linux/drivers/firmware
Ard Biesheuvel 5de0fef023 efi/memattr: Don't bail on zero VA if it equals the region's PA
The EFI memory attributes code cross-references the EFI memory map with
the more granular EFI memory attributes table to ensure that they are in
sync before applying the strict permissions to the regions it describes.

Since we always install virtual mappings for the EFI runtime regions to
which these strict permissions apply, we currently perform a sanity check
on the EFI memory descriptor, and ensure that the EFI_MEMORY_RUNTIME bit
is set, and that the virtual address has been assigned.

However, in cases where a runtime region exists at physical address 0x0,
and the virtual mapping equals the physical mapping, e.g., when running
in mixed mode on x86, we encounter a memory descriptor with the runtime
attribute and virtual address 0x0, and incorrectly draw the conclusion
that a runtime region exists for which no virtual mapping was installed,
and give up altogether. The consequence of this is that firmware mappings
retain their read-write-execute permissions, making the system more
vulnerable to attacks.

So let's only bail if the virtual address of 0x0 has been assigned to a
physical region that does not reside at address 0x0.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Alexander Graf <agraf@suse.de>
Cc: Bjorn Andersson <bjorn.andersson@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>
Cc: Jeffrey Hugo <jhugo@codeaurora.org>
Cc: Lee Jones <lee.jones@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Jones <pjones@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Fixes: 10f0d2f577 ("efi: Implement generic support for the Memory ...")
Link: http://lkml.kernel.org/r/20190202094119.13230-4-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2019-02-04 08:26:34 +01:00
..
arm_scmi firmware: arm_scmi: add a getter for power of performance states 2018-09-10 17:37:06 +01:00
broadcom firmware: bcm47xx_nvram: Support small (0x6000 B) NVRAM partitions 2018-04-23 16:39:35 +01:00
efi efi/memattr: Don't bail on zero VA if it equals the region's PA 2019-02-04 08:26:34 +01:00
google gsmi: Add GSMI commands to log S0ix info 2018-10-15 20:32:26 +02:00
imx firmware: imx: add SCU power domain driver 2018-11-14 09:20:47 +08:00
meson firmware: meson_sm: Add serial number sysfs entry 2018-09-12 20:54:07 -07:00
tegra firmware: tegra: Use in-band messages for firmware version query 2018-11-08 12:49:26 +01:00
xilinx firmware: xilinx: Add zynqmp IOCTL API for device control 2018-10-09 13:26:21 +02:00
arm_scpi.c treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
arm_sdei.c firmware: arm_sdei: Fix DT platform device creation 2019-01-03 18:03:54 +00:00
dmi_scan.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
dmi-id.c firmware: dmi: Add access to the SKU ID string 2018-06-17 14:09:42 +02:00
dmi-sysfs.c firmware: dmi: handle missing DMI data gracefully 2018-02-03 11:25:20 +01:00
edd.c edd: don't spam log if no EDD information is present 2018-03-27 09:51:23 +02:00
iscsi_ibft_find.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
iscsi_ibft.c ibft: Deprecate pci_get_bus_and_slot() 2018-01-11 17:26:55 -06:00
Kconfig firmware: add Intel Stratix10 service layer driver 2018-11-26 20:13:50 +01:00
Makefile firmware: add Intel Stratix10 service layer driver 2018-11-26 20:13:50 +01:00
memmap.c drivers/firmware/memmap.c: modify memblock_alloc to memblock_alloc_nopanic 2019-01-04 13:13:46 -08:00
pcdp.c x86, mpparse, x86/acpi, x86/PCI, x86/dmi, SFI: Use memremap() for RAM mappings 2017-07-18 11:37:58 +02:00
pcdp.h
psci_checker.c drivers/firmware: psci_checker: stash and use topology_core_cpumask for hotplug tests 2018-07-26 00:16:58 -07:00
psci.c firmware/psci: Expose SMCCC version through psci_ops 2018-02-06 22:54:11 +00:00
qcom_scm-32.c firmware: qcom: scm: Fix crash in qcom_scm_call_atomic1() 2018-05-24 22:36:45 -05:00
qcom_scm-64.c remoteproc updates for v4.15 2017-11-17 20:14:10 -08:00
qcom_scm.c firmware: qcom: scm: Refactor clock handling 2018-09-14 00:31:52 -05:00
qcom_scm.h remoteproc updates for v4.15 2017-11-17 20:14:10 -08:00
qemu_fw_cfg.c media: headers: fix linux/mod_devicetable.h inclusions 2018-08-02 18:30:54 -04:00
raspberrypi.c firmware: raspberrypi: Switch to SPDX identifier 2018-11-21 14:33:11 +01:00
scpi_pm_domain.c firmware: Convert to using %pOFn instead of device_node.name 2018-10-04 14:16:01 -05:00
stratix10-svc.c firmware: stratix10-svc: fix wrong of_node_put() in init function 2018-12-06 15:42:18 +01:00
ti_sci.c firmware: ti_sci: Provide host-id as an optional dt parameter 2018-08-28 13:22:13 -07:00
ti_sci.h firmware: ti_sci: Switch to SPDX Licensing 2018-05-04 23:10:23 -07:00