Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-14 08:02:07 +00:00
Code Issues Packages Projects Releases Wiki Activity
63bf28ceb3
linux/drivers/firmware
History
Ard Biesheuvel 63bf28ceb3 efi: x86: Wipe setup_data on pure EFI boot 
When booting the x86 kernel via EFI using the LoadImage/StartImage boot
services [as opposed to the deprecated EFI handover protocol], the setup
header is taken from the image directly, and given that EFI's LoadImage
has no Linux/x86 specific knowledge regarding struct bootparams or
struct setup_header, any absolute addresses in the setup header must
originate from the file and not from a prior loading stage.

Since we cannot generally predict where LoadImage() decides to load an
image (*), such absolute addresses must be treated as suspect: even if a
prior boot stage intended to make them point somewhere inside the
[signed] image, there is no way to validate that, and if they point at
an arbitrary location in memory, the setup_data nodes will not be
covered by any signatures or TPM measurements either, and could be made
to contain an arbitrary sequence of SETUP_xxx nodes, which could
interfere quite badly with the early x86 boot sequence.

(*) Note that, while LoadImage() does take a buffer/size tuple in
addition to a device path, which can be used to provide the image
contents directly, it will re-allocate such images, as the memory
footprint of an image is generally larger than the PE/COFF file
representation.

Cc: <stable@vger.kernel.org> # v5.10+
Link: https://lore.kernel.org/all/20220904165321.1140894-1-Jason@zx2c4.com/
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Acked-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-09-22 10:12:51 +02:00
..
arm_ffa firmware: arm_ffa: Remove incorrect assignment of driver_data 2022-04-29 14:51:46 +01:00
arm_scmi Power management updates for 5.20-rc1 2022-08-02 11:17:00 -07:00
broadcom firmware: tee_bnxt: Use UUID API for exporting the UUID 2022-05-05 18:14:29 -07:00
cirrus firmware: cs_dsp: Add memory chunk helpers 2022-07-22 13:40:00 +01:00
efi efi: x86: Wipe setup_data on pure EFI boot 2022-09-22 10:12:51 +02:00
google firmware: google: Properly state IOMEM dependency 2022-03-18 14:18:15 +01:00
imx firmware: imx: scu-pd: imx8q: add vpu mu resources 2022-02-20 14:55:32 +08:00
meson
psci firmware/psci: fix application of sizeof to pointer 2021-10-26 17:40:54 -05:00
smccc printk: stop including cache.h from printk.h 2022-05-13 07:20:07 -07:00
tegra firmware: tegra: Fix error check return value of debugfs_create_file() 2022-07-08 17:56:03 +02:00
xilinx firmware: xilinx: Add TF_A_PM_REGISTER_SGI SMC call 2022-06-29 14:46:22 +02:00
arm_scpi.c firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails 2022-07-04 14:28:42 +01:00
arm_sdei.c ACPI: APEI: explicit init of HEST and GHES in apci_init() 2022-03-03 20:24:22 +01:00
dmi_scan.c
dmi-id.c firmware: dmi: Move product_sku info to the end of the modalias 2021-09-02 17:28:53 +02:00
dmi-sysfs.c firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle 2022-05-19 18:56:56 +02:00
edd.c edd: simplify the check of 'attr->test' in edd_populate_dir() 2022-05-19 18:57:04 +02:00
iscsi_ibft_find.c iscsi_ibft: fix warning in reserve_ibft_region() 2021-08-05 19:47:57 -04:00
iscsi_ibft.c iscsi_ibft: Fix isa_bus_to_virt not working under ARM 2021-09-02 16:22:00 -04:00
Kconfig sound updates for 5.19-rc1 2022-05-25 16:55:16 -07:00
Makefile Follow-up tweaks for the EFI changes in v5.19 2022-06-03 13:39:30 -07:00
memmap.c firmware: memmap: use default_groups in kobj_type 2022-01-05 19:17:29 +01:00
mtk-adsp-ipc.c firmware: mediatek: Use meaningful names for mbox 2022-06-22 13:39:30 +01:00
pcdp.c
pcdp.h
qcom_scm-legacy.c firmware: qcom_scm-legacy: correct kerneldoc 2022-06-25 22:04:31 -05:00
qcom_scm-smc.c
qcom_scm.c firmware: qcom_scm: Add bw voting support to the SCM interface 2022-06-29 21:48:32 -05:00
qcom_scm.h firmware: qcom: scm: Add support for MC boot address API 2022-02-03 21:54:48 -06:00
qemu_fw_cfg.c firmware: qemu_fw_cfg: remove sysfs entries explicitly 2022-01-14 18:50:52 -05:00
raspberrypi.c firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()' 2021-08-18 16:02:08 +02:00
scpi_pm_domain.c firmware: arm_scpi: Fix string overflow in SCPI genpd driver 2021-12-13 15:17:37 +01:00
stratix10-rsu.c firmware: stratix10-rsu: extend RSU driver to get DCMF status 2022-07-14 16:55:09 +02:00
stratix10-svc.c firmware: stratix10-svc: To support a command ATF Get Version 2022-07-14 16:55:09 +02:00
sysfb_simplefb.c firmware: sysfb: Make sysfb_create_simplefb() return a pdev pointer 2022-06-29 09:51:31 +02:00
sysfb.c firmware: sysfb: Add sysfb_disable() helper function 2022-06-29 09:51:41 +02:00
ti_sci.c firmware: ti_sci: Switch transport to polled mode during system suspend 2022-05-03 06:52:11 -05:00
ti_sci.h
trusted_foundations.c
turris-mox-rwtm.c mvebu drivers for 5.14 (part 1) 2021-06-23 18:57:40 -07:00