharacteristics

arch/x86/include/asm/efi.h

+9 −0
Original line number Diff line number Diff line
@@ -270,6 +270,8 @@ static inline u32 efi64_convert_status(efi_status_t status) 
	return (u32)(status | (u64)status >> 32);

}



#define __efi64_split(val)		(val) & U32_MAX, (u64)(val) >> 32



#define __efi64_argmap_free_pages(addr, size)				\

	((addr), 0, (size))
@@ -317,6 +319,13 @@ static inline u32 efi64_convert_status(efi_status_t status) 
#define __efi64_argmap_hash_log_extend_event(prot, fl, addr, size, ev)	\

	((prot), (fl), 0ULL, (u64)(addr), 0ULL, (u64)(size), 0ULL, ev)



/* DXE services */

#define __efi64_argmap_get_memory_space_descriptor(phys, desc) \

	(__efi64_split(phys), (desc))



#define __efi64_argmap_set_memory_space_descriptor(phys, size, flags) \

	(__efi64_split(phys), __efi64_split(size), __efi64_split(flags))



/*

 * The macros below handle the plumbing for the argument mapping. To add a

 * mapping for a specific EFI method, simply define a macro

drivers/firmware/Makefile

+1 −2
Original line number Diff line number Diff line
@@ -32,8 +32,7 @@ obj-y += broadcom/ 
obj-y				+= cirrus/

obj-y				+= meson/

obj-$(CONFIG_GOOGLE_FIRMWARE)	+= google/

obj-$(CONFIG_EFI)		+= efi/

obj-$(CONFIG_UEFI_CPER)		+= efi/

obj-y				+= efi/

obj-y				+= imx/

obj-y				+= psci/

obj-y				+= smccc/

drivers/firmware/efi/Kconfig

+24 −28
Original line number Diff line number Diff line
@@ -193,6 +193,9 @@ config EFI_TEST 
	  Say Y here to enable the runtime services support via /dev/efi_test.

	  If unsure, say N.



config EFI_DEV_PATH_PARSER

	bool



config APPLE_PROPERTIES

	bool "Apple Device Properties"

	depends on EFI_STUB && X86
@@ -255,40 +258,15 @@ config EFI_DISABLE_PCI_DMA 
	  options "efi=disable_early_pci_dma" or "efi=no_disable_early_pci_dma"

	  may be used to override this option.



endmenu



config EFI_EMBEDDED_FIRMWARE

	bool

	depends on EFI

	select CRYPTO_LIB_SHA256



config UEFI_CPER

	bool



config UEFI_CPER_ARM

	bool

	depends on UEFI_CPER && ( ARM || ARM64 )

	default y



config UEFI_CPER_X86

	bool

	depends on UEFI_CPER && X86

	default y



config EFI_DEV_PATH_PARSER

	bool

	depends on ACPI

	default n



config EFI_EARLYCON

	def_bool y

	depends on EFI && SERIAL_EARLYCON && !ARM && !IA64

	depends on SERIAL_EARLYCON && !ARM && !IA64

	select FONT_SUPPORT

	select ARCH_USE_MEMREMAP_PROT



config EFI_CUSTOM_SSDT_OVERLAYS

	bool "Load custom ACPI SSDT overlay from an EFI variable"

	depends on EFI && ACPI

	depends on ACPI

	default ACPI_TABLE_UPGRADE

	help

	  Allow loading of an ACPI SSDT overlay from an EFI variable specified
@@ -314,7 +292,6 @@ config EFI_DISABLE_RUNTIME 


config EFI_COCO_SECRET

	bool "EFI Confidential Computing Secret Area Support"

	depends on EFI

	help

	  Confidential Computing platforms (such as AMD SEV) allow the

	  Guest Owner to securely inject secrets during guest VM launch.
@@ -327,3 +304,22 @@ config EFI_COCO_SECRET 
	  for usage inside the kernel.  This will allow the

	  virt/coco/efi_secret module to access the secrets, which in turn

	  allows userspace programs to access the injected secrets.



config EFI_EMBEDDED_FIRMWARE

	bool

	select CRYPTO_LIB_SHA256



endmenu



config UEFI_CPER

	bool



config UEFI_CPER_ARM

	bool

	depends on UEFI_CPER && ( ARM || ARM64 )

	default y



config UEFI_CPER_X86

	bool

	depends on UEFI_CPER && X86

	default y