From nobody Thu Apr 2 20:28:02 2026 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 604CB2DB791 for ; Thu, 26 Mar 2026 13:27:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531639; cv=none; b=rlu7tnfIRewjIp/nchMAW2UVBB9dK1pSxirTOITXCfpbY+7Ik1wHhijTssdmzul9xwB0gPdInqeA18FZ9iZ7Ufrsq7x3LLf1M4JYHBfkWVC7eQx95LcBg79Ybglwm0Mj542/K/mVT8Ju44tHsFOB/+F+VOn4/aOgJ+YkLkhVYqY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531639; c=relaxed/simple; bh=Ltu5dllgYY1cuqPgkjM5/wEJ2ajA64aLJs75CRZCcHI=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=W8XJ0UiRaS+7xPddi/bu9YgStngBNQ90at0H3n8xVyR3HZlhEfmGtwh2IJFJSWKT+z+N3M5FSKtTiQbRccr4Of/CEbhf/EwtYv9nb4DUB5mPyB56XqbTIkeK+GYFDlmeuutJAuICMV9riiLtUodZ/uv9sUkZ7aVW8L7+JeIcE98= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SYKR+77a; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SYKR+77a" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-48542d5aa9eso7853255e9.0 for ; Thu, 26 Mar 2026 06:27:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774531637; x=1775136437; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=HebH0xpfWNwDmcW1JGUvYyRNOr2RM6l+mn3fM1JaysA=; b=SYKR+77asuNPso0ArLllOV3PI6PwEkr6zm4Mi+bh/b1Psm2dbHiJACSljQ8NokBCJo t+iglOSZS2c/fqJmAjaRrZJxQYFMHo58Tm7m1ViJOab/16W7fH/kYl0EJfhCwmOZO90b D2CqrMtEUH0+lbh6uNB4TYoSpyG/jg+5zvAE3+vsArLwxrqmijGKkpAjt34B+Bjq5MIy ttVNegrhGJQDF7ijfXpemN586Fb4DHjowRK2HpDHZKzEKKGLqAytcQzSIavDYz4KMPxS CK0hltNJKWGVnFIySjGDTbpFCeDsszeY3Q3Eas1mEDoJc4ywi92lyr7dqGBG7ZdjDPYo jpBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774531637; x=1775136437; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=HebH0xpfWNwDmcW1JGUvYyRNOr2RM6l+mn3fM1JaysA=; b=agt3+czWqlqa4+MWFQJP/VhsMxelunH91eNpDmaxPIZI3uAL02XqvzhVX5MG1y+4hW /CGM3FSh3+Z/S078OkdKCebwHF7ZKYTkmhxjGBAbQdaPysaf8PvjyyRQWRq9wb0aeuSu SrLZmcFckPSXlto2sXrDE19avqnGlqXGdpd/YSeiVCEL5JpWA7Mfu7n9weE79+Pv/oQd /Cxm1kB0fT5/DcSbij86xPwjQQ1l7+E+v0UhQHZn5vSfxFAggznKdfvXduJkgN4khUTq zE7Tca0bPkCe5WEUr33wsfOHR1k7OFI0Yh+csfUnbDSwuWZLs3gf8Mp3GPdrY6VjiVXs evOw== X-Gm-Message-State: AOJu0YwhNHcC7f8weh/Bse2qofsICyaplYHJ2CVcsUygCV6BkWIH1ksP Li3rBWvm5OhCMyYvvdG3lATtufkUKXFYesYog1iQ1EYC7xAWI3zAeK9KpsLOn+iFzPhhQJXzUA= = X-Received: from wmf24.prod.google.com ([2002:a05:600c:2298:b0:483:80e5:6e03]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:1d15:b0:485:3abe:ab86 with SMTP id 5b1f17b1804b1-48715fc3d1dmr116751625e9.4.1774531636677; Thu, 26 Mar 2026 06:27:16 -0700 (PDT) Date: Thu, 26 Mar 2026 14:26:57 +0100 In-Reply-To: <20260326132655.1733873-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260326132655.1733873-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2566; i=ardb@kernel.org; h=from:subject; bh=n5SOS6vCrP5KScsEzb2KWxQ7rouEvOe8/AT4QMZ5FDU=; b=owGbwMvMwCVmkMcZplerG8N4Wi2JIfOoiaIAX8kdNqGDH21NL9YJp8asn/ChtUFnqv69vSveK s0RvbG9o5SFQYyLQVZMkUVg9t93O09PlKp1niULM4eVCWQIAxenAExkCyvDH+6joZuezl+tFn+h Unaqa6jegi8Xp+3Wus77WGXJTCnHoNUM/5Pec/3lWZMyPVSrUj9rpmMq+/WK6RvcjhR1CVc0eLJ 9YAYA X-Mailer: git-send-email 2.53.0.1018.g2bb0e51243-goog Message-ID: <20260326132655.1733873-8-ardb+git@google.com> Subject: [PATCH 1/5] efi/memattr: Fix thinko in table size sanity check From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Dave Young , Gregory Price , Usama Arif , Jiri Slaby , Breno Leitao Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel While it is true that each PE/COFF runtime driver in memory can generally be split into 3 different regions (the header, the code/rodata region and the data/bss region), each with different permissions, it does not mean that 3x the size of the memory map is a suitable upper bound. This is due to the fact that all runtime drivers could be coalesced into a single EFI runtime code region by the firmware, and if the firmware does a good job of keeping the fragmentation down, it is conceivable that the memory attributes table has more entries than the EFI memory map itself. So instead, base the sanity check on whether the descriptor size matches the EFI memory map's descriptor size (which is not mandated by the spec but extremely unlikely to differ in practice), and whether the size of the whole table does not exceed 2 MiB. Signed-off-by: Ard Biesheuvel Reviewed-by: Gregory Price --- drivers/firmware/efi/memattr.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/drivers/firmware/efi/memattr.c b/drivers/firmware/efi/memattr.c index e727cc5909cb..8d4004149297 100644 --- a/drivers/firmware/efi/memattr.c +++ b/drivers/firmware/efi/memattr.c @@ -42,14 +42,17 @@ void __init efi_memattr_init(void) =20 =20 /* - * Sanity check: the Memory Attributes Table contains up to 3 entries - * for each entry of type EfiRuntimeServicesCode in the EFI memory map. - * So if the size of the table exceeds 3x the size of the entire EFI - * memory map, there is clearly something wrong, and the table should - * just be ignored altogether. + * Sanity check: the Memory Attributes Table contains multiple entries + * for each EFI runtime services code or data region in the EFI memory + * map, each with the permission attributes that may be applied when + * mapping the region. There is no upper bound for the number of + * entries, as it could conceivably contain more entries than the EFI + * memory map itself. So pick an arbitrary limit of 2M for the size, + * which translates to ~50k entries of 40 bytes in size. This prevents + * a corrupted table from eating all system RAM. */ size =3D tbl->num_entries * tbl->desc_size; - if (size > 3 * efi.memmap.nr_map * efi.memmap.desc_size) { + if (tbl->desc_size !=3D efi.memmap.desc_size || size > SZ_2M) { pr_warn(FW_BUG "Corrupted EFI Memory Attributes Table detected! (version= =3D=3D %u, desc_size =3D=3D %u, num_entries =3D=3D %u)\n", tbl->version, tbl->desc_size, tbl->num_entries); goto unmap; --=20 2.53.0.1018.g2bb0e51243-goog From nobody Thu Apr 2 20:28:02 2026 Received: from mail-ej1-f74.google.com (mail-ej1-f74.google.com [209.85.218.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C05C2EDD70 for ; Thu, 26 Mar 2026 13:27:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531640; cv=none; b=arHboL/PJrpN1ceprE1h6loIhVwbUdI8IQ8KulqRqpSUjcB41K8mF2GZchwFjHZZBjEdeFCWkjE9qGkRuBhttNIALeZ2LhQKDAqenx9Vk9gx+LOFFyIMkXoM8Bf0DGEDbdRyNg+fv9pCHuOJIMpAj4fauddK38X7sMJWP65pPCg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531640; c=relaxed/simple; bh=WbNrFRXlNX50+SwMQqetIvGIhoch9/Q4vJfpPel7DPU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=Aq031AI5bTC2bvuk9ab20NNlP/Hmm+1BFL0cEmIa0UMQBBmvF0l0QoYlhMd+vmLphRNjkyG0Lz4VrROmAkmWovolB66+TzmK822RXtmx1guaYD6IS8sRWALPnzz3+CDjsgRFitD6BUbqYEErbLqjJMkBu7hzGxNCsAouf1uj7tM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=SaNs6d2Q; arc=none smtp.client-ip=209.85.218.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="SaNs6d2Q" Received: by mail-ej1-f74.google.com with SMTP id a640c23a62f3a-b938cb02038so112567166b.0 for ; Thu, 26 Mar 2026 06:27:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774531638; x=1775136438; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=qqjJgWZvGe+GH9cTzgYDDSkDUy3ExwqWXbelQXjht+k=; b=SaNs6d2QY6Fj4A9RqHAxC0LcQchcDzTN9Mnm/lvrJgkeeJRV/CyV9ebbqu/JWfOPna XcukaWcJGvG8CbT+mAN4NqFF4M/oD2INDU2HoD7t55V+n7J9DOlr7G6zI7l2lq7BfxBH dPwYhDffdBcRe00y3cLmLsPR/ZWYEWTPY/Su5SLb7qLmRgh7Wb3ikyubR290OtRt5Vbp J9w32nxmqbPx8ly9e3WrxpodTw+RkrjZRz5sAHUxN7txcyE6sZLKX0hrTX+m2psIxkfL RanySP2fm4IA11JnfKJWOsxspbwKPApGl1zP9f+wmEZow2nC/XUYHgyEudW613Vbd8aZ KE1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774531638; x=1775136438; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=qqjJgWZvGe+GH9cTzgYDDSkDUy3ExwqWXbelQXjht+k=; b=DiKrvzDBZe55MnsvZIlAXwFeEVFrPjvQTdFxsHxPlFFeMA4wQvrvRKYXE3C3r0N6iC JZ7ShlRSYEkbAwIE7tLNVA0mJ4y0V7S67YE4uBder4HcbLVq5SU+EUeH0cAgryliKNfn 2HJWzTFRnQAOTth9yDjC1TYiqFA6MU+6DoNIhYXFR8gQmi3VDxLJhWCcD+fNx2X5LFd8 yD8SEMFpAly7dLCI8V3knOOX+G4Vm6X4iBs/rrIic43IjHeFVhT0mnotD3rNe1Oal8WS 1m9nl0/yeYOjn9mvAo27DQzTF05ZKvHp80AmU+e7wmC09x//UmGoKtbHKw1vMJAd8eon mYiA== X-Gm-Message-State: AOJu0YyAwWtfsmLVTNnM9IbUtWYe4i323W61t7y2br2arEGHg/17GQiz EAZsld7URrq/1g8RZI7sdPlXNANsuuwYi7RzcSS1W+BJMXUYk5sc4kI+NVlj4qPBklp0IddF+A= = X-Received: from ejcji12.prod.google.com ([2002:a17:907:980c:b0:b93:58ba:e1d8]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a17:906:4fca:b0:b94:82e:55e7 with SMTP id a640c23a62f3a-b9b2eb254b3mr105037166b.25.1774531637697; Thu, 26 Mar 2026 06:27:17 -0700 (PDT) Date: Thu, 26 Mar 2026 14:26:58 +0100 In-Reply-To: <20260326132655.1733873-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260326132655.1733873-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2488; i=ardb@kernel.org; h=from:subject; bh=A55998XzokyKWlEuNht3NSD6O3K91gXWoI+V5wOS36Y=; b=owGbwMvMwCVmkMcZplerG8N4Wi2JIfOoiVISI7fkc6Fnun0ie7Yt2nHP91K2Z4fVa8uWXXobu eWSF/N2lLIwiHExyIopsgjM/vtu5+mJUrXOs2Rh5rAygQxh4OIUgIkETWb4w8U957z2x6vX5Ze5 uJiFbqmIS3zbmsLfnHWiVePUrZIVuYwMa50e/GZuPv77716rf163QvlMN7DZSbzLunStLHZSgJM 1JwA= X-Mailer: git-send-email 2.53.0.1018.g2bb0e51243-goog Message-ID: <20260326132655.1733873-9-ardb+git@google.com> Subject: [PATCH 2/5] x86/efi: Gather initial memory reservation and table handling logic From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Dave Young , Gregory Price , Usama Arif , Jiri Slaby , Breno Leitao Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Move the back-to-back calls to various EFI routines related to processing of firmware tables and reserving the associated memory into a helper function. This is tidier, and will avoid the need to add yet another function call there in a subsequent patch. Signed-off-by: Ard Biesheuvel Reviewed-by: Gregory Price --- arch/x86/include/asm/efi.h | 5 ++--- arch/x86/kernel/setup.c | 11 ++--------- arch/x86/platform/efi/efi.c | 13 +++++++++++++ 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h index 51b4cdbea061..3dcb137a49ed 100644 --- a/arch/x86/include/asm/efi.h +++ b/arch/x86/include/asm/efi.h @@ -387,11 +387,10 @@ static inline bool efi_is_table_address(unsigned lon= g phys_addr) { return false; } -static inline void efi_reserve_boot_services(void) -{ -} #endif /* CONFIG_EFI */ =20 +void efi_init_reservations(void); + extern int __init efi_memmap_alloc(unsigned int num_entries, struct efi_memory_map_data *data); =20 diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c index eebcc9db1a1b..9f5f50bff16d 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -1083,15 +1083,8 @@ void __init setup_arch(char **cmdline_p) mem_encrypt_setup_arch(); cc_random_init(); =20 - efi_find_mirror(); - efi_esrt_init(); - efi_mokvar_table_init(); - - /* - * The EFI specification says that boot service code won't be - * called after ExitBootServices(). This is, in fact, a lie. - */ - efi_reserve_boot_services(); + if (efi_enabled(EFI_BOOT)) + efi_init_reservations(); =20 /* preallocate 4k for mptable mpc */ e820__memblock_alloc_reserved_mpc_new(); diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c index d84c6020dda1..f32276bd8d4e 100644 --- a/arch/x86/platform/efi/efi.c +++ b/arch/x86/platform/efi/efi.c @@ -165,6 +165,19 @@ static void __init do_add_efi_memmap(void) e820__update_table(e820_table); } =20 +void __init efi_init_reservations(void) +{ + efi_find_mirror(); + efi_esrt_init(); + efi_mokvar_table_init(); + + /* + * The EFI specification says that boot service code won't be + * called after ExitBootServices(). This is, in fact, a lie. + */ + efi_reserve_boot_services(); +} + /* * Given add_efi_memmap defaults to 0 and there is no alternative * e820 mechanism for soft-reserved memory, import the full EFI memory --=20 2.53.0.1018.g2bb0e51243-goog From nobody Thu Apr 2 20:28:02 2026 Received: from mail-wm1-f74.google.com (mail-wm1-f74.google.com [209.85.128.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9348033EB1B for ; Thu, 26 Mar 2026 13:27:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531641; cv=none; b=cY75htTHQn/yFjiRDbzdP2oKVVhTUuRPmAGgIEVzG+vtiZt8zGmHHgTXM/e33Mk1pGfsuiXDx8mlh9qbumH1qChk6rmmWFOJTTgA0BzLijheCJNUpm4AJ6guthgoBnavitgrX/zKFHo4K/0u4y4GyKpyEYzLAwJ03AdcGsSPFWQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531641; c=relaxed/simple; bh=w0gWF+fnU+EyIm0hi+wVX5jP3BFK5kjYtXeIFBo8VfY=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=PfO8zTv+Akqxa5xYETNuPe9+ojGVn74bdJVSQmvQv6+euyRQiR7EeM21JwWA1QcXw/+7h/xLds7ecJJomEwvU4oJDeMdOoCgFhwPt15rHDYu6JlAY+BJuuEpoe4AP6scKq9jIlhScXmD4wZiVImEPEKm9WH/Ai0aas+7lTzE1Fc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=L4ttQcJP; arc=none smtp.client-ip=209.85.128.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="L4ttQcJP" Received: by mail-wm1-f74.google.com with SMTP id 5b1f17b1804b1-48544725bdeso17981705e9.2 for ; Thu, 26 Mar 2026 06:27:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774531639; x=1775136439; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=GHIQwAWhL9cMJE4WuFrzIdPhFDdaY3JclpZnGu+ZbFk=; b=L4ttQcJPdzQesZ0KRvq7QIjZJVSVHBbfaDLRHuD3Jv159MtmCkNrmR87dQyqj8Txue qvUhNyD52sgaPT/M6hdk2RZV6RnK6026ANdZ9nQztsmjBsHTEHhC5vytjk7IVhOOx3YO FwzFe8meXrgzXIma4md+gDNKCQcXrRBLQHH7m4Wc3lnxSBlw2YX8StnlOSgN9BpMo3RB 5GZ5lN99101JCPtQxm+s5JnJKWHgjdT+ZMz3BwbGajacNiI0P6crjONzMvdtNjzZEFRp JWVnPrcYXJyLc0vif/VFMPo6Wb+abPPter4oww1ntJLv1qKULQmC5ZogRvBjQk3joCyd xRiA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774531639; x=1775136439; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=GHIQwAWhL9cMJE4WuFrzIdPhFDdaY3JclpZnGu+ZbFk=; b=FGGC09mHVD432S+JEk4R+sScb2M8qvtGL/tVW9jJq/sHoyE7aBsG5bNwrfmGFSbrP9 OaGpsqzS1CDR2zWCIo49QH4xjb1xPKWBUroCzlMJJzl9MeR85O70PPAxqClcFLqtOlzw KFHtBfAy9AzAI1KqvFCImBms2mOCtQ+A1AItvDfOAVmhObxRrct0oa/yR1XUkD/3InJr 2mw1jd5p2i+mgYiE+zC/Fp74zwBtORZn+NlDTdQGl3OXlEQ+jjczaIwUnk2WApnvrelu 9r0tFDJUuU3Gxe4M+c3zbEckHd2TLN3tgt1Vz3Dh6X/4+fwQriec9wxdGS1tGNwtEmuS VnFw== X-Gm-Message-State: AOJu0Yy4kj7f9tPXeMvscZGdxuSQa6d9VSJ3y08NBc42K0CQ3dx1nki0 7cNM9doQoLo0T8AIvjmK5D9GAyZGhw+xZrBQYXPbH4ltiVjjxrjuqzs5jJa0KlOz+aeGKvuBzw= = X-Received: from wmjv19.prod.google.com ([2002:a7b:cb53:0:b0:485:2ff0:b4ad]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:890b:b0:485:6ec7:2df with SMTP id 5b1f17b1804b1-48715fd50abmr89023025e9.8.1774531638838; Thu, 26 Mar 2026 06:27:18 -0700 (PDT) Date: Thu, 26 Mar 2026 14:26:59 +0100 In-Reply-To: <20260326132655.1733873-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260326132655.1733873-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1578; i=ardb@kernel.org; h=from:subject; bh=dWW9mhL2BAGt3mcyh6Fj0ZP76AqTMt2tFZlrnJvD3Uc=; b=owGbwMvMwCVmkMcZplerG8N4Wi2JIfOoiYrV7Z89zbnNE6ezfVOKjP12Z75YAN9hgSlemSyJ1 w7aqxR1lLIwiHExyIopsgjM/vtu5+mJUrXOs2Rh5rAygQxh4OIUgIl4PmVkmBmwUrrgJO+KSwbv xWdVPqu8ZWqess+t/nOi2+5Pc1ZMYmNkWD2pM+SWqKnpNe9it7bqJaYvwtef61Oe9fbDtW+5Nzq YWQE= X-Mailer: git-send-email 2.53.0.1018.g2bb0e51243-goog Message-ID: <20260326132655.1733873-10-ardb+git@google.com> Subject: [PATCH 3/5] x86/efi: Defer the call to efi_memattr_init() From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Dave Young , Gregory Price , Usama Arif , Jiri Slaby , Breno Leitao Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel efi_memattr_init() should call efi_mem_reserve() rather than memblock_reserve() to preserve the memory contents of the region when the EFI memory attributes table is loaded by the firmware. However, efi_mem_reserve() can only be called later during the boot on x86, due to the fact that it may need to memblock_alloc() memory for the EFI memory map. So move the call to efi_memattr_init() to a later stage when building for x86_64. Signed-off-by: Ard Biesheuvel --- arch/x86/platform/efi/efi.c | 2 ++ drivers/firmware/efi/efi.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c index f32276bd8d4e..107dcdf354ba 100644 --- a/arch/x86/platform/efi/efi.c +++ b/arch/x86/platform/efi/efi.c @@ -167,6 +167,8 @@ static void __init do_add_efi_memmap(void) =20 void __init efi_init_reservations(void) { + if (IS_ENABLED(CONFIG_X86_64) && efi_enabled(EFI_MEMMAP)) + efi_memattr_init(); efi_find_mirror(); efi_esrt_init(); efi_mokvar_table_init(); diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index b2fb92a4bbd1..d28ed1ce9a33 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -761,7 +761,7 @@ int __init efi_config_parse_tables(const efi_config_tab= le_t *config_tables, } } =20 - if (!IS_ENABLED(CONFIG_X86_32) && efi_enabled(EFI_MEMMAP)) + if (!IS_ENABLED(CONFIG_X86) && efi_enabled(EFI_MEMMAP)) efi_memattr_init(); =20 efi_tpm_eventlog_init(); --=20 2.53.0.1018.g2bb0e51243-goog From nobody Thu Apr 2 20:28:02 2026 Received: from mail-ej1-f74.google.com (mail-ej1-f74.google.com [209.85.218.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A352E3976A9 for ; Thu, 26 Mar 2026 13:27:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.74 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531643; cv=none; b=XW7J+kGbSj+rAefhPJEwULbbYZpUbYRcg5Wr/nI/BbAm583f+ZhKsQYog6WwauLP8RGlLbJxyK+fz9zMyCqTue6AB3EC0jeTE23ezK2nyp1MEnpubbiNcz9OSZKFxd3zWX8t6HuKjH2kv9bVAi1RhGbIFEXxr2k8macumzU1nSQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531643; c=relaxed/simple; bh=fZjPOaIGiInXb9FfsWODgJoFCvX+VTlkGFglUy+3XQw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=GlQi8apZVFYnmoOCZPlzURZeCLTzgvTLA0uO3qR90zCel0Py6t/L25xY74JOwk1SIFrhBo5CQZYOOYZSDNUyMDJXIb5vslQvwc5z40yQkux9fbzotnvVn1DxwHPK2K7bcRBLaQUkgsC4wr0zjmqWexaPy8dJ3LAgWm0NjUVz5KI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=pctTHLze; arc=none smtp.client-ip=209.85.218.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="pctTHLze" Received: by mail-ej1-f74.google.com with SMTP id a640c23a62f3a-b97a381912eso69554366b.0 for ; Thu, 26 Mar 2026 06:27:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774531640; x=1775136440; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=WBiR9gxXBcLOHofBlDWTXR6in2B24aoi6pN3TLZufuY=; b=pctTHLzeoXp+RRtgp6CRnQ2OArnqzGUA1v8Xm76ZuTKgs4DmD4/5dRHiORas/vZfAC mvS/G80d+ClqHeBN4TVKl2ruCe8Q7w9uzb26Jqck8D10fPxx+fJ4iuP2LO5YLjgd/T92 JJ57IvqoebBD2JNkjvy7afEnUbcGwjWmXbGZoo9iNlZOJQ9byg4TgZWAy2CL0voGn0Qk FyWlAUvcfTEBjnOWb68yPal/la9ob1BoAwg9S9kkooaXjtN97T3O2kea0/Gfw+r8A1fQ iuJL3FEaJ3G7VayBO9IArRStJcEOSRqdu8EWSOxu0HziQTYk5PCqZleIaAzBZbQPasc9 zhPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774531640; x=1775136440; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=WBiR9gxXBcLOHofBlDWTXR6in2B24aoi6pN3TLZufuY=; b=GbXG+FgJccM9QozUqDpOCvL2Ji/qJ+1qQzzOlCD/a90yZozVIRpsBt1zpPeFGdVaCU BpkR1roLAWAsbavhAh5bjSJjbtBWsMm/cfu/FlIeIHITzBBshhHrGzqKwhoZPGuZ4AKe FjT64jBNfJuhFmSfw/vfyi5Xijg1lrFi4bbGveU6TeGuOplwsuKclGniGoHXRQfeK01u 0LQ7RYIk6B/ppx36iUFo2SFiVLMC07HSgFAPOpDJw/wz86BoabfD22gz4IifEzS6hCHs a/nTZ6drwgdfIWX/7FEfuBNt39Mz/3l+hIb3/TtpqWD+uQgqW/SuS9K1+K0fDWWiNqr4 FryA== X-Gm-Message-State: AOJu0Yz2/iW7EfU7w0uPqX3LD2WTLEQq3zXouboQM89vloSurKzFqC97 9GadWvYDs/gQy/B3fJcOLSXv4duaANxiESWrbgsXJwBYYgU0jRLfmrAfbUgfxo8uKY0jW+rTzw= = X-Received: from ejchk6.prod.google.com ([2002:a17:907:3cc6:b0:b98:24c1:423]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a17:907:806:b0:b98:44b3:7e95 with SMTP id a640c23a62f3a-b9a54268840mr536267166b.40.1774531639913; Thu, 26 Mar 2026 06:27:19 -0700 (PDT) Date: Thu, 26 Mar 2026 14:27:00 +0100 In-Reply-To: <20260326132655.1733873-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260326132655.1733873-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=855; i=ardb@kernel.org; h=from:subject; bh=IrDXJ0SpMQSirNYm+oXKTNnBUrUZx/I6yCygt5YygRQ=; b=owGbwMvMwCVmkMcZplerG8N4Wi2JIfOoiep0/vCVPsd970wKP8j1PcfNqM9EccMx/0yNx5zTD J8uEPnfUcrCIMbFICumyCIw+++7nacnStU6z5KFmcPKBDKEgYtTACbin8rwv2waW3d79KJGNuFJ civbdL02XfVZHVbzSPmVisrOGXLu/owMb0+IPuPO1pBQrLw4iT/I+0jUPjaDUyz/WDVOHXrT2/6 UFwA= X-Mailer: git-send-email 2.53.0.1018.g2bb0e51243-goog Message-ID: <20260326132655.1733873-11-ardb+git@google.com> Subject: [PATCH 4/5] efi: Use efi_mem_reserve() to reserve the memory attribute table From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Dave Young , Gregory Price , Usama Arif , Jiri Slaby , Breno Leitao Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Use efi_mem_reserve() rather than memblock_reserve() to reserve the EFI memory attributes table. This is needed on x86, where memblock_reserve() is not sufficient for assets that may be placed in EFI boot services data memory. Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/memattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/efi/memattr.c b/drivers/firmware/efi/memattr.c index 8d4004149297..f9cfdec1fb51 100644 --- a/drivers/firmware/efi/memattr.c +++ b/drivers/firmware/efi/memattr.c @@ -59,7 +59,7 @@ void __init efi_memattr_init(void) } =20 tbl_size =3D sizeof(*tbl) + size; - memblock_reserve(efi_mem_attr_table, tbl_size); + efi_mem_reserve(efi_mem_attr_table, tbl_size); set_bit(EFI_MEM_ATTR, &efi.flags); =20 unmap: --=20 2.53.0.1018.g2bb0e51243-goog From nobody Thu Apr 2 20:28:02 2026 Received: from mail-wm1-f73.google.com (mail-wm1-f73.google.com [209.85.128.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7F7133C5DB3 for ; Thu, 26 Mar 2026 13:27:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.73 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531643; cv=none; b=oWQREzx6B+q6NWbcflnJ3+cla+OO363Ar8FF6rsks07iyvQWo8JhFT1Oc+UYAoWZOTYlSlRvYD1+Tmx3UL+ncoOuAMV+AQ8hcNnBmGonawXRZYWrsS2Sq8rHWmGzA0Gw0dyG4FuBOulP+LghUMkm7OQ2kDZxez9qfkAE5+inyy4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1774531643; c=relaxed/simple; bh=rIk1R7y8NoaK+vucCth0wMIHQJyh4Ht8VsH1WDQOKj0=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=JK6H1vJoB4Tp3qYNhWcMriP/9VLBDuk0aG5IP/7eCO4+Fb+4VQVs5xL80xcagLP+S7f/oyIYiAc66euuz6v+dJjBbuZhPAJaHYQK7LF8ONdyNIIexE1KabzLUdwW6un6gMrGgblvoF+WvaF0YPyLU4ue4jXAfokV4jtpjlzu+Jk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=W3sta5gC; arc=none smtp.client-ip=209.85.128.73 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--ardb.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="W3sta5gC" Received: by mail-wm1-f73.google.com with SMTP id 5b1f17b1804b1-4871fc50fe7so6189295e9.0 for ; Thu, 26 Mar 2026 06:27:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20251104; t=1774531641; x=1775136441; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=yCzf4aZhl663HYafsBCQA23EEnogYYWjlMdO1fVHwXE=; b=W3sta5gCcAcCeKhrIaC3gDcyhaoPp50EgyamzebY6vN3PzDlBwKCKqnktjlVh+fnaD 1v2EMVHi6lhspFlUpLAXYBfEMpQ6mA4mztHclRifxLMZYUjDYNikvG1f93rWdKR0sTsy 1ZFYcOEXWrOX83EsZQfebmwPt1nbhfp/Ptyt5U0fmUJa3SrCHK1bKk6x6MftGhhfVTg2 nujQ1TU8sjGNLohgqfPKRQGu2trsWTvYhopRIzPjmMG3xGxZB1oQzIFiEfJUQXXpXIlE LtCNOVhXKsxkn1IU+huUYqd+2YzJJdRTB9z163e+3SeWc7F/NTLL9fv3/UuxXD+QBk1y bydQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1774531641; x=1775136441; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=yCzf4aZhl663HYafsBCQA23EEnogYYWjlMdO1fVHwXE=; b=J9SXHCpXkzDcuZsx0dD2kArdSxJy0Gyv/BtqFeqO7SxrdaJgLqxDhJaBN8BUgJ3a5+ 6t84FDw66RpCMhEoRDidVCoc/BzvFEMf6mjQ76Yl5qUo4KF8L9dPzYCRIZbUPGQYWG2C sbqwSHVjjVeKrU9F5D1H+h/Tmwd4DZkply74KZrun45gO2ueu6Sq/TmBdK/um1mWRmcy lvdR2vBK6Zem3y86QpCAIQwf6z9ffvLYdAqYQkzwzFUV60cIKRo7wfjg2jmuGzBh/hHd YM0oxJ7BIT+vLNp9XB22zsrJCKiFODXgZYRCybG86LzOXWEEOugxOLH7KvMLZCCECJ42 lNXg== X-Gm-Message-State: AOJu0YxvuVeb9c6NAOAUz0ukouAQ99qv16L13nAW73zInlTIQuyB66Tv tZ9MrKhzy7Kdeu6B80gdW7O2HNwQFU+MJlhSwCbNVa6QWFLx6Xnp9ifw3/P4I4BvATzqZCNKlQ= = X-Received: from wmcq23.prod.google.com ([2002:a05:600c:c117:b0:480:4be7:3f3a]) (user=ardb job=prod-delivery.src-stubby-dispatcher) by 2002:a05:600c:3309:b0:487:219e:416 with SMTP id 5b1f17b1804b1-487219e0550mr20341805e9.8.1774531640788; Thu, 26 Mar 2026 06:27:20 -0700 (PDT) Date: Thu, 26 Mar 2026 14:27:01 +0100 In-Reply-To: <20260326132655.1733873-7-ardb+git@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260326132655.1733873-7-ardb+git@google.com> X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=1261; i=ardb@kernel.org; h=from:subject; bh=9/p1gplyiVkCrjGlrbWLto/adyUX/ujHd1AFZTagrlM=; b=owGbwMvMwCVmkMcZplerG8N4Wi2JIfOoiVpW2xyxydyfz1+q+cdayjs5xtukQrfgz8S+R8fnP Cldu/JnRykLgxgXg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZjI5umMDN8uWemEikyrXcjE qyPyQu7h7mt3Lii5XvS70nY5+OHXzR8ZGb7UalSv5eM5liUjFPFu2sXvEy8pMQbVeCV2TZ5wfYv WXw4A X-Mailer: git-send-email 2.53.0.1018.g2bb0e51243-goog Message-ID: <20260326132655.1733873-12-ardb+git@google.com> Subject: [PATCH 5/5] x86/efi: Drop kexec quirk for the EFI memory attributes table From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org, x86@kernel.org, Ard Biesheuvel , Dave Young , Gregory Price , Usama Arif , Jiri Slaby , Breno Leitao Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ard Biesheuvel Now that the EFI memory attributes table is preserved properly, and the quirk to detect corrupted tables has been updated not to result in false positives when the number of EFI memory map entries is low compared to the number of EFI memory attributes table entries, there is no longer a need to ignore the latter when doing a kexec boot. So drop the workaround. This reverts commit 64b45dd46e15 ("x86/efi: skip memattr table on kexec boot") Signed-off-by: Ard Biesheuvel --- arch/x86/platform/efi/quirks.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/arch/x86/platform/efi/quirks.c b/arch/x86/platform/efi/quirks.c index 79f0818131e8..98641c621e6c 100644 --- a/arch/x86/platform/efi/quirks.c +++ b/arch/x86/platform/efi/quirks.c @@ -611,10 +611,6 @@ int __init efi_reuse_config(u64 tables, int nr_tables) if (!efi_guidcmp(guid, SMBIOS_TABLE_GUID)) ((efi_config_table_64_t *)p)->table =3D data->smbios; =20 - /* Do not bother to play with mem attr table across kexec */ - if (!efi_guidcmp(guid, EFI_MEMORY_ATTRIBUTES_TABLE_GUID)) - ((efi_config_table_64_t *)p)->table =3D EFI_INVALID_TABLE_ADDR; - p +=3D sz; } early_memunmap(tablep, nr_tables * sz); --=20 2.53.0.1018.g2bb0e51243-goog