Commit 93ce7948 authored by Linus Torvalds's avatar Linus Torvalds

Merge tag 'efi-next-for-v5.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi

Pull more EFI updates from Ard Biesheuvel:
 "Follow-up tweaks for EFI changes - they mostly address issues
  introduced this merge window, except for Heinrich's patch:

   - fix new DXE service invocations for mixed mode

   - use correct Kconfig symbol when setting PE header flag

   - clean up the drivers/firmware/efi Kconfig dependencies so that
     features that depend on CONFIG_EFI are hidden from the UI when the
     symbol is not enabled.

  Also included is a RISC-V bugfix from Heinrich to avoid read-write
  mappings of read-only firmware regions in the EFI page tables"

* tag 'efi-next-for-v5.19-2' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
  efi: clean up Kconfig dependencies on CONFIG_EFI
  efi/x86: libstub: Make DXE calls mixed mode safe
  efi: x86: Fix config name for setting the NX-compatibility flag in the PE header
  riscv: read-only pages should not be writable
parents 9be4cbd0 75ed63d9
...@@ -65,7 +65,7 @@ static int __init set_permissions(pte_t *ptep, unsigned long addr, void *data) ...@@ -65,7 +65,7 @@ static int __init set_permissions(pte_t *ptep, unsigned long addr, void *data)
if (md->attribute & EFI_MEMORY_RO) { if (md->attribute & EFI_MEMORY_RO) {
val = pte_val(pte) & ~_PAGE_WRITE; val = pte_val(pte) & ~_PAGE_WRITE;
val = pte_val(pte) | _PAGE_READ; val |= _PAGE_READ;
pte = __pte(val); pte = __pte(val);
} }
if (md->attribute & EFI_MEMORY_XP) { if (md->attribute & EFI_MEMORY_XP) {
......
...@@ -163,7 +163,7 @@ extra_header_fields: ...@@ -163,7 +163,7 @@ extra_header_fields:
.long 0x200 # SizeOfHeaders .long 0x200 # SizeOfHeaders
.long 0 # CheckSum .long 0 # CheckSum
.word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application) .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application)
#ifdef CONFIG_DXE_MEM_ATTRIBUTES #ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES
.word IMAGE_DLL_CHARACTERISTICS_NX_COMPAT # DllCharacteristics .word IMAGE_DLL_CHARACTERISTICS_NX_COMPAT # DllCharacteristics
#else #else
.word 0 # DllCharacteristics .word 0 # DllCharacteristics
......
...@@ -270,6 +270,8 @@ static inline u32 efi64_convert_status(efi_status_t status) ...@@ -270,6 +270,8 @@ static inline u32 efi64_convert_status(efi_status_t status)
return (u32)(status | (u64)status >> 32); return (u32)(status | (u64)status >> 32);
} }
#define __efi64_split(val) (val) & U32_MAX, (u64)(val) >> 32
#define __efi64_argmap_free_pages(addr, size) \ #define __efi64_argmap_free_pages(addr, size) \
((addr), 0, (size)) ((addr), 0, (size))
...@@ -317,6 +319,13 @@ static inline u32 efi64_convert_status(efi_status_t status) ...@@ -317,6 +319,13 @@ static inline u32 efi64_convert_status(efi_status_t status)
#define __efi64_argmap_hash_log_extend_event(prot, fl, addr, size, ev) \ #define __efi64_argmap_hash_log_extend_event(prot, fl, addr, size, ev) \
((prot), (fl), 0ULL, (u64)(addr), 0ULL, (u64)(size), 0ULL, ev) ((prot), (fl), 0ULL, (u64)(addr), 0ULL, (u64)(size), 0ULL, ev)
/* DXE services */
#define __efi64_argmap_get_memory_space_descriptor(phys, desc) \
(__efi64_split(phys), (desc))
#define __efi64_argmap_set_memory_space_descriptor(phys, size, flags) \
(__efi64_split(phys), __efi64_split(size), __efi64_split(flags))
/* /*
* The macros below handle the plumbing for the argument mapping. To add a * The macros below handle the plumbing for the argument mapping. To add a
* mapping for a specific EFI method, simply define a macro * mapping for a specific EFI method, simply define a macro
......
...@@ -32,8 +32,7 @@ obj-y += broadcom/ ...@@ -32,8 +32,7 @@ obj-y += broadcom/
obj-y += cirrus/ obj-y += cirrus/
obj-y += meson/ obj-y += meson/
obj-$(CONFIG_GOOGLE_FIRMWARE) += google/ obj-$(CONFIG_GOOGLE_FIRMWARE) += google/
obj-$(CONFIG_EFI) += efi/ obj-y += efi/
obj-$(CONFIG_UEFI_CPER) += efi/
obj-y += imx/ obj-y += imx/
obj-y += psci/ obj-y += psci/
obj-y += smccc/ obj-y += smccc/
......
...@@ -193,6 +193,9 @@ config EFI_TEST ...@@ -193,6 +193,9 @@ config EFI_TEST
Say Y here to enable the runtime services support via /dev/efi_test. Say Y here to enable the runtime services support via /dev/efi_test.
If unsure, say N. If unsure, say N.
config EFI_DEV_PATH_PARSER
bool
config APPLE_PROPERTIES config APPLE_PROPERTIES
bool "Apple Device Properties" bool "Apple Device Properties"
depends on EFI_STUB && X86 depends on EFI_STUB && X86
...@@ -255,40 +258,15 @@ config EFI_DISABLE_PCI_DMA ...@@ -255,40 +258,15 @@ config EFI_DISABLE_PCI_DMA
options "efi=disable_early_pci_dma" or "efi=no_disable_early_pci_dma" options "efi=disable_early_pci_dma" or "efi=no_disable_early_pci_dma"
may be used to override this option. may be used to override this option.
endmenu
config EFI_EMBEDDED_FIRMWARE
bool
depends on EFI
select CRYPTO_LIB_SHA256
config UEFI_CPER
bool
config UEFI_CPER_ARM
bool
depends on UEFI_CPER && ( ARM || ARM64 )
default y
config UEFI_CPER_X86
bool
depends on UEFI_CPER && X86
default y
config EFI_DEV_PATH_PARSER
bool
depends on ACPI
default n
config EFI_EARLYCON config EFI_EARLYCON
def_bool y def_bool y
depends on EFI && SERIAL_EARLYCON && !ARM && !IA64 depends on SERIAL_EARLYCON && !ARM && !IA64
select FONT_SUPPORT select FONT_SUPPORT
select ARCH_USE_MEMREMAP_PROT select ARCH_USE_MEMREMAP_PROT
config EFI_CUSTOM_SSDT_OVERLAYS config EFI_CUSTOM_SSDT_OVERLAYS
bool "Load custom ACPI SSDT overlay from an EFI variable" bool "Load custom ACPI SSDT overlay from an EFI variable"
depends on EFI && ACPI depends on ACPI
default ACPI_TABLE_UPGRADE default ACPI_TABLE_UPGRADE
help help
Allow loading of an ACPI SSDT overlay from an EFI variable specified Allow loading of an ACPI SSDT overlay from an EFI variable specified
...@@ -314,7 +292,6 @@ config EFI_DISABLE_RUNTIME ...@@ -314,7 +292,6 @@ config EFI_DISABLE_RUNTIME
config EFI_COCO_SECRET config EFI_COCO_SECRET
bool "EFI Confidential Computing Secret Area Support" bool "EFI Confidential Computing Secret Area Support"
depends on EFI
help help
Confidential Computing platforms (such as AMD SEV) allow the Confidential Computing platforms (such as AMD SEV) allow the
Guest Owner to securely inject secrets during guest VM launch. Guest Owner to securely inject secrets during guest VM launch.
...@@ -327,3 +304,22 @@ config EFI_COCO_SECRET ...@@ -327,3 +304,22 @@ config EFI_COCO_SECRET
for usage inside the kernel. This will allow the for usage inside the kernel. This will allow the
virt/coco/efi_secret module to access the secrets, which in turn virt/coco/efi_secret module to access the secrets, which in turn
allows userspace programs to access the injected secrets. allows userspace programs to access the injected secrets.
config EFI_EMBEDDED_FIRMWARE
bool
select CRYPTO_LIB_SHA256
endmenu
config UEFI_CPER
bool
config UEFI_CPER_ARM
bool
depends on UEFI_CPER && ( ARM || ARM64 )
default y
config UEFI_CPER_X86
bool
depends on UEFI_CPER && X86
default y
...@@ -260,10 +260,10 @@ adjust_memory_range_protection(unsigned long start, unsigned long size) ...@@ -260,10 +260,10 @@ adjust_memory_range_protection(unsigned long start, unsigned long size)
EFI_MEMORY_WB); EFI_MEMORY_WB);
if (status != EFI_SUCCESS) { if (status != EFI_SUCCESS) {
efi_warn("Unable to unprotect memory range [%08lx,%08lx]: %d\n", efi_warn("Unable to unprotect memory range [%08lx,%08lx]: %lx\n",
unprotect_start, unprotect_start,
unprotect_start + unprotect_size, unprotect_start + unprotect_size,
(int)status); status);
} }
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment