From patchwork Tue Jun 4 15:56:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 13685609 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 3ABBAC27C52 for ; Tue, 4 Jun 2024 15:56:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Cc:To:From:Subject:Message-ID: Mime-Version:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=xLUQl2GVF2IXp5diOncxb+qc519oSwNc59KWDvt9iz4=; b=LAo F1DRdckyW2JyDyV5d55F39THymy4CU6hSzSJ1JwWLVWDCDRLWgYTXncUwhTU7ubLgMsOnWNCIpDrh qojfcY5twRzU5ILSjtIYzCw0GYzm2wQxdE6v+exonCDEufCwMd7w7X0hMtmGrwOrRSJRHKuYpJEkq v6ULYSQA2dBeQml820v8n4lIqXEniaeibDJmFswMo9y5IbijthhpEZbfO5Rmn75QVe8qKwR0HFqE1 Eb2bRaU0KyDfEFI1tjX3TGi1ZqMIeshPIvxLJ+rdtRUMsW8gZfWqVIZqlsB4VNeqdG2CmEZcUUtRc p/bdrjMhivYQay3MrOh7+89DG62OQzg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sEWWm-000000031on-2hfo; Tue, 04 Jun 2024 15:56:48 +0000 Received: from mail-wm1-x349.google.com ([2a00:1450:4864:20::349]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sEWWk-000000031me-0gc5 for linux-arm-kernel@lists.infradead.org; Tue, 04 Jun 2024 15:56:47 +0000 Received: by mail-wm1-x349.google.com with SMTP id 5b1f17b1804b1-4212e2a3a1bso31520745e9.3 for ; Tue, 04 Jun 2024 08:56:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1717516598; x=1718121398; darn=lists.infradead.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=Z81hPxCGmKqYcb2AOCHcD39YzTsc81AMZa+e9UjPdA4=; b=ySusDBg1FK5Y8SJPo8URVIiuikQ3RB2mCTo88XtgHGQLnWquRVviGQjJS4IIeX+Hxk VOAjiRPxRFS+L7+vKHxuJbb4y10Qhyg8yGcx5Wd+qXtGMlutheraEnexE1uYfbEvZ6Yz nZlsCy8OAsTfwtRcmshEK9vF8zGuJ7nQLqInnQVPsestyq3kYrwwErvyRFTmVGAMhQ4F WSn6dx8XDy2HmWiykgzrrXgFwNyw2o7HWzeWaQkk13zFwh5koGYuISIxNBRPDMIcogEJ w8fvYB+NFLZBilXbGTPP7J/cxMcFWKyXorhWLQ7xE6YpH12fDgmVkX0GcqcZKRTcdtEY /47A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717516598; x=1718121398; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=Z81hPxCGmKqYcb2AOCHcD39YzTsc81AMZa+e9UjPdA4=; b=T64K/f0TLSrpjLAuCboFWkyzQ9M1WuMoIA/LkxxgsY+5eijKJHOny3wgGXqWMU9kLC 2+obKUZLWV/N5RCyyT7oVJ5szjh1OKYZKDQF0qddMFdnIo4pW7oAW9usL9xXUAEhE7R7 lxaDwMnAG/ZMFUAdVxfOa6WTA8h7vZxQQVGhfRVRKd4itDONg6gpRp6vE8Mt9ZNRDfAl wks52K6/IOZFzSXVw8UjEqEnoH9a9PHf17Jw3a5UokjT1a5ZSggHkN7O8+NT7KEDPcuX h/YhEvdF0kCmuFh4XIXcbRbUCHh5qVOiUNM3w0GR00u9/5bG3DHZ+TSv8lWfGHXSxL/m 1Ulg== X-Gm-Message-State: AOJu0Yy4NOuWN/Mt3Bi/6cHBySycj5oqZzNO/NEEIJwLJ2TH5mleTEwT mekjp9Nmx6oWTSC2Ob091e2ohv5eXr+M9I7GU+N/QBtGMG8t/yQbqpvOsg8GnUQYVymyOQ== X-Google-Smtp-Source: AGHT+IFe8jdXuv1aeWH7MA6yhiyWDlgI8y8inLlUvWwyqVv/uZ8Z/4ucJ/ukXR0gHdrKnKLOMWTmqhkg X-Received: from palermo.c.googlers.com ([fda3:e722:ac3:cc00:28:9cb1:c0a8:118a]) (user=ardb job=sendgmr) by 2002:a05:600c:1c18:b0:41f:dfa4:52b2 with SMTP id 5b1f17b1804b1-4215633fb75mr445e9.5.1717516598483; Tue, 04 Jun 2024 08:56:38 -0700 (PDT) Date: Tue, 4 Jun 2024 17:56:26 +0200 Mime-Version: 1.0 X-Developer-Key: i=ardb@kernel.org; a=openpgp; fpr=F43D03328115A198C90016883D200E9CA6329909 X-Developer-Signature: v=1; a=openpgp-sha256; l=2910; i=ardb@kernel.org; h=from:subject; bh=B0UDgfaXLRjwJ5HFYpQ93lnEBVODOyfsm3LZgpoPIDg=; b=owGbwMvMwCFmkMcZplerG8N4Wi2JIS3eUqsiuu3BPdGJj5gE+0Onf9uodjnvQLLKo9knc/dej dq0641lRykLgxgHg6yYIovA7L/vdp6eKFXrPEsWZg4rE8gQBi5OAZjI5FuMDBfVrScI35XKnXfD pcz/9Iri/Z/4OB95MG2Z+DH2wvOpaXcYGTbOuTVPxIOv8v2l01djCt0C7XKOqggtn+D4bcWx+/O +nGECAA== X-Mailer: git-send-email 2.45.1.288.g0e0cd299f1-goog Message-ID: <20240604155625.2197275-2-ardb+git@google.com> Subject: [PATCH] efi: Add missing __nocfi annotations to runtime wrappers From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, Ard Biesheuvel , Kees Cook , Sami Tolvanen , Linus Walleij , Nathan Chancellor X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240604_085646_235674_5436487B X-CRM114-Status: GOOD ( 13.57 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Ard Biesheuvel The EFI runtime wrappers are a sandbox for calling into EFI runtime services, which are invoked using indirect calls. When running with kCFI enabled, the compiler will require the target of any indirect call to be type annotated. Given that the EFI runtime services prototypes and calling convention are governed by the EFI spec, not the Linux kernel, adding such type annotations for firmware routines is infeasible, and so the compiler must be informed that prototype validation should be omitted. Add the __nocfi annotation at the appropriate places in the EFI runtime wrapper code to achieve this. Note that this currently only affects 32-bit ARM, given that other architectures that support both kCFI and EFI use an asm wrapper to call EFI runtime services, and this hides the indirect call from the compiler. Cc: Kees Cook Cc: Sami Tolvanen Cc: Linus Walleij Cc: Nathan Chancellor Signed-off-by: Ard Biesheuvel Reviewed-by: Linus Walleij Tested-by: Nathan Chancellor --- drivers/firmware/efi/runtime-wrappers.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/drivers/firmware/efi/runtime-wrappers.c b/drivers/firmware/efi/runtime-wrappers.c index 5d56bc40a79d..708b777857d3 100644 --- a/drivers/firmware/efi/runtime-wrappers.c +++ b/drivers/firmware/efi/runtime-wrappers.c @@ -213,7 +213,7 @@ extern struct semaphore __efi_uv_runtime_lock __alias(efi_runtime_lock); * Calls the appropriate efi_runtime_service() with the appropriate * arguments. */ -static void efi_call_rts(struct work_struct *work) +static void __nocfi efi_call_rts(struct work_struct *work) { const union efi_rts_args *args = efi_rts_work.args; efi_status_t status = EFI_NOT_FOUND; @@ -435,7 +435,7 @@ static efi_status_t virt_efi_set_variable(efi_char16_t *name, return status; } -static efi_status_t +static efi_status_t __nocfi virt_efi_set_variable_nb(efi_char16_t *name, efi_guid_t *vendor, u32 attr, unsigned long data_size, void *data) { @@ -469,7 +469,7 @@ static efi_status_t virt_efi_query_variable_info(u32 attr, return status; } -static efi_status_t +static efi_status_t __nocfi virt_efi_query_variable_info_nb(u32 attr, u64 *storage_space, u64 *remaining_space, u64 *max_variable_size) { @@ -499,10 +499,9 @@ static efi_status_t virt_efi_get_next_high_mono_count(u32 *count) return status; } -static void virt_efi_reset_system(int reset_type, - efi_status_t status, - unsigned long data_size, - efi_char16_t *data) +static void __nocfi +virt_efi_reset_system(int reset_type, efi_status_t status, + unsigned long data_size, efi_char16_t *data) { if (down_trylock(&efi_runtime_lock)) { pr_warn("failed to invoke the reset_system() runtime service:\n"