| Message ID | 20230206124938.272988-1-ardb@kernel.org (mailing list archive) |
|---|---|
| Headers | show |
| Series | efi: Enable BTI for EFI runtimes services | expand |
On Mon, 6 Feb 2023 at 13:49, Ard Biesheuvel <ardb@kernel.org> wrote: > > The EFI spec v2.10 introduces a global flag in the memory attributes > table that indicates whether the EFI runtime code regions were emitted > with BTI landing pads, and can therefore tolerate being mapped with BTI > enforcement enabled. > > Add the generic plumbing for this, and wire it up for arm64. > > Changes since v1: > - enable BTI in UEFI code regions even if CONFIG_ARM64_BIT_KERNEL=n > - deal with BTI exceptions occuring in EFI code gracefully > - add equivalent handling to x86 > - add Kees's R-b > > Cc: Catalin Marinas <catalin.marinas@arm.com> > Cc: Will Deacon <will@kernel.org> > Cc: Kees Cook <keescook@chromium.org> > Cc: Mark Rutland <mark.rutland@arm.com> > Cc: Peter Zijlstra <peterz@infradead.org> > Cc: Thomas Gleixner <tglx@linutronix.de> > Cc: Ingo Molnar <mingo@redhat.com> > Cc: Borislav Petkov <bp@alien8.de> > Cc: Dave Hansen <dave.hansen@linux.intel.com> > x86, arm64 maintainers: I'd like to queue these up in the EFI tree. Any objections? > Ard Biesheuvel (3): > efi: Discover BTI support in runtime services regions > efi: arm64: Wire up BTI annotation in memory attributes table > efi: x86: Wire up IBT annotation in memory attributes table > > arch/arm/include/asm/efi.h | 2 +- > arch/arm/kernel/efi.c | 5 +++-- > arch/arm64/include/asm/efi.h | 3 ++- > arch/arm64/kernel/efi.c | 17 ++++++++++++++--- > arch/arm64/kernel/traps.c | 6 ++++++ > arch/riscv/include/asm/efi.h | 2 +- > arch/riscv/kernel/efi.c | 3 ++- > arch/x86/include/asm/efi.h | 4 +++- > arch/x86/include/asm/ibt.h | 4 ++-- > arch/x86/kernel/apm_32.c | 4 ++-- > arch/x86/kernel/cpu/common.c | 5 +++-- > arch/x86/platform/efi/efi_64.c | 8 +++++++- > drivers/firmware/efi/memattr.c | 7 ++++++- > include/linux/efi.h | 8 ++++++-- > 14 files changed, 58 insertions(+), 20 deletions(-) > > -- > 2.39.1 >