Before dfcccc6631 "efi: use directmap to access runtime services table"
all usages of efi_rs pointer were guarded by efi_rs_enter(), which
implicitly refused to operate with efi=no-rs (by checking if
efi_l4_pgtable is NULL - which is the case for efi=no-rs). The said
commit (re)moved that call as unneeded for just reading content of
efi_rs structure - to avoid unnecessary page tables switch. But it
neglected to check if efi_rs access is legal.
Fix this by adding explicit check for runtime service being enabled in
the cases that do not use efi_rs_enter().
Reported-by: Roman Shaposhnik <roman@zededa.com>
Fixes: dfcccc6631 "efi: use directmap to access runtime services table"
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
---
Cc: Juergen Gross <jgross@suse.com>
---
xen/common/efi/runtime.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/xen/common/efi/runtime.c b/xen/common/efi/runtime.c
index 22fd6c9b53..12da6a525a 100644
--- a/xen/common/efi/runtime.c
+++ b/xen/common/efi/runtime.c
@@ -211,6 +211,8 @@ int efi_get_info(uint32_t idx, union xenpf_efi_info *info)
break;
case XEN_FW_EFI_RT_VERSION:
{
+ if ( !efi_enabled(EFI_RS) )
+ return -EOPNOTSUPP;
info->version = efi_rs->Hdr.Revision;
break;
}
@@ -613,6 +615,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op)
break;
}
+ if ( !efi_enabled(EFI_RS) )
+ return -EOPNOTSUPP;
if ( (efi_rs->Hdr.Revision >> 16) < 2 )
return -EOPNOTSUPP;
state = efi_rs_enter();
@@ -631,6 +635,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op)
if ( op->misc )
return -EINVAL;
+ if ( !efi_enabled(EFI_RS) )
+ return -EOPNOTSUPP;
if ( (efi_rs->Hdr.Revision >> 16) < 2 )
return -EOPNOTSUPP;
/* XXX fall through for now */
--
2.21.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
On 17.11.2019 00:47, Marek Marczykowski-Górecki wrote: > Before dfcccc6631 "efi: use directmap to access runtime services table" > all usages of efi_rs pointer were guarded by efi_rs_enter(), which > implicitly refused to operate with efi=no-rs (by checking if > efi_l4_pgtable is NULL - which is the case for efi=no-rs). The said > commit (re)moved that call as unneeded for just reading content of > efi_rs structure - to avoid unnecessary page tables switch. But it > neglected to check if efi_rs access is legal. > > Fix this by adding explicit check for runtime service being enabled in > the cases that do not use efi_rs_enter(). > > Reported-by: Roman Shaposhnik <roman@zededa.com> > Fixes: dfcccc6631 "efi: use directmap to access runtime services table" > Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Albeit I would have preferred ... > @@ -613,6 +615,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op) > break; > } > > + if ( !efi_enabled(EFI_RS) ) > + return -EOPNOTSUPP; > if ( (efi_rs->Hdr.Revision >> 16) < 2 ) > return -EOPNOTSUPP; > state = efi_rs_enter(); > @@ -631,6 +635,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op) > if ( op->misc ) > return -EINVAL; > > + if ( !efi_enabled(EFI_RS) ) > + return -EOPNOTSUPP; > if ( (efi_rs->Hdr.Revision >> 16) < 2 ) > return -EOPNOTSUPP; ... if these two pairs of if()-s would each have been folded; I may take the liberty to do so while committing if I end up being the committer of this. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
On 17.11.19 00:47, Marek Marczykowski-Górecki wrote: > Before dfcccc6631 "efi: use directmap to access runtime services table" > all usages of efi_rs pointer were guarded by efi_rs_enter(), which > implicitly refused to operate with efi=no-rs (by checking if > efi_l4_pgtable is NULL - which is the case for efi=no-rs). The said > commit (re)moved that call as unneeded for just reading content of > efi_rs structure - to avoid unnecessary page tables switch. But it > neglected to check if efi_rs access is legal. > > Fix this by adding explicit check for runtime service being enabled in > the cases that do not use efi_rs_enter(). > > Reported-by: Roman Shaposhnik <roman@zededa.com> > Fixes: dfcccc6631 "efi: use directmap to access runtime services table" > Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Release-acked-by: Juergen Gross <jgross@suse.com> Juergen _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
© 2016 - 2024 Red Hat, Inc.