From: Greg Kroah-Hartman Date: Sun, 22 Jan 2023 13:50:04 +0000 (+0100) Subject: 5.10-stable patches X-Git-Tag: v4.14.304~28 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=37a76f4d4e3409839641281e42d525f6388ad1c8;p=thirdparty%2Fkernel%2Fstable-queue.git 5.10-stable patches added patches: arm64-efi-execute-runtime-services-from-a-dedicated-stack.patch efi-rt-wrapper-add-missing-include.patch --- diff --git a/queue-5.10/arm64-efi-execute-runtime-services-from-a-dedicated-stack.patch b/queue-5.10/arm64-efi-execute-runtime-services-from-a-dedicated-stack.patch new file mode 100644 index 00000000000..8dee33808a6 --- /dev/null +++ b/queue-5.10/arm64-efi-execute-runtime-services-from-a-dedicated-stack.patch @@ -0,0 +1,126 @@ +From ff7a167961d1b97e0e205f245f806e564d3505e7 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Mon, 5 Dec 2022 11:31:25 +0100 +Subject: arm64: efi: Execute runtime services from a dedicated stack + +From: Ard Biesheuvel + +commit ff7a167961d1b97e0e205f245f806e564d3505e7 upstream. + +With the introduction of PRMT in the ACPI subsystem, the EFI rts +workqueue is no longer the only caller of efi_call_virt_pointer() in the +kernel. This means the EFI runtime services lock is no longer sufficient +to manage concurrent calls into firmware, but also that firmware calls +may occur that are not marshalled via the workqueue mechanism, but +originate directly from the caller context. + +For added robustness, and to ensure that the runtime services have 8 KiB +of stack space available as per the EFI spec, introduce a spinlock +protected EFI runtime stack of 8 KiB, where the spinlock also ensures +serialization between the EFI rts workqueue (which itself serializes EFI +runtime calls) and other callers of efi_call_virt_pointer(). + +While at it, use the stack pivot to avoid reloading the shadow call +stack pointer from the ordinary stack, as doing so could produce a +gadget to defeat it. + +Signed-off-by: Ard Biesheuvel +Cc: Lee Jones +Signed-off-by: Greg Kroah-Hartman +--- + arch/arm64/include/asm/efi.h | 3 +++ + arch/arm64/kernel/efi-rt-wrapper.S | 13 ++++++++++++- + arch/arm64/kernel/efi.c | 27 +++++++++++++++++++++++++++ + 3 files changed, 42 insertions(+), 1 deletion(-) + +--- a/arch/arm64/include/asm/efi.h ++++ b/arch/arm64/include/asm/efi.h +@@ -25,6 +25,7 @@ int efi_set_mapping_permissions(struct m + ({ \ + efi_virtmap_load(); \ + __efi_fpsimd_begin(); \ ++ spin_lock(&efi_rt_lock); \ + }) + + #define arch_efi_call_virt(p, f, args...) \ +@@ -36,10 +37,12 @@ int efi_set_mapping_permissions(struct m + + #define arch_efi_call_virt_teardown() \ + ({ \ ++ spin_unlock(&efi_rt_lock); \ + __efi_fpsimd_end(); \ + efi_virtmap_unload(); \ + }) + ++extern spinlock_t efi_rt_lock; + efi_status_t __efi_rt_asm_wrapper(void *, const char *, ...); + + #define ARCH_EFI_IRQ_FLAGS_MASK (PSR_D_BIT | PSR_A_BIT | PSR_I_BIT | PSR_F_BIT) +--- a/arch/arm64/kernel/efi-rt-wrapper.S ++++ b/arch/arm64/kernel/efi-rt-wrapper.S +@@ -16,6 +16,12 @@ SYM_FUNC_START(__efi_rt_asm_wrapper) + */ + stp x1, x18, [sp, #16] + ++ ldr_l x16, efi_rt_stack_top ++ mov sp, x16 ++#ifdef CONFIG_SHADOW_CALL_STACK ++ str x18, [sp, #-16]! ++#endif ++ + /* + * We are lucky enough that no EFI runtime services take more than + * 5 arguments, so all are passed in registers rather than via the +@@ -29,6 +35,7 @@ SYM_FUNC_START(__efi_rt_asm_wrapper) + mov x4, x6 + blr x8 + ++ mov sp, x29 + ldp x1, x2, [sp, #16] + cmp x2, x18 + ldp x29, x30, [sp], #32 +@@ -42,6 +49,10 @@ SYM_FUNC_START(__efi_rt_asm_wrapper) + * called with preemption disabled and a separate shadow stack is used + * for interrupts. + */ +- mov x18, x2 ++#ifdef CONFIG_SHADOW_CALL_STACK ++ ldr_l x18, efi_rt_stack_top ++ ldr x18, [x18, #-16] ++#endif ++ + b efi_handle_corrupted_x18 // tail call + SYM_FUNC_END(__efi_rt_asm_wrapper) +--- a/arch/arm64/kernel/efi.c ++++ b/arch/arm64/kernel/efi.c +@@ -143,3 +143,30 @@ asmlinkage efi_status_t efi_handle_corru + pr_err_ratelimited(FW_BUG "register x18 corrupted by EFI %s\n", f); + return s; + } ++ ++DEFINE_SPINLOCK(efi_rt_lock); ++ ++asmlinkage u64 *efi_rt_stack_top __ro_after_init; ++ ++/* EFI requires 8 KiB of stack space for runtime services */ ++static_assert(THREAD_SIZE >= SZ_8K); ++ ++static int __init arm64_efi_rt_init(void) ++{ ++ void *p; ++ ++ if (!efi_enabled(EFI_RUNTIME_SERVICES)) ++ return 0; ++ ++ p = __vmalloc_node(THREAD_SIZE, THREAD_ALIGN, GFP_KERNEL, ++ NUMA_NO_NODE, &&l); ++l: if (!p) { ++ pr_warn("Failed to allocate EFI runtime stack\n"); ++ clear_bit(EFI_RUNTIME_SERVICES, &efi.flags); ++ return -ENOMEM; ++ } ++ ++ efi_rt_stack_top = p + THREAD_SIZE; ++ return 0; ++} ++core_initcall(arm64_efi_rt_init); diff --git a/queue-5.10/efi-rt-wrapper-add-missing-include.patch b/queue-5.10/efi-rt-wrapper-add-missing-include.patch new file mode 100644 index 00000000000..6a34c72167d --- /dev/null +++ b/queue-5.10/efi-rt-wrapper-add-missing-include.patch @@ -0,0 +1,30 @@ +From 18bba1843fc7f264f58c9345d00827d082f9c558 Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel +Date: Mon, 9 Jan 2023 12:41:46 +0100 +Subject: efi: rt-wrapper: Add missing include + +From: Ard Biesheuvel + +commit 18bba1843fc7f264f58c9345d00827d082f9c558 upstream. + +Add the missing #include of asm/assembler.h, which is where the ldr_l +macro is defined. + +Fixes: ff7a167961d1b97e ("arm64: efi: Execute runtime services from a dedicated stack") +Signed-off-by: Ard Biesheuvel +Cc: Lee Jones +Signed-off-by: Greg Kroah-Hartman +--- + arch/arm64/kernel/efi-rt-wrapper.S | 1 + + 1 file changed, 1 insertion(+) + +--- a/arch/arm64/kernel/efi-rt-wrapper.S ++++ b/arch/arm64/kernel/efi-rt-wrapper.S +@@ -4,6 +4,7 @@ + */ + + #include ++#include + + SYM_FUNC_START(__efi_rt_asm_wrapper) + stp x29, x30, [sp, #-32]! diff --git a/queue-5.10/series b/queue-5.10/series index 69faff074c3..4d5ade19f28 100644 --- a/queue-5.10/series +++ b/queue-5.10/series @@ -77,3 +77,5 @@ drm-i915-re-disable-rc6p-on-sandy-bridge.patch drm-amd-display-fix-set-scaling-doesn-s-work.patch drm-amd-display-calculate-output_color_space-after-pixel-encoding-adjustment.patch drm-amd-display-fix-color_space_ycbcr2020_type-matrix.patch +arm64-efi-execute-runtime-services-from-a-dedicated-stack.patch +efi-rt-wrapper-add-missing-include.patch