| Message ID | 20191116234717.1458-1-marmarek@invisiblethingslab.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [for-4.13] efi: do not use runtime services table with efi=no-rs | expand |
On 17.11.2019 00:47, Marek Marczykowski-Górecki wrote: > Before dfcccc6631 "efi: use directmap to access runtime services table" > all usages of efi_rs pointer were guarded by efi_rs_enter(), which > implicitly refused to operate with efi=no-rs (by checking if > efi_l4_pgtable is NULL - which is the case for efi=no-rs). The said > commit (re)moved that call as unneeded for just reading content of > efi_rs structure - to avoid unnecessary page tables switch. But it > neglected to check if efi_rs access is legal. > > Fix this by adding explicit check for runtime service being enabled in > the cases that do not use efi_rs_enter(). > > Reported-by: Roman Shaposhnik <roman@zededa.com> > Fixes: dfcccc6631 "efi: use directmap to access runtime services table" > Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Albeit I would have preferred ... > @@ -613,6 +615,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op) > break; > } > > + if ( !efi_enabled(EFI_RS) ) > + return -EOPNOTSUPP; > if ( (efi_rs->Hdr.Revision >> 16) < 2 ) > return -EOPNOTSUPP; > state = efi_rs_enter(); > @@ -631,6 +635,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op) > if ( op->misc ) > return -EINVAL; > > + if ( !efi_enabled(EFI_RS) ) > + return -EOPNOTSUPP; > if ( (efi_rs->Hdr.Revision >> 16) < 2 ) > return -EOPNOTSUPP; ... if these two pairs of if()-s would each have been folded; I may take the liberty to do so while committing if I end up being the committer of this. Jan
On 17.11.19 00:47, Marek Marczykowski-Górecki wrote: > Before dfcccc6631 "efi: use directmap to access runtime services table" > all usages of efi_rs pointer were guarded by efi_rs_enter(), which > implicitly refused to operate with efi=no-rs (by checking if > efi_l4_pgtable is NULL - which is the case for efi=no-rs). The said > commit (re)moved that call as unneeded for just reading content of > efi_rs structure - to avoid unnecessary page tables switch. But it > neglected to check if efi_rs access is legal. > > Fix this by adding explicit check for runtime service being enabled in > the cases that do not use efi_rs_enter(). > > Reported-by: Roman Shaposhnik <roman@zededa.com> > Fixes: dfcccc6631 "efi: use directmap to access runtime services table" > Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Release-acked-by: Juergen Gross <jgross@suse.com> Juergen
diff --git a/xen/common/efi/runtime.c b/xen/common/efi/runtime.c index 22fd6c9b53..12da6a525a 100644 --- a/xen/common/efi/runtime.c +++ b/xen/common/efi/runtime.c @@ -211,6 +211,8 @@ int efi_get_info(uint32_t idx, union xenpf_efi_info *info) break; case XEN_FW_EFI_RT_VERSION: { + if ( !efi_enabled(EFI_RS) ) + return -EOPNOTSUPP; info->version = efi_rs->Hdr.Revision; break; } @@ -613,6 +615,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op) break; } + if ( !efi_enabled(EFI_RS) ) + return -EOPNOTSUPP; if ( (efi_rs->Hdr.Revision >> 16) < 2 ) return -EOPNOTSUPP; state = efi_rs_enter(); @@ -631,6 +635,8 @@ int efi_runtime_call(struct xenpf_efi_runtime_call *op) if ( op->misc ) return -EINVAL; + if ( !efi_enabled(EFI_RS) ) + return -EOPNOTSUPP; if ( (efi_rs->Hdr.Revision >> 16) < 2 ) return -EOPNOTSUPP; /* XXX fall through for now */
Before dfcccc6631 "efi: use directmap to access runtime services table" all usages of efi_rs pointer were guarded by efi_rs_enter(), which implicitly refused to operate with efi=no-rs (by checking if efi_l4_pgtable is NULL - which is the case for efi=no-rs). The said commit (re)moved that call as unneeded for just reading content of efi_rs structure - to avoid unnecessary page tables switch. But it neglected to check if efi_rs access is legal. Fix this by adding explicit check for runtime service being enabled in the cases that do not use efi_rs_enter(). Reported-by: Roman Shaposhnik <roman@zededa.com> Fixes: dfcccc6631 "efi: use directmap to access runtime services table" Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> --- Cc: Juergen Gross <jgross@suse.com> --- xen/common/efi/runtime.c | 6 ++++++ 1 file changed, 6 insertions(+)