All of lore.kernel.org
 help / color / mirror / Atom feed
* [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-02 13:51 Ard Biesheuvel
  2017-06-02 13:51   ` Ard Biesheuvel
                   ` (13 more replies)
  0 siblings, 14 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel, Andy Lutomirski, Andy Lutomirski,
	Andy Shevchenko, Borislav Petkov, Bryan O'Donoghue,
	Fabian Frederick, Geliang Tang, Ivan Hu, Jan Kiszka,
	Kweh Hock Leong, Matt Fleming, Ravi Shankar, Ricardo Neri,
	Russell King, Sai Praneeth Prakhya

The following changes since commit 5ed02dbb497422bf225783f46e6eadd237d23d6b:

  Linux 4.12-rc3 (2017-05-28 17:20:53 -0700)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next

for you to fetch changes up to 3acbd5a24ab9d9a82c56d9018f4d340fa574b91d:

  efi: arm: enable DMI/SMBIOS (2017-06-02 13:38:56 +0000)

----------------------------------------------------------------
First batch of EFI changes for v4.13:
- rework the EFI capsule loader to allow for workarounds for non-compliant
  firmware to be implemented more easily and in a more self contained
  manner (Ard)
- implement a capsule loader quirk for Quark X102x, which prepends a
  security header in a non-compliant way (Jan Kiszka)
- enable SMBIOS/DMI support for the ARM architecture (Ard)
- add EFI_PGT_DUMP support for x86_32 and kexec (Sai Praneeth)
- some other cleanups

----------------------------------------------------------------
Andy Lutomirski (1):
      x86/efi: Clean up efi CR3 save/restore

Ard Biesheuvel (4):
      efi/capsule-loader: Use a cached copy of the capsule header
      efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
      efi/capsule-loader: Use page addresses rather than struct page pointers
      efi: arm: enable DMI/SMBIOS

Fabian Frederick (1):
      efi/capsule: Remove NULL test on kmap()

Geliang Tang (1):
      efi/efi_test: Use memdup_user() helper

Jan Kiszka (5):
      efi/capsule: Fix return code on failing kmap/vmap
      efi/capsule: Remove pr_debug on ENOMEM or EFAULT
      efi/capsule: Clean up pr_err/info messages
      efi/capsule: Adjust return type of efi_capsule_setup_info
      efi/capsule: Add support for Quark security header

Sai Praneeth (1):
      x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec

 arch/arm/Kconfig                      |  17 +++++
 arch/arm/include/asm/dmi.h            |  19 +++++
 arch/arm64/kernel/efi.c               |  15 ----
 arch/x86/include/asm/efi.h            |  17 ++++-
 arch/x86/platform/efi/efi.c           |   9 ++-
 arch/x86/platform/efi/efi_32.c        |  21 ++++--
 arch/x86/platform/efi/efi_64.c        |  27 ++++---
 arch/x86/platform/efi/quirks.c        | 137 ++++++++++++++++++++++++++++++++++
 drivers/firmware/efi/Kconfig          |   9 +++
 drivers/firmware/efi/arm-runtime.c    |  16 ++++
 drivers/firmware/efi/capsule-loader.c | 117 ++++++++++++-----------------
 drivers/firmware/efi/capsule.c        |  11 +--
 drivers/firmware/efi/test/efi_test.c  |  11 +--
 include/linux/efi.h                   |  14 +++-
 14 files changed, 317 insertions(+), 123 deletions(-)
 create mode 100644 arch/arm/include/asm/dmi.h

^ permalink raw reply	[flat|nested] 46+ messages in thread

* [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
@ 2017-06-02 13:51   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Andy Lutomirski, Ard Biesheuvel, linux-kernel, Borislav Petkov,
	Andy Lutomirski, Matt Fleming

From: Andy Lutomirski <luto@kernel.org>

efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
three different things depending on kernel and system configuration.
Clean it up so it uses a union and is more explicit about what's
going on.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
 arch/x86/platform/efi/efi.c    |  6 +++---
 arch/x86/platform/efi/efi_32.c | 12 ++++++------
 arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
 4 files changed, 36 insertions(+), 21 deletions(-)

diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index 2f77bcefe6b4..6d74cc3802e6 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -111,11 +111,24 @@ extern void __iomem *__init efi_ioremap(unsigned long addr, unsigned long size,
 
 #endif /* CONFIG_X86_32 */
 
+union efi_saved_pgd {
+	/*
+	 * If !EFI_OLD_MEMMAP or we're 32-bit, this is a verbatim saved CR3
+	 * value.
+	 */
+	unsigned long cr3;
+
+#ifdef CONFIG_X86_64
+	/* If EFI_OLD_MEMMAP, this is a kmalloced copy of the pgd. */
+	pgd_t *pgd;
+#endif
+};
+
 extern struct efi_scratch efi_scratch;
 extern void __init efi_set_executable(efi_memory_desc_t *md, bool executable);
 extern int __init efi_memblock_x86_reserve_range(void);
-extern pgd_t * __init efi_call_phys_prolog(void);
-extern void __init efi_call_phys_epilog(pgd_t *save_pgd);
+extern union efi_saved_pgd __init efi_call_phys_prolog(void);
+extern void __init efi_call_phys_epilog(union efi_saved_pgd saved_pgd);
 extern void __init efi_print_memmap(void);
 extern void __init efi_memory_uc(u64 addr, unsigned long size);
 extern void __init efi_map_region(efi_memory_desc_t *md);
diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index 7e76a4d8304b..dc2da5e2c7e4 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -82,9 +82,9 @@ static efi_status_t __init phys_efi_set_virtual_address_map(
 {
 	efi_status_t status;
 	unsigned long flags;
-	pgd_t *save_pgd;
+	union efi_saved_pgd saved_pgd;
 
-	save_pgd = efi_call_phys_prolog();
+	saved_pgd = efi_call_phys_prolog();
 
 	/* Disable interrupts around EFI calls: */
 	local_irq_save(flags);
@@ -93,7 +93,7 @@ static efi_status_t __init phys_efi_set_virtual_address_map(
 			       descriptor_version, virtual_map);
 	local_irq_restore(flags);
 
-	efi_call_phys_epilog(save_pgd);
+	efi_call_phys_epilog(saved_pgd);
 
 	return status;
 }
diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c
index 3481268da3d0..403a987d06c7 100644
--- a/arch/x86/platform/efi/efi_32.c
+++ b/arch/x86/platform/efi/efi_32.c
@@ -58,13 +58,13 @@ void __init efi_map_region(efi_memory_desc_t *md)
 void __init efi_map_region_fixed(efi_memory_desc_t *md) {}
 void __init parse_efi_setup(u64 phys_addr, u32 data_len) {}
 
-pgd_t * __init efi_call_phys_prolog(void)
+union efi_saved_pgd __init efi_call_phys_prolog(void)
 {
 	struct desc_ptr gdt_descr;
-	pgd_t *save_pgd;
+	union efi_saved_pgd saved_pgd;
 
 	/* Current pgd is swapper_pg_dir, we'll restore it later: */
-	save_pgd = swapper_pg_dir;
+	saved_pgd.cr3 = __pa(swapper_pg_dir);
 	load_cr3(initial_page_table);
 	__flush_tlb_all();
 
@@ -72,10 +72,10 @@ pgd_t * __init efi_call_phys_prolog(void)
 	gdt_descr.size = GDT_SIZE - 1;
 	load_gdt(&gdt_descr);
 
-	return save_pgd;
+	return saved_pgd;
 }
 
-void __init efi_call_phys_epilog(pgd_t *save_pgd)
+void __init efi_call_phys_epilog(union efi_saved_pgd saved_pgd)
 {
 	struct desc_ptr gdt_descr;
 
@@ -83,7 +83,7 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
 	gdt_descr.size = GDT_SIZE - 1;
 	load_gdt(&gdt_descr);
 
-	load_cr3(save_pgd);
+	write_cr3(saved_pgd.cr3);
 	__flush_tlb_all();
 }
 
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index c488625c9712..6fbf6c47e603 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -69,16 +69,16 @@ static void __init early_code_mapping_set_exec(int executable)
 	}
 }
 
-pgd_t * __init efi_call_phys_prolog(void)
+union efi_saved_pgd __init efi_call_phys_prolog(void)
 {
 	unsigned long vaddress;
-	pgd_t *save_pgd;
+	union efi_saved_pgd saved_pgd;
 
 	int pgd;
 	int n_pgds;
 
 	if (!efi_enabled(EFI_OLD_MEMMAP)) {
-		save_pgd = (pgd_t *)read_cr3();
+		saved_pgd.cr3 = read_cr3();
 		write_cr3((unsigned long)efi_scratch.efi_pgt);
 		goto out;
 	}
@@ -86,20 +86,21 @@ pgd_t * __init efi_call_phys_prolog(void)
 	early_code_mapping_set_exec(1);
 
 	n_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT), PGDIR_SIZE);
-	save_pgd = kmalloc_array(n_pgds, sizeof(*save_pgd), GFP_KERNEL);
+	saved_pgd.pgd = kmalloc_array(n_pgds, sizeof(*saved_pgd.pgd),
+				      GFP_KERNEL);
 
 	for (pgd = 0; pgd < n_pgds; pgd++) {
-		save_pgd[pgd] = *pgd_offset_k(pgd * PGDIR_SIZE);
+		saved_pgd.pgd[pgd] = *pgd_offset_k(pgd * PGDIR_SIZE);
 		vaddress = (unsigned long)__va(pgd * PGDIR_SIZE);
 		set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress));
 	}
 out:
 	__flush_tlb_all();
 
-	return save_pgd;
+	return saved_pgd;
 }
 
-void __init efi_call_phys_epilog(pgd_t *save_pgd)
+void __init efi_call_phys_epilog(union efi_saved_pgd saved_pgd)
 {
 	/*
 	 * After the lock is released, the original page table is restored.
@@ -108,7 +109,7 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
 	int nr_pgds;
 
 	if (!efi_enabled(EFI_OLD_MEMMAP)) {
-		write_cr3((unsigned long)save_pgd);
+		write_cr3(saved_pgd.cr3);
 		__flush_tlb_all();
 		return;
 	}
@@ -116,9 +117,10 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
 	nr_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT) , PGDIR_SIZE);
 
 	for (pgd_idx = 0; pgd_idx < nr_pgds; pgd_idx++)
-		set_pgd(pgd_offset_k(pgd_idx * PGDIR_SIZE), save_pgd[pgd_idx]);
+		set_pgd(pgd_offset_k(pgd_idx * PGDIR_SIZE),
+			saved_pgd.pgd[pgd_idx]);
 
-	kfree(save_pgd);
+	kfree(saved_pgd.pgd);
 
 	__flush_tlb_all();
 	early_code_mapping_set_exec(0);
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
@ 2017-06-02 13:51   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA, Ingo Molnar, Thomas Gleixner,
	H . Peter Anvin
  Cc: Andy Lutomirski, Ard Biesheuvel,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA, Borislav Petkov,
	Andy Lutomirski, Matt Fleming

From: Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>

efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
three different things depending on kernel and system configuration.
Clean it up so it uses a union and is more explicit about what's
going on.

Signed-off-by: Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
Cc: Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>
Cc: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
Cc: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Signed-off-by: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
---
 arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
 arch/x86/platform/efi/efi.c    |  6 +++---
 arch/x86/platform/efi/efi_32.c | 12 ++++++------
 arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
 4 files changed, 36 insertions(+), 21 deletions(-)

diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index 2f77bcefe6b4..6d74cc3802e6 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -111,11 +111,24 @@ extern void __iomem *__init efi_ioremap(unsigned long addr, unsigned long size,
 
 #endif /* CONFIG_X86_32 */
 
+union efi_saved_pgd {
+	/*
+	 * If !EFI_OLD_MEMMAP or we're 32-bit, this is a verbatim saved CR3
+	 * value.
+	 */
+	unsigned long cr3;
+
+#ifdef CONFIG_X86_64
+	/* If EFI_OLD_MEMMAP, this is a kmalloced copy of the pgd. */
+	pgd_t *pgd;
+#endif
+};
+
 extern struct efi_scratch efi_scratch;
 extern void __init efi_set_executable(efi_memory_desc_t *md, bool executable);
 extern int __init efi_memblock_x86_reserve_range(void);
-extern pgd_t * __init efi_call_phys_prolog(void);
-extern void __init efi_call_phys_epilog(pgd_t *save_pgd);
+extern union efi_saved_pgd __init efi_call_phys_prolog(void);
+extern void __init efi_call_phys_epilog(union efi_saved_pgd saved_pgd);
 extern void __init efi_print_memmap(void);
 extern void __init efi_memory_uc(u64 addr, unsigned long size);
 extern void __init efi_map_region(efi_memory_desc_t *md);
diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index 7e76a4d8304b..dc2da5e2c7e4 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -82,9 +82,9 @@ static efi_status_t __init phys_efi_set_virtual_address_map(
 {
 	efi_status_t status;
 	unsigned long flags;
-	pgd_t *save_pgd;
+	union efi_saved_pgd saved_pgd;
 
-	save_pgd = efi_call_phys_prolog();
+	saved_pgd = efi_call_phys_prolog();
 
 	/* Disable interrupts around EFI calls: */
 	local_irq_save(flags);
@@ -93,7 +93,7 @@ static efi_status_t __init phys_efi_set_virtual_address_map(
 			       descriptor_version, virtual_map);
 	local_irq_restore(flags);
 
-	efi_call_phys_epilog(save_pgd);
+	efi_call_phys_epilog(saved_pgd);
 
 	return status;
 }
diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c
index 3481268da3d0..403a987d06c7 100644
--- a/arch/x86/platform/efi/efi_32.c
+++ b/arch/x86/platform/efi/efi_32.c
@@ -58,13 +58,13 @@ void __init efi_map_region(efi_memory_desc_t *md)
 void __init efi_map_region_fixed(efi_memory_desc_t *md) {}
 void __init parse_efi_setup(u64 phys_addr, u32 data_len) {}
 
-pgd_t * __init efi_call_phys_prolog(void)
+union efi_saved_pgd __init efi_call_phys_prolog(void)
 {
 	struct desc_ptr gdt_descr;
-	pgd_t *save_pgd;
+	union efi_saved_pgd saved_pgd;
 
 	/* Current pgd is swapper_pg_dir, we'll restore it later: */
-	save_pgd = swapper_pg_dir;
+	saved_pgd.cr3 = __pa(swapper_pg_dir);
 	load_cr3(initial_page_table);
 	__flush_tlb_all();
 
@@ -72,10 +72,10 @@ pgd_t * __init efi_call_phys_prolog(void)
 	gdt_descr.size = GDT_SIZE - 1;
 	load_gdt(&gdt_descr);
 
-	return save_pgd;
+	return saved_pgd;
 }
 
-void __init efi_call_phys_epilog(pgd_t *save_pgd)
+void __init efi_call_phys_epilog(union efi_saved_pgd saved_pgd)
 {
 	struct desc_ptr gdt_descr;
 
@@ -83,7 +83,7 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
 	gdt_descr.size = GDT_SIZE - 1;
 	load_gdt(&gdt_descr);
 
-	load_cr3(save_pgd);
+	write_cr3(saved_pgd.cr3);
 	__flush_tlb_all();
 }
 
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index c488625c9712..6fbf6c47e603 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -69,16 +69,16 @@ static void __init early_code_mapping_set_exec(int executable)
 	}
 }
 
-pgd_t * __init efi_call_phys_prolog(void)
+union efi_saved_pgd __init efi_call_phys_prolog(void)
 {
 	unsigned long vaddress;
-	pgd_t *save_pgd;
+	union efi_saved_pgd saved_pgd;
 
 	int pgd;
 	int n_pgds;
 
 	if (!efi_enabled(EFI_OLD_MEMMAP)) {
-		save_pgd = (pgd_t *)read_cr3();
+		saved_pgd.cr3 = read_cr3();
 		write_cr3((unsigned long)efi_scratch.efi_pgt);
 		goto out;
 	}
@@ -86,20 +86,21 @@ pgd_t * __init efi_call_phys_prolog(void)
 	early_code_mapping_set_exec(1);
 
 	n_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT), PGDIR_SIZE);
-	save_pgd = kmalloc_array(n_pgds, sizeof(*save_pgd), GFP_KERNEL);
+	saved_pgd.pgd = kmalloc_array(n_pgds, sizeof(*saved_pgd.pgd),
+				      GFP_KERNEL);
 
 	for (pgd = 0; pgd < n_pgds; pgd++) {
-		save_pgd[pgd] = *pgd_offset_k(pgd * PGDIR_SIZE);
+		saved_pgd.pgd[pgd] = *pgd_offset_k(pgd * PGDIR_SIZE);
 		vaddress = (unsigned long)__va(pgd * PGDIR_SIZE);
 		set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress));
 	}
 out:
 	__flush_tlb_all();
 
-	return save_pgd;
+	return saved_pgd;
 }
 
-void __init efi_call_phys_epilog(pgd_t *save_pgd)
+void __init efi_call_phys_epilog(union efi_saved_pgd saved_pgd)
 {
 	/*
 	 * After the lock is released, the original page table is restored.
@@ -108,7 +109,7 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
 	int nr_pgds;
 
 	if (!efi_enabled(EFI_OLD_MEMMAP)) {
-		write_cr3((unsigned long)save_pgd);
+		write_cr3(saved_pgd.cr3);
 		__flush_tlb_all();
 		return;
 	}
@@ -116,9 +117,10 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
 	nr_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT) , PGDIR_SIZE);
 
 	for (pgd_idx = 0; pgd_idx < nr_pgds; pgd_idx++)
-		set_pgd(pgd_offset_k(pgd_idx * PGDIR_SIZE), save_pgd[pgd_idx]);
+		set_pgd(pgd_offset_k(pgd_idx * PGDIR_SIZE),
+			saved_pgd.pgd[pgd_idx]);
 
-	kfree(save_pgd);
+	kfree(saved_pgd.pgd);
 
 	__flush_tlb_all();
 	early_code_mapping_set_exec(0);
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 02/13] efi/capsule: Fix return code on failing kmap/vmap
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
  2017-06-02 13:51   ` Ard Biesheuvel
@ 2017-06-02 13:51 ` Ard Biesheuvel
  2017-06-05 17:10   ` [tip:efi/core] " tip-bot for Jan Kiszka
  2017-06-02 13:51   ` Ard Biesheuvel
                   ` (11 subsequent siblings)
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Jan Kiszka, Ard Biesheuvel, linux-kernel

From: Jan Kiszka <jan.kiszka@siemens.com>

If kmap or vmap fail, it means we ran out of memory. There are no
user-provided addressed involved that would justify EFAULT.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 9ae6c116c474..91e91f7a8807 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -113,7 +113,7 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 			VM_MAP, PAGE_KERNEL);
 	if (!cap_hdr_temp) {
 		pr_debug("%s: vmap() failed\n", __func__);
-		return -EFAULT;
+		return -ENOMEM;
 	}
 
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
@@ -185,7 +185,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	kbuff = kmap(page);
 	if (!kbuff) {
 		pr_debug("%s: kmap() failed\n", __func__);
-		ret = -EFAULT;
+		ret = -ENOMEM;
 		goto failed;
 	}
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 03/13] efi/capsule: Remove pr_debug on ENOMEM or EFAULT
@ 2017-06-02 13:51   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Jan Kiszka, Ard Biesheuvel, linux-kernel

From: Jan Kiszka <jan.kiszka@siemens.com>

Both cases are not worth a debug log message - the error code is telling
enough.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 91e91f7a8807..7b57dda2417d 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -88,10 +88,8 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
-	if (!temp_page) {
-		pr_debug("%s: krealloc() failed\n", __func__);
+	if (!temp_page)
 		return -ENOMEM;
-	}
 
 	cap_info->pages = temp_page;
 	cap_info->header_obtained = true;
@@ -111,10 +109,8 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 
 	cap_hdr_temp = vmap(cap_info->pages, cap_info->index,
 			VM_MAP, PAGE_KERNEL);
-	if (!cap_hdr_temp) {
-		pr_debug("%s: vmap() failed\n", __func__);
+	if (!cap_hdr_temp)
 		return -ENOMEM;
-	}
 
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
 	vunmap(cap_hdr_temp);
@@ -171,7 +167,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	if (!cap_info->page_bytes_remain) {
 		page = alloc_page(GFP_KERNEL);
 		if (!page) {
-			pr_debug("%s: alloc_page() failed\n", __func__);
 			ret = -ENOMEM;
 			goto failed;
 		}
@@ -184,7 +179,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 
 	kbuff = kmap(page);
 	if (!kbuff) {
-		pr_debug("%s: kmap() failed\n", __func__);
 		ret = -ENOMEM;
 		goto failed;
 	}
@@ -193,7 +187,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	/* Copy capsule binary data from user space to kernel space buffer */
 	write_byte = min_t(size_t, count, cap_info->page_bytes_remain);
 	if (copy_from_user(kbuff, buff, write_byte)) {
-		pr_debug("%s: copy_from_user() failed\n", __func__);
 		ret = -EFAULT;
 		goto fail_unmap;
 	}
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 03/13] efi/capsule: Remove pr_debug on ENOMEM or EFAULT
@ 2017-06-02 13:51   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA, Ingo Molnar, Thomas Gleixner,
	H . Peter Anvin
  Cc: Jan Kiszka, Ard Biesheuvel, linux-kernel-u79uwXL29TY76Z2rM5mHXA

From: Jan Kiszka <jan.kiszka-kv7WeFo6aLtBDgjK7y7TUQ@public.gmane.org>

Both cases are not worth a debug log message - the error code is telling
enough.

Signed-off-by: Jan Kiszka <jan.kiszka-kv7WeFo6aLtBDgjK7y7TUQ@public.gmane.org>
Reviewed-by: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
---
 drivers/firmware/efi/capsule-loader.c | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 91e91f7a8807..7b57dda2417d 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -88,10 +88,8 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
-	if (!temp_page) {
-		pr_debug("%s: krealloc() failed\n", __func__);
+	if (!temp_page)
 		return -ENOMEM;
-	}
 
 	cap_info->pages = temp_page;
 	cap_info->header_obtained = true;
@@ -111,10 +109,8 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 
 	cap_hdr_temp = vmap(cap_info->pages, cap_info->index,
 			VM_MAP, PAGE_KERNEL);
-	if (!cap_hdr_temp) {
-		pr_debug("%s: vmap() failed\n", __func__);
+	if (!cap_hdr_temp)
 		return -ENOMEM;
-	}
 
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
 	vunmap(cap_hdr_temp);
@@ -171,7 +167,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	if (!cap_info->page_bytes_remain) {
 		page = alloc_page(GFP_KERNEL);
 		if (!page) {
-			pr_debug("%s: alloc_page() failed\n", __func__);
 			ret = -ENOMEM;
 			goto failed;
 		}
@@ -184,7 +179,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 
 	kbuff = kmap(page);
 	if (!kbuff) {
-		pr_debug("%s: kmap() failed\n", __func__);
 		ret = -ENOMEM;
 		goto failed;
 	}
@@ -193,7 +187,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	/* Copy capsule binary data from user space to kernel space buffer */
 	write_byte = min_t(size_t, count, cap_info->page_bytes_remain);
 	if (copy_from_user(kbuff, buff, write_byte)) {
-		pr_debug("%s: copy_from_user() failed\n", __func__);
 		ret = -EFAULT;
 		goto fail_unmap;
 	}
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 04/13] efi/capsule: Clean up pr_err/info messages
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (2 preceding siblings ...)
  2017-06-02 13:51   ` Ard Biesheuvel
@ 2017-06-02 13:51 ` Ard Biesheuvel
  2017-06-05 17:11   ` [tip:efi/core] efi/capsule: Clean up pr_err/_info() messages tip-bot for Jan Kiszka
  2017-06-02 13:51 ` [PATCH 05/13] efi/capsule: Adjust return type of efi_capsule_setup_info Ard Biesheuvel
                   ` (9 subsequent siblings)
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Jan Kiszka, Ard Biesheuvel, linux-kernel

From: Jan Kiszka <jan.kiszka@siemens.com>

Avoid __func__, improve the information provided by some of the
messages.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 7b57dda2417d..3fb91e1597a9 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -70,7 +70,7 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 	pages_needed = ALIGN(cap_hdr->imagesize, PAGE_SIZE) >> PAGE_SHIFT;
 
 	if (pages_needed == 0) {
-		pr_err("%s: pages count invalid\n", __func__);
+		pr_err("invalid capsule size");
 		return -EINVAL;
 	}
 
@@ -79,8 +79,7 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 				    cap_hdr->imagesize,
 				    &cap_info->reset_type);
 	if (ret) {
-		pr_err("%s: efi_capsule_supported() failed\n",
-		       __func__);
+		pr_err("capsule not supported\n");
 		return ret;
 	}
 
@@ -115,14 +114,14 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
 	vunmap(cap_hdr_temp);
 	if (ret) {
-		pr_err("%s: efi_capsule_update() failed\n", __func__);
+		pr_err("capsule update failed\n");
 		return ret;
 	}
 
 	/* Indicate capsule binary uploading is done */
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
-	pr_info("%s: Successfully upload capsule file with reboot type '%s'\n",
-		__func__, !cap_info->reset_type ? "RESET_COLD" :
+	pr_info("Successfully upload capsule file with reboot type '%s'\n",
+		!cap_info->reset_type ? "RESET_COLD" :
 		cap_info->reset_type == 1 ? "RESET_WARM" :
 		"RESET_SHUTDOWN");
 	return 0;
@@ -207,8 +206,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	if (cap_info->header_obtained &&
 	    cap_info->count >= cap_info->total_size) {
 		if (cap_info->count > cap_info->total_size) {
-			pr_err("%s: upload size exceeded header defined size\n",
-			       __func__);
+			pr_err("capsule upload size exceeded header defined size\n");
 			ret = -EINVAL;
 			goto failed;
 		}
@@ -242,7 +240,7 @@ static int efi_capsule_flush(struct file *file, fl_owner_t id)
 	struct capsule_info *cap_info = file->private_data;
 
 	if (cap_info->index > 0) {
-		pr_err("%s: capsule upload not complete\n", __func__);
+		pr_err("capsule upload not complete\n");
 		efi_free_all_buff_pages(cap_info);
 		ret = -ECANCELED;
 	}
@@ -321,8 +319,7 @@ static int __init efi_capsule_loader_init(void)
 
 	ret = misc_register(&efi_capsule_misc);
 	if (ret)
-		pr_err("%s: Failed to register misc char file note\n",
-		       __func__);
+		pr_err("Unable to register capsule loader device\n");
 
 	return ret;
 }
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 05/13] efi/capsule: Adjust return type of efi_capsule_setup_info
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (3 preceding siblings ...)
  2017-06-02 13:51 ` [PATCH 04/13] efi/capsule: Clean up pr_err/info messages Ard Biesheuvel
@ 2017-06-02 13:51 ` Ard Biesheuvel
  2017-06-05 17:12   ` [tip:efi/core] efi/capsule: Adjust return type of efi_capsule_setup_info() tip-bot for Jan Kiszka
  2017-06-02 13:52 ` [PATCH 06/13] efi/capsule-loader: Use a cached copy of the capsule header Ard Biesheuvel
                   ` (8 subsequent siblings)
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:51 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Jan Kiszka, Ard Biesheuvel, linux-kernel

From: Jan Kiszka <jan.kiszka@siemens.com>

We actually expect int at the caller and never return any size
information.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 3fb91e1597a9..37d3f6ec2d28 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -53,8 +53,8 @@ static void efi_free_all_buff_pages(struct capsule_info *cap_info)
  * @kbuff: a mapped first page buffer pointer
  * @hdr_bytes: the total received number of bytes for efi header
  **/
-static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
-				      void *kbuff, size_t hdr_bytes)
+static int efi_capsule_setup_info(struct capsule_info *cap_info,
+				  void *kbuff, size_t hdr_bytes)
 {
 	efi_capsule_header_t *cap_hdr;
 	size_t pages_needed;
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 06/13] efi/capsule-loader: Use a cached copy of the capsule header
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (4 preceding siblings ...)
  2017-06-02 13:51 ` [PATCH 05/13] efi/capsule: Adjust return type of efi_capsule_setup_info Ard Biesheuvel
@ 2017-06-02 13:52 ` Ard Biesheuvel
  2017-06-05 17:12   ` [tip:efi/core] " tip-bot for Ard Biesheuvel
  2017-06-02 13:52 ` [PATCH 07/13] efi/capsule: Remove NULL test on kmap() Ard Biesheuvel
                   ` (7 subsequent siblings)
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel

Instead of kmapping the capsule data twice, copy the capsule header
into the capsule info struct we keep locally. This is an improvement
by itself, but will also enable handling of non-standard header formats
more easily.

Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 41 +++++++++++++++--------------------
 1 file changed, 17 insertions(+), 24 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 37d3f6ec2d28..5b012a467d7d 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -21,13 +21,13 @@
 #define NO_FURTHER_WRITE_ACTION -1
 
 struct capsule_info {
-	bool		header_obtained;
-	int		reset_type;
-	long		index;
-	size_t		count;
-	size_t		total_size;
-	struct page	**pages;
-	size_t		page_bytes_remain;
+	efi_capsule_header_t	header;
+	int			reset_type;
+	long			index;
+	size_t			count;
+	size_t			total_size;
+	struct page		**pages;
+	size_t			page_bytes_remain;
 };
 
 /**
@@ -56,7 +56,6 @@ static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 static int efi_capsule_setup_info(struct capsule_info *cap_info,
 				  void *kbuff, size_t hdr_bytes)
 {
-	efi_capsule_header_t *cap_hdr;
 	size_t pages_needed;
 	int ret;
 	void *temp_page;
@@ -66,8 +65,9 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 		return 0;
 
 	/* Reset back to the correct offset of header */
-	cap_hdr = kbuff - cap_info->count;
-	pages_needed = ALIGN(cap_hdr->imagesize, PAGE_SIZE) >> PAGE_SHIFT;
+	kbuff -= cap_info->count;
+	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
+	pages_needed = ALIGN(cap_info->header.imagesize, PAGE_SIZE) / PAGE_SIZE;
 
 	if (pages_needed == 0) {
 		pr_err("invalid capsule size");
@@ -75,15 +75,16 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 	}
 
 	/* Check if the capsule binary supported */
-	ret = efi_capsule_supported(cap_hdr->guid, cap_hdr->flags,
-				    cap_hdr->imagesize,
+	ret = efi_capsule_supported(cap_info->header.guid,
+				    cap_info->header.flags,
+				    cap_info->header.imagesize,
 				    &cap_info->reset_type);
 	if (ret) {
 		pr_err("capsule not supported\n");
 		return ret;
 	}
 
-	cap_info->total_size = cap_hdr->imagesize;
+	cap_info->total_size = cap_info->header.imagesize;
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
@@ -91,7 +92,6 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 		return -ENOMEM;
 
 	cap_info->pages = temp_page;
-	cap_info->header_obtained = true;
 
 	return 0;
 }
@@ -104,15 +104,8 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 {
 	int ret;
-	void *cap_hdr_temp;
 
-	cap_hdr_temp = vmap(cap_info->pages, cap_info->index,
-			VM_MAP, PAGE_KERNEL);
-	if (!cap_hdr_temp)
-		return -ENOMEM;
-
-	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
-	vunmap(cap_hdr_temp);
+	ret = efi_capsule_update(&cap_info->header, cap_info->pages);
 	if (ret) {
 		pr_err("capsule update failed\n");
 		return ret;
@@ -192,7 +185,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	cap_info->page_bytes_remain -= write_byte;
 
 	/* Setup capsule binary info structure */
-	if (!cap_info->header_obtained) {
+	if (cap_info->header.headersize == 0) {
 		ret = efi_capsule_setup_info(cap_info, kbuff,
 					     cap_info->count + write_byte);
 		if (ret)
@@ -203,7 +196,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	kunmap(page);
 
 	/* Submit the full binary to efi_capsule_update() API */
-	if (cap_info->header_obtained &&
+	if (cap_info->header.headersize > 0 &&
 	    cap_info->count >= cap_info->total_size) {
 		if (cap_info->count > cap_info->total_size) {
 			pr_err("capsule upload size exceeded header defined size\n");
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 07/13] efi/capsule: Remove NULL test on kmap()
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (5 preceding siblings ...)
  2017-06-02 13:52 ` [PATCH 06/13] efi/capsule-loader: Use a cached copy of the capsule header Ard Biesheuvel
@ 2017-06-02 13:52 ` Ard Biesheuvel
  2017-06-05 17:13   ` [tip:efi/core] " tip-bot for Fabian Frederick
  2017-06-02 13:52 ` [PATCH 08/13] efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias Ard Biesheuvel
                   ` (6 subsequent siblings)
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Fabian Frederick, Ard Biesheuvel, linux-kernel, Kweh Hock Leong,
	Matt Fleming

From: Fabian Frederick <fabf@skynet.be>

kmap() can't fail.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Kweh Hock Leong <hock.leong.kweh@intel.com>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 4 ----
 drivers/firmware/efi/capsule.c        | 4 ----
 2 files changed, 8 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 5b012a467d7d..2357bcdcb44d 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -170,10 +170,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	page = cap_info->pages[cap_info->index - 1];
 
 	kbuff = kmap(page);
-	if (!kbuff) {
-		ret = -ENOMEM;
-		goto failed;
-	}
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;
 
 	/* Copy capsule binary data from user space to kernel space buffer */
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index 6eedff45e6d7..e603ccf39d80 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -247,10 +247,6 @@ int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
 		efi_capsule_block_desc_t *sglist;
 
 		sglist = kmap(sg_pages[i]);
-		if (!sglist) {
-			rv = -ENOMEM;
-			goto out;
-		}
 
 		for (j = 0; j < SGLIST_PER_PAGE && count > 0; j++) {
 			u64 sz = min_t(u64, imagesize, PAGE_SIZE);
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 08/13] efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (6 preceding siblings ...)
  2017-06-02 13:52 ` [PATCH 07/13] efi/capsule: Remove NULL test on kmap() Ard Biesheuvel
@ 2017-06-02 13:52 ` Ard Biesheuvel
  2017-06-05 17:13   ` [tip:efi/core] efi/capsule-loader: Redirect calls to efi_capsule_setup_info() " tip-bot for Ard Biesheuvel
  2017-06-02 13:52   ` Ard Biesheuvel
                   ` (5 subsequent siblings)
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel, Matt Fleming

To allow platform specific code to hook into the capsule loading
routines, indirect calls to efi_capsule_setup_info() via a weak alias
of __efi_capsule_setup_info(), allowing platforms to redefine the former
but still use the latter.

Cc: Matt Fleming <matt@codeblueprint.co.uk>
Tested-by: "Bryan O'Donoghue" <pure.logic@nexus-software.ie>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 56 +++++++++++++++++------------------
 include/linux/efi.h                   | 12 ++++++++
 2 files changed, 39 insertions(+), 29 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 2357bcdcb44d..cbc3526953d5 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -20,16 +20,6 @@
 
 #define NO_FURTHER_WRITE_ACTION -1
 
-struct capsule_info {
-	efi_capsule_header_t	header;
-	int			reset_type;
-	long			index;
-	size_t			count;
-	size_t			total_size;
-	struct page		**pages;
-	size_t			page_bytes_remain;
-};
-
 /**
  * efi_free_all_buff_pages - free all previous allocated buffer pages
  * @cap_info: pointer to current instance of capsule_info structure
@@ -46,28 +36,13 @@ static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
 }
 
-/**
- * efi_capsule_setup_info - obtain the efi capsule header in the binary and
- *			    setup capsule_info structure
- * @cap_info: pointer to current instance of capsule_info structure
- * @kbuff: a mapped first page buffer pointer
- * @hdr_bytes: the total received number of bytes for efi header
- **/
-static int efi_capsule_setup_info(struct capsule_info *cap_info,
-				  void *kbuff, size_t hdr_bytes)
+int __efi_capsule_setup_info(struct capsule_info *cap_info)
 {
 	size_t pages_needed;
 	int ret;
 	void *temp_page;
 
-	/* Only process data block that is larger than efi header size */
-	if (hdr_bytes < sizeof(efi_capsule_header_t))
-		return 0;
-
-	/* Reset back to the correct offset of header */
-	kbuff -= cap_info->count;
-	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
-	pages_needed = ALIGN(cap_info->header.imagesize, PAGE_SIZE) / PAGE_SIZE;
+	pages_needed = ALIGN(cap_info->total_size, PAGE_SIZE) / PAGE_SIZE;
 
 	if (pages_needed == 0) {
 		pr_err("invalid capsule size");
@@ -84,7 +59,6 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 		return ret;
 	}
 
-	cap_info->total_size = cap_info->header.imagesize;
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
@@ -97,6 +71,30 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 }
 
 /**
+ * efi_capsule_setup_info - obtain the efi capsule header in the binary and
+ *			    setup capsule_info structure
+ * @cap_info: pointer to current instance of capsule_info structure
+ * @kbuff: a mapped first page buffer pointer
+ * @hdr_bytes: the total received number of bytes for efi header
+ *
+ * Platforms with non-standard capsule update mechanisms can override
+ * this __weak function so they can perform any required capsule
+ * image munging. See quark_quirk_function() for an example.
+ **/
+int __weak efi_capsule_setup_info(struct capsule_info *cap_info, void *kbuff,
+				  size_t hdr_bytes)
+{
+	/* Only process data block that is larger than efi header size */
+	if (hdr_bytes < sizeof(efi_capsule_header_t))
+		return 0;
+
+	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
+	cap_info->total_size = cap_info->header.imagesize;
+
+	return __efi_capsule_setup_info(cap_info);
+}
+
+/**
  * efi_capsule_submit_update - invoke the efi_capsule_update API once binary
  *			       upload done
  * @cap_info: pointer to current instance of capsule_info structure
@@ -182,7 +180,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 
 	/* Setup capsule binary info structure */
 	if (cap_info->header.headersize == 0) {
-		ret = efi_capsule_setup_info(cap_info, kbuff,
+		ret = efi_capsule_setup_info(cap_info, kbuff - cap_info->count,
 					     cap_info->count + write_byte);
 		if (ret)
 			goto fail_unmap;
diff --git a/include/linux/efi.h b/include/linux/efi.h
index ec36f42a2add..a7379a2b5680 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -137,6 +137,18 @@ struct efi_boot_memmap {
 #define EFI_CAPSULE_POPULATE_SYSTEM_TABLE	0x00020000
 #define EFI_CAPSULE_INITIATE_RESET		0x00040000
 
+struct capsule_info {
+	efi_capsule_header_t	header;
+	int			reset_type;
+	long			index;
+	size_t			count;
+	size_t			total_size;
+	struct page		**pages;
+	size_t			page_bytes_remain;
+};
+
+int __efi_capsule_setup_info(struct capsule_info *cap_info);
+
 /*
  * Allocation types for calls to boottime->allocate_pages.
  */
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 09/13] efi/capsule-loader: Use page addresses rather than struct page pointers
@ 2017-06-02 13:52   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel, Matt Fleming

To give some leeway to code that handles non-standard capsule headers,
let's keep an array of page addresses rather than struct page pointers.

This gives special implementations of efi_capsule_setup_info() the
opportunity to mangle the payload a bit before it is presented to the
firmware, without putting any knowledge of the nature of such quirks
into the generic code.

Cc: Matt Fleming <matt@codeblueprint.co.uk>
Tested-by: "Bryan O'Donoghue" <pure.logic@nexus-software.ie>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/capsule-loader.c | 12 ++++++++----
 drivers/firmware/efi/capsule.c        |  7 ++++---
 include/linux/efi.h                   |  4 ++--
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index cbc3526953d5..ec8ac5c4dd84 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -20,6 +20,10 @@
 
 #define NO_FURTHER_WRITE_ACTION -1
 
+#ifndef phys_to_page
+#define phys_to_page(x)		pfn_to_page((x) >> PAGE_SHIFT)
+#endif
+
 /**
  * efi_free_all_buff_pages - free all previous allocated buffer pages
  * @cap_info: pointer to current instance of capsule_info structure
@@ -31,7 +35,7 @@
 static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 {
 	while (cap_info->index > 0)
-		__free_page(cap_info->pages[--cap_info->index]);
+		__free_page(phys_to_page(cap_info->pages[--cap_info->index]));
 
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
 }
@@ -161,12 +165,12 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 			goto failed;
 		}
 
-		cap_info->pages[cap_info->index++] = page;
+		cap_info->pages[cap_info->index++] = page_to_phys(page);
 		cap_info->page_bytes_remain = PAGE_SIZE;
+	} else {
+		page = phys_to_page(cap_info->pages[cap_info->index - 1]);
 	}
 
-	page = cap_info->pages[cap_info->index - 1];
-
 	kbuff = kmap(page);
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;
 
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index e603ccf39d80..901b9306bf94 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -214,7 +214,7 @@ efi_capsule_update_locked(efi_capsule_header_t *capsule,
  *
  * Return 0 on success, a converted EFI status code on failure.
  */
-int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
+int efi_capsule_update(efi_capsule_header_t *capsule, phys_addr_t *pages)
 {
 	u32 imagesize = capsule->imagesize;
 	efi_guid_t guid = capsule->guid;
@@ -249,10 +249,11 @@ int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
 		sglist = kmap(sg_pages[i]);
 
 		for (j = 0; j < SGLIST_PER_PAGE && count > 0; j++) {
-			u64 sz = min_t(u64, imagesize, PAGE_SIZE);
+			u64 sz = min_t(u64, imagesize,
+				       PAGE_SIZE - (u64)*pages % PAGE_SIZE);
 
 			sglist[j].length = sz;
-			sglist[j].data = page_to_phys(*pages++);
+			sglist[j].data = *pages++;
 
 			imagesize -= sz;
 			count--;
diff --git a/include/linux/efi.h b/include/linux/efi.h
index a7379a2b5680..8269bcb8ccf7 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -143,7 +143,7 @@ struct capsule_info {
 	long			index;
 	size_t			count;
 	size_t			total_size;
-	struct page		**pages;
+	phys_addr_t		*pages;
 	size_t			page_bytes_remain;
 };
 
@@ -1415,7 +1415,7 @@ extern int efi_capsule_supported(efi_guid_t guid, u32 flags,
 				 size_t size, int *reset);
 
 extern int efi_capsule_update(efi_capsule_header_t *capsule,
-			      struct page **pages);
+			      phys_addr_t *pages);
 
 #ifdef CONFIG_EFI_RUNTIME_MAP
 int efi_runtime_map_init(struct kobject *);
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 09/13] efi/capsule-loader: Use page addresses rather than struct page pointers
@ 2017-06-02 13:52   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA, Ingo Molnar, Thomas Gleixner,
	H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel-u79uwXL29TY76Z2rM5mHXA, Matt Fleming

To give some leeway to code that handles non-standard capsule headers,
let's keep an array of page addresses rather than struct page pointers.

This gives special implementations of efi_capsule_setup_info() the
opportunity to mangle the payload a bit before it is presented to the
firmware, without putting any knowledge of the nature of such quirks
into the generic code.

Cc: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
Tested-by: "Bryan O'Donoghue" <pure.logic-SyKdqv6vbfZdzvEItQ6vdLNAH6kLmebB@public.gmane.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
---
 drivers/firmware/efi/capsule-loader.c | 12 ++++++++----
 drivers/firmware/efi/capsule.c        |  7 ++++---
 include/linux/efi.h                   |  4 ++--
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index cbc3526953d5..ec8ac5c4dd84 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -20,6 +20,10 @@
 
 #define NO_FURTHER_WRITE_ACTION -1
 
+#ifndef phys_to_page
+#define phys_to_page(x)		pfn_to_page((x) >> PAGE_SHIFT)
+#endif
+
 /**
  * efi_free_all_buff_pages - free all previous allocated buffer pages
  * @cap_info: pointer to current instance of capsule_info structure
@@ -31,7 +35,7 @@
 static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 {
 	while (cap_info->index > 0)
-		__free_page(cap_info->pages[--cap_info->index]);
+		__free_page(phys_to_page(cap_info->pages[--cap_info->index]));
 
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
 }
@@ -161,12 +165,12 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 			goto failed;
 		}
 
-		cap_info->pages[cap_info->index++] = page;
+		cap_info->pages[cap_info->index++] = page_to_phys(page);
 		cap_info->page_bytes_remain = PAGE_SIZE;
+	} else {
+		page = phys_to_page(cap_info->pages[cap_info->index - 1]);
 	}
 
-	page = cap_info->pages[cap_info->index - 1];
-
 	kbuff = kmap(page);
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;
 
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index e603ccf39d80..901b9306bf94 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -214,7 +214,7 @@ efi_capsule_update_locked(efi_capsule_header_t *capsule,
  *
  * Return 0 on success, a converted EFI status code on failure.
  */
-int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
+int efi_capsule_update(efi_capsule_header_t *capsule, phys_addr_t *pages)
 {
 	u32 imagesize = capsule->imagesize;
 	efi_guid_t guid = capsule->guid;
@@ -249,10 +249,11 @@ int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
 		sglist = kmap(sg_pages[i]);
 
 		for (j = 0; j < SGLIST_PER_PAGE && count > 0; j++) {
-			u64 sz = min_t(u64, imagesize, PAGE_SIZE);
+			u64 sz = min_t(u64, imagesize,
+				       PAGE_SIZE - (u64)*pages % PAGE_SIZE);
 
 			sglist[j].length = sz;
-			sglist[j].data = page_to_phys(*pages++);
+			sglist[j].data = *pages++;
 
 			imagesize -= sz;
 			count--;
diff --git a/include/linux/efi.h b/include/linux/efi.h
index a7379a2b5680..8269bcb8ccf7 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -143,7 +143,7 @@ struct capsule_info {
 	long			index;
 	size_t			count;
 	size_t			total_size;
-	struct page		**pages;
+	phys_addr_t		*pages;
 	size_t			page_bytes_remain;
 };
 
@@ -1415,7 +1415,7 @@ extern int efi_capsule_supported(efi_guid_t guid, u32 flags,
 				 size_t size, int *reset);
 
 extern int efi_capsule_update(efi_capsule_header_t *capsule,
-			      struct page **pages);
+			      phys_addr_t *pages);
 
 #ifdef CONFIG_EFI_RUNTIME_MAP
 int efi_runtime_map_init(struct kobject *);
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 10/13] efi/capsule: Add support for Quark security header
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (8 preceding siblings ...)
  2017-06-02 13:52   ` Ard Biesheuvel
@ 2017-06-02 13:52 ` Ard Biesheuvel
  2017-06-05 15:50   ` Ingo Molnar
  2017-06-05 17:14   ` [tip:efi/core] " tip-bot for Jan Kiszka
  2017-06-02 13:52   ` Ard Biesheuvel
                   ` (3 subsequent siblings)
  13 siblings, 2 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Jan Kiszka, Ard Biesheuvel, linux-kernel, Matt Fleming

From: Jan Kiszka <jan.kiszka@siemens.com>

The firmware for Quark X102x prepends a security header to the capsule
which is needed to support the mandatory secure boot on this processor.
The header can be detected by checking for the "_CSH" signature and -
to avoid any GUID conflict - validating its size field to contain the
expected value. Then we need to look for the EFI header right after the
security header and pass the real header to __efi_capsule_setup_info.

To be minimal invasive and maximal safe, the quirk version of
efi_capsule_identify_image is only effective on Quark processors.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Tested-by: "Bryan O'Donoghue" <pure.logic@nexus-software.ie>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 arch/x86/platform/efi/quirks.c | 137 +++++++++++++++++++++++++++++++++++++++++
 drivers/firmware/efi/Kconfig   |   9 +++
 2 files changed, 146 insertions(+)

diff --git a/arch/x86/platform/efi/quirks.c b/arch/x86/platform/efi/quirks.c
index 26615991d69c..93867ee08eac 100644
--- a/arch/x86/platform/efi/quirks.c
+++ b/arch/x86/platform/efi/quirks.c
@@ -15,12 +15,66 @@
 #include <asm/e820/api.h>
 #include <asm/efi.h>
 #include <asm/uv/uv.h>
+#include <asm/cpu_device_id.h>
 
 #define EFI_MIN_RESERVE 5120
 
 #define EFI_DUMMY_GUID \
 	EFI_GUID(0x4424ac57, 0xbe4b, 0x47dd, 0x9e, 0x97, 0xed, 0x50, 0xf0, 0x9f, 0x92, 0xa9)
 
+#define QUARK_CSH_SIGNATURE		0x5f435348	/* _CSH */
+#define QUARK_SECURITY_HEADER_SIZE	0x400
+
+/*
+ * Header prepended to the standard EFI capsule on Quark systems the are based
+ * on Intel firmware BSP.
+ * @csh_signature:	Unique identifier to sanity check signed module
+ * 			presence ("_CSH").
+ * @version:		Current version of CSH used. Should be one for Quark A0.
+ * @modulesize:		Size of the entire module including the module header
+ * 			and payload.
+ * @security_version_number_index: Index of SVN to use for validation of signed
+ * 			module.
+ * @security_version_number: Used to prevent against roll back of modules.
+ * @rsvd_module_id:	Currently unused for Clanton (Quark).
+ * @rsvd_module_vendor:	Vendor Identifier. For Intel products value is
+ * 			0x00008086.
+ * @rsvd_date:		BCD representation of build date as yyyymmdd, where
+ * 			yyyy=4 digit year, mm=1-12, dd=1-31.
+ * @headersize:		Total length of the header including including any
+ * 			padding optionally added by the signing tool.
+ * @hash_algo:		What Hash is used in the module signing.
+ * @cryp_algo:		What Crypto is used in the module signing.
+ * @keysize:		Total length of the key data including including any
+ * 			padding optionally added by the signing tool.
+ * @signaturesize:	Total length of the signature including including any
+ * 			padding optionally added by the signing tool.
+ * @rsvd_next_header:	32-bit pointer to the next Secure Boot Module in the
+ * 			chain, if there is a next header.
+ * @rsvd:		Reserved, padding structure to required size.
+ *
+ * See also QuartSecurityHeader_t in
+ * Quark_EDKII_v1.2.1.1/QuarkPlatformPkg/Include/QuarkBootRom.h
+ * from https://downloadcenter.intel.com/download/23197/Intel-Quark-SoC-X1000-Board-Support-Package-BSP
+ */
+struct quark_security_header {
+	u32 csh_signature;
+	u32 version;
+	u32 modulesize;
+	u32 security_version_number_index;
+	u32 security_version_number;
+	u32 rsvd_module_id;
+	u32 rsvd_module_vendor;
+	u32 rsvd_date;
+	u32 headersize;
+	u32 hash_algo;
+	u32 cryp_algo;
+	u32 keysize;
+	u32 signaturesize;
+	u32 rsvd_next_header;
+	u32 rsvd[2];
+};
+
 static efi_char16_t efi_dummy_name[6] = { 'D', 'U', 'M', 'M', 'Y', 0 };
 
 static bool efi_no_storage_paranoia;
@@ -501,3 +555,86 @@ bool efi_poweroff_required(void)
 {
 	return acpi_gbl_reduced_hardware || acpi_no_s5;
 }
+
+#ifdef CONFIG_EFI_CAPSULE_QUIRK_QUARK_CSH
+
+static int qrk_capsule_setup_info(struct capsule_info *cap_info, void **pkbuff,
+				  size_t hdr_bytes)
+{
+	struct quark_security_header *csh = *pkbuff;
+
+	/* Only process data block that is larger than the security header */
+	if (hdr_bytes < sizeof(struct quark_security_header))
+		return 0;
+
+	if (csh->csh_signature != QUARK_CSH_SIGNATURE ||
+	    csh->headersize != QUARK_SECURITY_HEADER_SIZE)
+		return 1;
+
+	/* Only process data block if EFI header is included */
+	if (hdr_bytes < QUARK_SECURITY_HEADER_SIZE +
+			sizeof(efi_capsule_header_t))
+		return 0;
+
+	pr_debug("Quark security header detected\n");
+
+	if (csh->rsvd_next_header != 0) {
+		pr_err("multiple Quark security headers not supported\n");
+		return -EINVAL;
+	}
+
+	*pkbuff += csh->headersize;
+	cap_info->total_size = csh->headersize;
+
+	/*
+	 * Update the first page pointer to skip over the CSH header.
+	 */
+	cap_info->pages[0] += csh->headersize;
+
+	return 1;
+}
+
+#define ICPU(family, model, quirk_handler) \
+	{ X86_VENDOR_INTEL, family, model, X86_FEATURE_ANY, \
+	  (unsigned long)&quirk_handler }
+
+static const struct x86_cpu_id efi_capsule_quirk_ids[] = {
+	ICPU(5, 9, qrk_capsule_setup_info),	/* Intel Quark X1000 */
+	{ }
+};
+
+int efi_capsule_setup_info(struct capsule_info *cap_info, void *kbuff,
+			   size_t hdr_bytes)
+{
+	int (*quirk_handler)(struct capsule_info *, void **, size_t);
+	const struct x86_cpu_id *id;
+	int ret;
+
+	if (hdr_bytes < sizeof(efi_capsule_header_t))
+		return 0;
+
+	cap_info->total_size = 0;
+
+	id = x86_match_cpu(efi_capsule_quirk_ids);
+	if (id) {
+		/*
+		 * The quirk handler is supposed to return
+		 *  - a value > 0 if the setup should continue, after advancing
+		 *    kbuff as needed
+		 *  - 0 if not enough hdr_bytes are available yet
+		 *  - a negative error code otherwise
+		 */
+		quirk_handler = (typeof(quirk_handler))id->driver_data;
+		ret = quirk_handler(cap_info, &kbuff, hdr_bytes);
+		if (ret <= 0)
+			return ret;
+	}
+
+	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
+
+	cap_info->total_size += cap_info->header.imagesize;
+
+	return __efi_capsule_setup_info(cap_info);
+}
+
+#endif
diff --git a/drivers/firmware/efi/Kconfig b/drivers/firmware/efi/Kconfig
index 2e78b0b96d74..394db40ed374 100644
--- a/drivers/firmware/efi/Kconfig
+++ b/drivers/firmware/efi/Kconfig
@@ -112,6 +112,15 @@ config EFI_CAPSULE_LOADER
 
 	  Most users should say N.
 
+config EFI_CAPSULE_QUIRK_QUARK_CSH
+	boolean "Add support for Quark capsules with non-standard headers"
+	depends on X86 && !64BIT
+	select EFI_CAPSULE_LOADER
+	default y
+	help
+	  Add support for processing Quark X1000 EFI capsules, whose header
+	  layout deviates from the layout mandated by the UEFI specification.
+
 config EFI_TEST
 	tristate "EFI Runtime Service Tests Support"
 	depends on EFI
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 11/13] efi/efi_test: Use memdup_user() helper
@ 2017-06-02 13:52   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Geliang Tang, Ard Biesheuvel, linux-kernel, Matt Fleming

From: Geliang Tang <geliangtang@gmail.com>

Use memdup_user() helper instead of open-coding to simplify the code.

Signed-off-by: Geliang Tang <geliangtang@gmail.com>
Acked-by: Ivan Hu <ivan.hu@canonical.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/test/efi_test.c | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/drivers/firmware/efi/test/efi_test.c b/drivers/firmware/efi/test/efi_test.c
index 8cd578f62059..08129b7b80ab 100644
--- a/drivers/firmware/efi/test/efi_test.c
+++ b/drivers/firmware/efi/test/efi_test.c
@@ -71,18 +71,13 @@ copy_ucs2_from_user_len(efi_char16_t **dst, efi_char16_t __user *src,
 	if (!access_ok(VERIFY_READ, src, 1))
 		return -EFAULT;
 
-	buf = kmalloc(len, GFP_KERNEL);
-	if (!buf) {
+	buf = memdup_user(src, len);
+	if (IS_ERR(buf)) {
 		*dst = NULL;
-		return -ENOMEM;
+		return PTR_ERR(buf);
 	}
 	*dst = buf;
 
-	if (copy_from_user(*dst, src, len)) {
-		kfree(buf);
-		return -EFAULT;
-	}
-
 	return 0;
 }
 
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 11/13] efi/efi_test: Use memdup_user() helper
@ 2017-06-02 13:52   ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi-u79uwXL29TY76Z2rM5mHXA, Ingo Molnar, Thomas Gleixner,
	H . Peter Anvin
  Cc: Geliang Tang, Ard Biesheuvel,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA, Matt Fleming

From: Geliang Tang <geliangtang-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>

Use memdup_user() helper instead of open-coding to simplify the code.

Signed-off-by: Geliang Tang <geliangtang-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Acked-by: Ivan Hu <ivan.hu-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
Cc: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
Signed-off-by: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
---
 drivers/firmware/efi/test/efi_test.c | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/drivers/firmware/efi/test/efi_test.c b/drivers/firmware/efi/test/efi_test.c
index 8cd578f62059..08129b7b80ab 100644
--- a/drivers/firmware/efi/test/efi_test.c
+++ b/drivers/firmware/efi/test/efi_test.c
@@ -71,18 +71,13 @@ copy_ucs2_from_user_len(efi_char16_t **dst, efi_char16_t __user *src,
 	if (!access_ok(VERIFY_READ, src, 1))
 		return -EFAULT;
 
-	buf = kmalloc(len, GFP_KERNEL);
-	if (!buf) {
+	buf = memdup_user(src, len);
+	if (IS_ERR(buf)) {
 		*dst = NULL;
-		return -ENOMEM;
+		return PTR_ERR(buf);
 	}
 	*dst = buf;
 
-	if (copy_from_user(*dst, src, len)) {
-		kfree(buf);
-		return -EFAULT;
-	}
-
 	return 0;
 }
 
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 12/13] x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (10 preceding siblings ...)
  2017-06-02 13:52   ` Ard Biesheuvel
@ 2017-06-02 13:52 ` Ard Biesheuvel
  2017-06-05 17:16   ` [tip:efi/core] x86/efi: Extend CONFIG_EFI_PGT_DUMP support to x86_32 and kexec as well tip-bot for Sai Praneeth
  2017-06-02 13:52 ` [PATCH 13/13] efi: arm: enable DMI/SMBIOS Ard Biesheuvel
  2017-06-05  8:15 ` [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Sai Praneeth, Ard Biesheuvel, linux-kernel, Borislav Petkov,
	Ricardo Neri, Ravi Shankar, Matt Fleming

From: Sai Praneeth <sai.praneeth.prakhya@intel.com>

EFI_PGT_DUMP, as the name suggests dumps efi page tables to dmesg during
kernel boot. This feature is very useful while debugging page
faults/null pointer dereferences to efi related addresses. Presently,
this feature is limited only to x86_64, so let's extend it to other efi
configurations like kexec kernel, efi=old_map and to x86_32 as well.
This doesn't effect normal boot path because this config option should
be used only for debug purposes.

Signed-off-by: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Ricardo Neri <ricardo.neri@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Ravi Shankar <ravi.v.shankar@intel.com>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
---
 arch/x86/platform/efi/efi.c    | 3 ++-
 arch/x86/platform/efi/efi_32.c | 9 ++++++++-
 arch/x86/platform/efi/efi_64.c | 5 ++++-
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index dc2da5e2c7e4..3cf8536e803b 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -1012,7 +1012,6 @@ static void __init __efi_enter_virtual_mode(void)
 	 * necessary relocation fixups for the new virtual addresses.
 	 */
 	efi_runtime_update_mappings();
-	efi_dump_pagetable();
 
 	/* clean DUMMY object */
 	efi_delete_dummy_variable();
@@ -1027,6 +1026,8 @@ void __init efi_enter_virtual_mode(void)
 		kexec_enter_virtual_mode();
 	else
 		__efi_enter_virtual_mode();
+
+	efi_dump_pagetable();
 }
 
 /*
diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c
index 403a987d06c7..fe18c5d32bf0 100644
--- a/arch/x86/platform/efi/efi_32.c
+++ b/arch/x86/platform/efi/efi_32.c
@@ -44,7 +44,14 @@ int __init efi_alloc_page_tables(void)
 }
 
 void efi_sync_low_kernel_mappings(void) {}
-void __init efi_dump_pagetable(void) {}
+
+void __init efi_dump_pagetable(void)
+{
+#ifdef CONFIG_EFI_PGT_DUMP
+	ptdump_walk_pgd_level(NULL, swapper_pg_dir);
+#endif
+}
+
 int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
 {
 	return 0;
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index 6fbf6c47e603..0d8180811445 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -528,7 +528,10 @@ void __init efi_runtime_update_mappings(void)
 void __init efi_dump_pagetable(void)
 {
 #ifdef CONFIG_EFI_PGT_DUMP
-	ptdump_walk_pgd_level(NULL, efi_pgd);
+	if (efi_enabled(EFI_OLD_MEMMAP))
+		ptdump_walk_pgd_level(NULL, swapper_pg_dir);
+	else
+		ptdump_walk_pgd_level(NULL, efi_pgd);
 #endif
 }
 
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [PATCH 13/13] efi: arm: enable DMI/SMBIOS
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (11 preceding siblings ...)
  2017-06-02 13:52 ` [PATCH 12/13] x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec Ard Biesheuvel
@ 2017-06-02 13:52 ` Ard Biesheuvel
  2017-06-05 17:16   ` [tip:efi/core] efi/arm: Enable DMI/SMBIOS tip-bot for Ard Biesheuvel
  2017-06-05  8:15 ` [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-02 13:52 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel, Matt Fleming

Wire up the existing arm64 support for SMBIOS tables (aka DMI) for ARM as
well, by moving the arm64 init code to drivers/firmware/efi/arm-runtime.c
(which is shared between ARM and arm64), and adding a asm/dmi.h header to
ARM that defines the mapping routines for the firmware tables.

This allows userspace to access these tables to discover system information
exposed by the firmware. It also sets the hardware name used in crash
dumps, e.g.,

  Unable to handle kernel NULL pointer dereference at virtual address 00000000
  pgd = ed3c0000
  [00000000] *pgd=bf1f3835
  Internal error: Oops: 817 [#1] SMP THUMB2
  Modules linked in:
  CPU: 0 PID: 759 Comm: bash Not tainted 4.10.0-09601-g0e8f38792120-dirty #112
  Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015
  ^^^

NOTE: This does *NOT* enable or encourage the use of DMI quirks, i.e., the
      the practice of identifying the platform via DMI to decide whether
      certain workarounds for buggy hardware and/or firmware need to be
      enabled. This would require the DMI subsystem to be enabled much
      earlier than we do on ARM, which is non-trivial.

Cc: Matt Fleming <matt@codeblueprint.co.uk>
Acked-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 arch/arm/Kconfig                   | 17 +++++++++++++++++
 arch/arm/include/asm/dmi.h         | 19 +++++++++++++++++++
 arch/arm64/kernel/efi.c            | 15 ---------------
 drivers/firmware/efi/arm-runtime.c | 16 ++++++++++++++++
 4 files changed, 52 insertions(+), 15 deletions(-)
 create mode 100644 arch/arm/include/asm/dmi.h

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 4c1a35f15838..dabcaeb2ee3e 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -2061,6 +2061,23 @@ config EFI
 	  is only useful for kernels that may run on systems that have
 	  UEFI firmware.
 
+config DMI
+	bool "Enable support for SMBIOS (DMI) tables"
+	depends on EFI
+	default y
+	help
+	  This enables SMBIOS/DMI feature for systems.
+
+	  This option is only useful on systems that have UEFI firmware.
+	  However, even with this option, the resultant kernel should
+	  continue to boot on existing non-UEFI platforms.
+
+	  NOTE: This does *NOT* enable or encourage the use of DMI quirks,
+	  i.e., the the practice of identifying the platform via DMI to
+	  decide whether certain workarounds for buggy hardware and/or
+	  firmware need to be enabled. This would require the DMI subsystem
+	  to be enabled much earlier than we do on ARM, which is non-trivial.
+
 endmenu
 
 menu "CPU Power Management"
diff --git a/arch/arm/include/asm/dmi.h b/arch/arm/include/asm/dmi.h
new file mode 100644
index 000000000000..df2d2ff06f5b
--- /dev/null
+++ b/arch/arm/include/asm/dmi.h
@@ -0,0 +1,19 @@
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __ASM_DMI_H
+#define __ASM_DMI_H
+
+#include <linux/io.h>
+#include <linux/slab.h>
+
+#define dmi_early_remap(x, l)		memremap(x, l, MEMREMAP_WB)
+#define dmi_early_unmap(x, l)		memunmap(x)
+#define dmi_remap(x, l)			memremap(x, l, MEMREMAP_WB)
+#define dmi_unmap(x)			memunmap(x)
+#define dmi_alloc(l)			kzalloc(l, GFP_KERNEL)
+
+#endif
diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 5d17f377d905..82cd07592519 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -11,7 +11,6 @@
  *
  */
 
-#include <linux/dmi.h>
 #include <linux/efi.h>
 #include <linux/init.h>
 
@@ -117,20 +116,6 @@ int __init efi_set_mapping_permissions(struct mm_struct *mm,
 				   set_permissions, md);
 }
 
-static int __init arm64_dmi_init(void)
-{
-	/*
-	 * On arm64, DMI depends on UEFI, and dmi_scan_machine() needs to
-	 * be called early because dmi_id_init(), which is an arch_initcall
-	 * itself, depends on dmi_scan_machine() having been called already.
-	 */
-	dmi_scan_machine();
-	if (dmi_available)
-		dmi_set_dump_stack_arch_desc();
-	return 0;
-}
-core_initcall(arm64_dmi_init);
-
 /*
  * UpdateCapsule() depends on the system being shutdown via
  * ResetSystem().
diff --git a/drivers/firmware/efi/arm-runtime.c b/drivers/firmware/efi/arm-runtime.c
index 974c5a31a005..1cc41c3d6315 100644
--- a/drivers/firmware/efi/arm-runtime.c
+++ b/drivers/firmware/efi/arm-runtime.c
@@ -11,6 +11,7 @@
  *
  */
 
+#include <linux/dmi.h>
 #include <linux/efi.h>
 #include <linux/io.h>
 #include <linux/memblock.h>
@@ -166,3 +167,18 @@ void efi_virtmap_unload(void)
 	efi_set_pgd(current->active_mm);
 	preempt_enable();
 }
+
+
+static int __init arm_dmi_init(void)
+{
+	/*
+	 * On arm64/ARM, DMI depends on UEFI, and dmi_scan_machine() needs to
+	 * be called early because dmi_id_init(), which is an arch_initcall
+	 * itself, depends on dmi_scan_machine() having been called already.
+	 */
+	dmi_scan_machine();
+	if (dmi_available)
+		dmi_set_dump_stack_arch_desc();
+	return 0;
+}
+core_initcall(arm_dmi_init);
-- 
2.9.3

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
  2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
                   ` (12 preceding siblings ...)
  2017-06-02 13:52 ` [PATCH 13/13] efi: arm: enable DMI/SMBIOS Ard Biesheuvel
@ 2017-06-05  8:15 ` Ard Biesheuvel
  2017-06-05  9:07     ` Ingo Molnar
  13 siblings, 1 reply; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05  8:15 UTC (permalink / raw)
  To: linux-efi, Ingo Molnar, Thomas Gleixner, H . Peter Anvin
  Cc: Ard Biesheuvel, linux-kernel, Matt Fleming, Sai Praneeth Prakhya

(trim cc)

On 2 June 2017 at 13:51, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> The following changes since commit 5ed02dbb497422bf225783f46e6eadd237d23d6b:
>
>   Linux 4.12-rc3 (2017-05-28 17:20:53 -0700)
>
> are available in the git repository at:
>
>   git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next
>
> for you to fetch changes up to 3acbd5a24ab9d9a82c56d9018f4d340fa574b91d:
>
>   efi: arm: enable DMI/SMBIOS (2017-06-02 13:38:56 +0000)
>
> ----------------------------------------------------------------
> First batch of EFI changes for v4.13:
> - rework the EFI capsule loader to allow for workarounds for non-compliant
>   firmware to be implemented more easily and in a more self contained
>   manner (Ard)
> - implement a capsule loader quirk for Quark X102x, which prepends a
>   security header in a non-compliant way (Jan Kiszka)
> - enable SMBIOS/DMI support for the ARM architecture (Ard)
> - add EFI_PGT_DUMP support for x86_32 and kexec (Sai Praneeth)
> - some other cleanups
>
> ----------------------------------------------------------------
> Andy Lutomirski (1):
>       x86/efi: Clean up efi CR3 save/restore
>
> Ard Biesheuvel (4):
>       efi/capsule-loader: Use a cached copy of the capsule header
>       efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
>       efi/capsule-loader: Use page addresses rather than struct page pointers
>       efi: arm: enable DMI/SMBIOS
>
> Fabian Frederick (1):
>       efi/capsule: Remove NULL test on kmap()
>
> Geliang Tang (1):
>       efi/efi_test: Use memdup_user() helper
>
> Jan Kiszka (5):
>       efi/capsule: Fix return code on failing kmap/vmap
>       efi/capsule: Remove pr_debug on ENOMEM or EFAULT
>       efi/capsule: Clean up pr_err/info messages
>       efi/capsule: Adjust return type of efi_capsule_setup_info
>       efi/capsule: Add support for Quark security header
>
> Sai Praneeth (1):
>       x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec
>

All,

I just noticed that this patch lacks my signoff. This is due to the
fact that Matt queued this particular patch, and I didn't update the
branch to add my sob, so it is only signed off by Matt not me.

How should we handle this now, and in the future? Matt and I share
maintainership responsibilities, and so everything that gets queued
into the EFI tree may be treated as signed off by either and/or the
both of us. For multi-maintainer trees that get pulled directly, this
is usually not an issue AFAIK, but given that Ingo is the one that
deals with EFI usually, and prefers to apply the patches individually,
this may  get flagged as a missing signoff.

In any case, I am happy to respin the patches, re-sign the tag etc if
this is deemed necessary.

Thanks,
Ard.

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-05  9:07     ` Ingo Molnar
  0 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05  9:07 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, linux-kernel,
	Matt Fleming, Sai Praneeth Prakhya


* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:

> (trim cc)
> 
> On 2 June 2017 at 13:51, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> > The following changes since commit 5ed02dbb497422bf225783f46e6eadd237d23d6b:
> >
> >   Linux 4.12-rc3 (2017-05-28 17:20:53 -0700)
> >
> > are available in the git repository at:
> >
> >   git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next
> >
> > for you to fetch changes up to 3acbd5a24ab9d9a82c56d9018f4d340fa574b91d:
> >
> >   efi: arm: enable DMI/SMBIOS (2017-06-02 13:38:56 +0000)
> >
> > ----------------------------------------------------------------
> > First batch of EFI changes for v4.13:
> > - rework the EFI capsule loader to allow for workarounds for non-compliant
> >   firmware to be implemented more easily and in a more self contained
> >   manner (Ard)
> > - implement a capsule loader quirk for Quark X102x, which prepends a
> >   security header in a non-compliant way (Jan Kiszka)
> > - enable SMBIOS/DMI support for the ARM architecture (Ard)
> > - add EFI_PGT_DUMP support for x86_32 and kexec (Sai Praneeth)
> > - some other cleanups
> >
> > ----------------------------------------------------------------
> > Andy Lutomirski (1):
> >       x86/efi: Clean up efi CR3 save/restore
> >
> > Ard Biesheuvel (4):
> >       efi/capsule-loader: Use a cached copy of the capsule header
> >       efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
> >       efi/capsule-loader: Use page addresses rather than struct page pointers
> >       efi: arm: enable DMI/SMBIOS
> >
> > Fabian Frederick (1):
> >       efi/capsule: Remove NULL test on kmap()
> >
> > Geliang Tang (1):
> >       efi/efi_test: Use memdup_user() helper
> >
> > Jan Kiszka (5):
> >       efi/capsule: Fix return code on failing kmap/vmap
> >       efi/capsule: Remove pr_debug on ENOMEM or EFAULT
> >       efi/capsule: Clean up pr_err/info messages
> >       efi/capsule: Adjust return type of efi_capsule_setup_info
> >       efi/capsule: Add support for Quark security header
> >
> > Sai Praneeth (1):
> >       x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec
> >
> 
> All,
> 
> I just noticed that this patch lacks my signoff. This is due to the
> fact that Matt queued this particular patch, and I didn't update the
> branch to add my sob, so it is only signed off by Matt not me.
> 
> How should we handle this now, and in the future? Matt and I share
> maintainership responsibilities, and so everything that gets queued
> into the EFI tree may be treated as signed off by either and/or the
> both of us. For multi-maintainer trees that get pulled directly, this
> is usually not an issue AFAIK, but given that Ingo is the one that
> deals with EFI usually, and prefers to apply the patches individually,
> this may  get flagged as a missing signoff.

So the root problem is that that's not the proper usage of SOB: SOB tracks the 
true propagation of patches, it's not an Acked-by tag.

What should be added instead in such cases is an Acked-by or Reviewed-by from your 
co-maintainer when you apply the patch - and a SOB of yourself. That is how we are 
doing it in -tip: you'll see that 99% of the patches there get signed off by only 
one of the co-maintainers.

> In any case, I am happy to respin the patches, re-sign the tag etc if this is 
> deemed necessary.

It would be nice to fix your SOB flow: the maintainer who queues up a patch should 
add the SOB, and add an Acked-by of the co-maintainer if the co-maintainer agrees 
with the patch as well. The tree should typically not be rebased after that point 
(especially not by the other co-maintainer) - that's just indicative of a messy 
workflow.

( In rare circumstances we do double signoffs as well in -tip, when there's a
  _true_ patch flow between the maintainers, but it's the exception, not the
  rule. )

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-05  9:07     ` Ingo Molnar
  0 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05  9:07 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Thomas Gleixner,
	H . Peter Anvin, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matt Fleming, Sai Praneeth Prakhya


* Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:

> (trim cc)
> 
> On 2 June 2017 at 13:51, Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
> > The following changes since commit 5ed02dbb497422bf225783f46e6eadd237d23d6b:
> >
> >   Linux 4.12-rc3 (2017-05-28 17:20:53 -0700)
> >
> > are available in the git repository at:
> >
> >   git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next
> >
> > for you to fetch changes up to 3acbd5a24ab9d9a82c56d9018f4d340fa574b91d:
> >
> >   efi: arm: enable DMI/SMBIOS (2017-06-02 13:38:56 +0000)
> >
> > ----------------------------------------------------------------
> > First batch of EFI changes for v4.13:
> > - rework the EFI capsule loader to allow for workarounds for non-compliant
> >   firmware to be implemented more easily and in a more self contained
> >   manner (Ard)
> > - implement a capsule loader quirk for Quark X102x, which prepends a
> >   security header in a non-compliant way (Jan Kiszka)
> > - enable SMBIOS/DMI support for the ARM architecture (Ard)
> > - add EFI_PGT_DUMP support for x86_32 and kexec (Sai Praneeth)
> > - some other cleanups
> >
> > ----------------------------------------------------------------
> > Andy Lutomirski (1):
> >       x86/efi: Clean up efi CR3 save/restore
> >
> > Ard Biesheuvel (4):
> >       efi/capsule-loader: Use a cached copy of the capsule header
> >       efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
> >       efi/capsule-loader: Use page addresses rather than struct page pointers
> >       efi: arm: enable DMI/SMBIOS
> >
> > Fabian Frederick (1):
> >       efi/capsule: Remove NULL test on kmap()
> >
> > Geliang Tang (1):
> >       efi/efi_test: Use memdup_user() helper
> >
> > Jan Kiszka (5):
> >       efi/capsule: Fix return code on failing kmap/vmap
> >       efi/capsule: Remove pr_debug on ENOMEM or EFAULT
> >       efi/capsule: Clean up pr_err/info messages
> >       efi/capsule: Adjust return type of efi_capsule_setup_info
> >       efi/capsule: Add support for Quark security header
> >
> > Sai Praneeth (1):
> >       x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec
> >
> 
> All,
> 
> I just noticed that this patch lacks my signoff. This is due to the
> fact that Matt queued this particular patch, and I didn't update the
> branch to add my sob, so it is only signed off by Matt not me.
> 
> How should we handle this now, and in the future? Matt and I share
> maintainership responsibilities, and so everything that gets queued
> into the EFI tree may be treated as signed off by either and/or the
> both of us. For multi-maintainer trees that get pulled directly, this
> is usually not an issue AFAIK, but given that Ingo is the one that
> deals with EFI usually, and prefers to apply the patches individually,
> this may  get flagged as a missing signoff.

So the root problem is that that's not the proper usage of SOB: SOB tracks the 
true propagation of patches, it's not an Acked-by tag.

What should be added instead in such cases is an Acked-by or Reviewed-by from your 
co-maintainer when you apply the patch - and a SOB of yourself. That is how we are 
doing it in -tip: you'll see that 99% of the patches there get signed off by only 
one of the co-maintainers.

> In any case, I am happy to respin the patches, re-sign the tag etc if this is 
> deemed necessary.

It would be nice to fix your SOB flow: the maintainer who queues up a patch should 
add the SOB, and add an Acked-by of the co-maintainer if the co-maintainer agrees 
with the patch as well. The tree should typically not be rebased after that point 
(especially not by the other co-maintainer) - that's just indicative of a messy 
workflow.

( In rare circumstances we do double signoffs as well in -tip, when there's a
  _true_ patch flow between the maintainers, but it's the exception, not the
  rule. )

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-05  9:35       ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05  9:35 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, linux-kernel,
	Matt Fleming, Sai Praneeth Prakhya

On 5 June 2017 at 09:07, Ingo Molnar <mingo@kernel.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>
>> (trim cc)
>>
>> On 2 June 2017 at 13:51, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>> > The following changes since commit 5ed02dbb497422bf225783f46e6eadd237d23d6b:
>> >
>> >   Linux 4.12-rc3 (2017-05-28 17:20:53 -0700)
>> >
>> > are available in the git repository at:
>> >
>> >   git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next
>> >
>> > for you to fetch changes up to 3acbd5a24ab9d9a82c56d9018f4d340fa574b91d:
>> >
>> >   efi: arm: enable DMI/SMBIOS (2017-06-02 13:38:56 +0000)
>> >
>> > ----------------------------------------------------------------
>> > First batch of EFI changes for v4.13:
>> > - rework the EFI capsule loader to allow for workarounds for non-compliant
>> >   firmware to be implemented more easily and in a more self contained
>> >   manner (Ard)
>> > - implement a capsule loader quirk for Quark X102x, which prepends a
>> >   security header in a non-compliant way (Jan Kiszka)
>> > - enable SMBIOS/DMI support for the ARM architecture (Ard)
>> > - add EFI_PGT_DUMP support for x86_32 and kexec (Sai Praneeth)
>> > - some other cleanups
>> >
>> > ----------------------------------------------------------------
>> > Andy Lutomirski (1):
>> >       x86/efi: Clean up efi CR3 save/restore
>> >
>> > Ard Biesheuvel (4):
>> >       efi/capsule-loader: Use a cached copy of the capsule header
>> >       efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
>> >       efi/capsule-loader: Use page addresses rather than struct page pointers
>> >       efi: arm: enable DMI/SMBIOS
>> >
>> > Fabian Frederick (1):
>> >       efi/capsule: Remove NULL test on kmap()
>> >
>> > Geliang Tang (1):
>> >       efi/efi_test: Use memdup_user() helper
>> >
>> > Jan Kiszka (5):
>> >       efi/capsule: Fix return code on failing kmap/vmap
>> >       efi/capsule: Remove pr_debug on ENOMEM or EFAULT
>> >       efi/capsule: Clean up pr_err/info messages
>> >       efi/capsule: Adjust return type of efi_capsule_setup_info
>> >       efi/capsule: Add support for Quark security header
>> >
>> > Sai Praneeth (1):
>> >       x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec
>> >
>>
>> All,
>>
>> I just noticed that this patch lacks my signoff. This is due to the
>> fact that Matt queued this particular patch, and I didn't update the
>> branch to add my sob, so it is only signed off by Matt not me.
>>
>> How should we handle this now, and in the future? Matt and I share
>> maintainership responsibilities, and so everything that gets queued
>> into the EFI tree may be treated as signed off by either and/or the
>> both of us. For multi-maintainer trees that get pulled directly, this
>> is usually not an issue AFAIK, but given that Ingo is the one that
>> deals with EFI usually, and prefers to apply the patches individually,
>> this may  get flagged as a missing signoff.
>
> So the root problem is that that's not the proper usage of SOB: SOB tracks the
> true propagation of patches, it's not an Acked-by tag.
>
> What should be added instead in such cases is an Acked-by or Reviewed-by from your
> co-maintainer when you apply the patch - and a SOB of yourself. That is how we are
> doing it in -tip: you'll see that 99% of the patches there get signed off by only
> one of the co-maintainers.
>

OK, so by that reasoning, having a mix of patches sob'ed by Matt xor
sob'ed by me in the same pull request is fine. Are all patches in -tip
acked/rb'd by the co-maintainers that did not do the signoff? If not,
why should that requirement exist for the EFI tree?

>> In any case, I am happy to respin the patches, re-sign the tag etc if this is
>> deemed necessary.
>
> It would be nice to fix your SOB flow: the maintainer who queues up a patch should
> add the SOB, and add an Acked-by of the co-maintainer if the co-maintainer agrees
> with the patch as well. The tree should typically not be rebased after that point
> (especially not by the other co-maintainer) - that's just indicative of a messy
> workflow.
>

OK, so this is exactly what we have in the queue right now, and what I
sent the pull request for.

-- 
Ard.

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-05  9:35       ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05  9:35 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Thomas Gleixner,
	H . Peter Anvin, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matt Fleming, Sai Praneeth Prakhya

On 5 June 2017 at 09:07, Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
>
>> (trim cc)
>>
>> On 2 June 2017 at 13:51, Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
>> > The following changes since commit 5ed02dbb497422bf225783f46e6eadd237d23d6b:
>> >
>> >   Linux 4.12-rc3 (2017-05-28 17:20:53 -0700)
>> >
>> > are available in the git repository at:
>> >
>> >   git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-next
>> >
>> > for you to fetch changes up to 3acbd5a24ab9d9a82c56d9018f4d340fa574b91d:
>> >
>> >   efi: arm: enable DMI/SMBIOS (2017-06-02 13:38:56 +0000)
>> >
>> > ----------------------------------------------------------------
>> > First batch of EFI changes for v4.13:
>> > - rework the EFI capsule loader to allow for workarounds for non-compliant
>> >   firmware to be implemented more easily and in a more self contained
>> >   manner (Ard)
>> > - implement a capsule loader quirk for Quark X102x, which prepends a
>> >   security header in a non-compliant way (Jan Kiszka)
>> > - enable SMBIOS/DMI support for the ARM architecture (Ard)
>> > - add EFI_PGT_DUMP support for x86_32 and kexec (Sai Praneeth)
>> > - some other cleanups
>> >
>> > ----------------------------------------------------------------
>> > Andy Lutomirski (1):
>> >       x86/efi: Clean up efi CR3 save/restore
>> >
>> > Ard Biesheuvel (4):
>> >       efi/capsule-loader: Use a cached copy of the capsule header
>> >       efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias
>> >       efi/capsule-loader: Use page addresses rather than struct page pointers
>> >       efi: arm: enable DMI/SMBIOS
>> >
>> > Fabian Frederick (1):
>> >       efi/capsule: Remove NULL test on kmap()
>> >
>> > Geliang Tang (1):
>> >       efi/efi_test: Use memdup_user() helper
>> >
>> > Jan Kiszka (5):
>> >       efi/capsule: Fix return code on failing kmap/vmap
>> >       efi/capsule: Remove pr_debug on ENOMEM or EFAULT
>> >       efi/capsule: Clean up pr_err/info messages
>> >       efi/capsule: Adjust return type of efi_capsule_setup_info
>> >       efi/capsule: Add support for Quark security header
>> >
>> > Sai Praneeth (1):
>> >       x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec
>> >
>>
>> All,
>>
>> I just noticed that this patch lacks my signoff. This is due to the
>> fact that Matt queued this particular patch, and I didn't update the
>> branch to add my sob, so it is only signed off by Matt not me.
>>
>> How should we handle this now, and in the future? Matt and I share
>> maintainership responsibilities, and so everything that gets queued
>> into the EFI tree may be treated as signed off by either and/or the
>> both of us. For multi-maintainer trees that get pulled directly, this
>> is usually not an issue AFAIK, but given that Ingo is the one that
>> deals with EFI usually, and prefers to apply the patches individually,
>> this may  get flagged as a missing signoff.
>
> So the root problem is that that's not the proper usage of SOB: SOB tracks the
> true propagation of patches, it's not an Acked-by tag.
>
> What should be added instead in such cases is an Acked-by or Reviewed-by from your
> co-maintainer when you apply the patch - and a SOB of yourself. That is how we are
> doing it in -tip: you'll see that 99% of the patches there get signed off by only
> one of the co-maintainers.
>

OK, so by that reasoning, having a mix of patches sob'ed by Matt xor
sob'ed by me in the same pull request is fine. Are all patches in -tip
acked/rb'd by the co-maintainers that did not do the signoff? If not,
why should that requirement exist for the EFI tree?

>> In any case, I am happy to respin the patches, re-sign the tag etc if this is
>> deemed necessary.
>
> It would be nice to fix your SOB flow: the maintainer who queues up a patch should
> add the SOB, and add an Acked-by of the co-maintainer if the co-maintainer agrees
> with the patch as well. The tree should typically not be rebased after that point
> (especially not by the other co-maintainer) - that's just indicative of a messy
> workflow.
>

OK, so this is exactly what we have in the queue right now, and what I
sent the pull request for.

-- 
Ard.

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
@ 2017-06-05 15:40     ` Ingo Molnar
  0 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05 15:40 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, Andy Lutomirski,
	linux-kernel, Borislav Petkov, Andy Lutomirski, Matt Fleming


* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:

> From: Andy Lutomirski <luto@kernel.org>
> 
> efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
> three different things depending on kernel and system configuration.
> Clean it up so it uses a union and is more explicit about what's
> going on.
> 
> Signed-off-by: Andy Lutomirski <luto@kernel.org>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Andy Lutomirski <luto@amacapital.net>
> Cc: Ingo Molnar <mingo@kernel.org>
> Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
>  arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
>  arch/x86/platform/efi/efi.c    |  6 +++---
>  arch/x86/platform/efi/efi_32.c | 12 ++++++------
>  arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
>  4 files changed, 36 insertions(+), 21 deletions(-)

Hm, this patch does not apply cleanly to v4.12-rc4:

 Applying patch patches/x86efi_Clean_up_efi_CR3_saverestore-1.patch
 patching file arch/x86/include/asm/efi.h
 patching file arch/x86/platform/efi/efi.c
 patching file arch/x86/platform/efi/efi_32.c
 patching file arch/x86/platform/efi/efi_64.c
 Hunk #1 FAILED at 69.
 Hunk #2 FAILED at 86.
 Hunk #3 succeeded at 152 with fuzz 1 (offset 44 lines).
 Hunk #4 FAILED at 116.
 3 out of 4 hunks FAILED -- rejects in file arch/x86/platform/efi/efi_64.c

what tree is this against?

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
@ 2017-06-05 15:40     ` Ingo Molnar
  0 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05 15:40 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Thomas Gleixner,
	H . Peter Anvin, Andy Lutomirski,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA, Borislav Petkov,
	Andy Lutomirski, Matt Fleming


* Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:

> From: Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
> 
> efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
> three different things depending on kernel and system configuration.
> Clean it up so it uses a union and is more explicit about what's
> going on.
> 
> Signed-off-by: Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
> Cc: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
> Cc: Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>
> Cc: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
> Cc: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
> Signed-off-by: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
> ---
>  arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
>  arch/x86/platform/efi/efi.c    |  6 +++---
>  arch/x86/platform/efi/efi_32.c | 12 ++++++------
>  arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
>  4 files changed, 36 insertions(+), 21 deletions(-)

Hm, this patch does not apply cleanly to v4.12-rc4:

 Applying patch patches/x86efi_Clean_up_efi_CR3_saverestore-1.patch
 patching file arch/x86/include/asm/efi.h
 patching file arch/x86/platform/efi/efi.c
 patching file arch/x86/platform/efi/efi_32.c
 patching file arch/x86/platform/efi/efi_64.c
 Hunk #1 FAILED at 69.
 Hunk #2 FAILED at 86.
 Hunk #3 succeeded at 152 with fuzz 1 (offset 44 lines).
 Hunk #4 FAILED at 116.
 3 out of 4 hunks FAILED -- rejects in file arch/x86/platform/efi/efi_64.c

what tree is this against?

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 10/13] efi/capsule: Add support for Quark security header
  2017-06-02 13:52 ` [PATCH 10/13] efi/capsule: Add support for Quark security header Ard Biesheuvel
@ 2017-06-05 15:50   ` Ingo Molnar
  2017-06-05 16:00       ` Ard Biesheuvel
  2017-06-05 17:14   ` [tip:efi/core] " tip-bot for Jan Kiszka
  1 sibling, 1 reply; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05 15:50 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, Jan Kiszka,
	linux-kernel, Matt Fleming


* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:

> From: Jan Kiszka <jan.kiszka@siemens.com>
> 
> The firmware for Quark X102x prepends a security header to the capsule
> which is needed to support the mandatory secure boot on this processor.
> The header can be detected by checking for the "_CSH" signature and -
> to avoid any GUID conflict - validating its size field to contain the
> expected value. Then we need to look for the EFI header right after the
> security header and pass the real header to __efi_capsule_setup_info.
> 
> To be minimal invasive and maximal safe, the quirk version of
> efi_capsule_identify_image is only effective on Quark processors.

So there's no efi_capsule_identify_image() function anywhere - this wants to be 
efi_capsule_setup_info(), right?

I have edited the changelog accordingly.

> +config EFI_CAPSULE_QUIRK_QUARK_CSH
> +	boolean "Add support for Quark capsules with non-standard headers"
> +	depends on X86 && !64BIT
> +	select EFI_CAPSULE_LOADER
> +	default y
> +	help
> +	  Add support for processing Quark X1000 EFI capsules, whose header
> +	  layout deviates from the layout mandated by the UEFI specification.

BTW., there's no need to further put this behind a Kconfig option: the quirk seems 
targeted enough, and the whole point of runtime quirks is so that can be applied 
safely within generic kernels. Turning them off via Kconfig seems wrong.

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-05 15:53         ` Ingo Molnar
  0 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05 15:53 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, linux-kernel,
	Matt Fleming, Sai Praneeth Prakhya


* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:

> > It would be nice to fix your SOB flow: the maintainer who queues up a patch should
> > add the SOB, and add an Acked-by of the co-maintainer if the co-maintainer agrees
> > with the patch as well. The tree should typically not be rebased after that point
> > (especially not by the other co-maintainer) - that's just indicative of a messy
> > workflow.
> 
> OK, so this is exactly what we have in the queue right now, and what I
> sent the pull request for.

Ok, the SOB chains are perfect - and I've started applying the patches to 
tip:efi/core.

Most of them are looking good, except #1 which won't apply. There were a few small 
details in changelogs that I have fixed up in place.

Will push out the rest if they pass testing.

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [GIT PULL 00/13] First batch of EFI updates for v4.13
@ 2017-06-05 15:53         ` Ingo Molnar
  0 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05 15:53 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Thomas Gleixner,
	H . Peter Anvin, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matt Fleming, Sai Praneeth Prakhya


* Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:

> > It would be nice to fix your SOB flow: the maintainer who queues up a patch should
> > add the SOB, and add an Acked-by of the co-maintainer if the co-maintainer agrees
> > with the patch as well. The tree should typically not be rebased after that point
> > (especially not by the other co-maintainer) - that's just indicative of a messy
> > workflow.
> 
> OK, so this is exactly what we have in the queue right now, and what I
> sent the pull request for.

Ok, the SOB chains are perfect - and I've started applying the patches to 
tip:efi/core.

Most of them are looking good, except #1 which won't apply. There were a few small 
details in changelogs that I have fixed up in place.

Will push out the rest if they pass testing.

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 10/13] efi/capsule: Add support for Quark security header
@ 2017-06-05 16:00       ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05 16:00 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, Jan Kiszka,
	linux-kernel, Matt Fleming

On 5 June 2017 at 15:50, Ingo Molnar <mingo@kernel.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> The firmware for Quark X102x prepends a security header to the capsule
>> which is needed to support the mandatory secure boot on this processor.
>> The header can be detected by checking for the "_CSH" signature and -
>> to avoid any GUID conflict - validating its size field to contain the
>> expected value. Then we need to look for the EFI header right after the
>> security header and pass the real header to __efi_capsule_setup_info.
>>
>> To be minimal invasive and maximal safe, the quirk version of
>> efi_capsule_identify_image is only effective on Quark processors.
>
> So there's no efi_capsule_identify_image() function anywhere - this wants to be
> efi_capsule_setup_info(), right?
>
> I have edited the changelog accordingly.
>

Thanks

>> +config EFI_CAPSULE_QUIRK_QUARK_CSH
>> +     boolean "Add support for Quark capsules with non-standard headers"
>> +     depends on X86 && !64BIT
>> +     select EFI_CAPSULE_LOADER
>> +     default y
>> +     help
>> +       Add support for processing Quark X1000 EFI capsules, whose header
>> +       layout deviates from the layout mandated by the UEFI specification.
>
> BTW., there's no need to further put this behind a Kconfig option: the quirk seems
> targeted enough, and the whole point of runtime quirks is so that can be applied
> safely within generic kernels. Turning them off via Kconfig seems wrong.
>

Not entirely: enabling this quirk will remove the ability to select
EFI_CAPSULE_LOADER as a module. So making it unconditional makes
EFI_CAPSULE_LOADER builtin-only for 32-bit x86. This is necessary for
the override of __weak symbols in the generic capsule code to work as
expected.

This was a compromise between allowing no capsule loader quirks at
all, and having an elaborate framework with hooks in various places
(which invariably ends up parameterizing the wrong things if you have
only one real world quirk to design your framework around).

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 10/13] efi/capsule: Add support for Quark security header
@ 2017-06-05 16:00       ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05 16:00 UTC (permalink / raw)
  To: Ingo Molnar
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Thomas Gleixner,
	H . Peter Anvin, Jan Kiszka, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Matt Fleming

On 5 June 2017 at 15:50, Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
>
>> From: Jan Kiszka <jan.kiszka-kv7WeFo6aLtBDgjK7y7TUQ@public.gmane.org>
>>
>> The firmware for Quark X102x prepends a security header to the capsule
>> which is needed to support the mandatory secure boot on this processor.
>> The header can be detected by checking for the "_CSH" signature and -
>> to avoid any GUID conflict - validating its size field to contain the
>> expected value. Then we need to look for the EFI header right after the
>> security header and pass the real header to __efi_capsule_setup_info.
>>
>> To be minimal invasive and maximal safe, the quirk version of
>> efi_capsule_identify_image is only effective on Quark processors.
>
> So there's no efi_capsule_identify_image() function anywhere - this wants to be
> efi_capsule_setup_info(), right?
>
> I have edited the changelog accordingly.
>

Thanks

>> +config EFI_CAPSULE_QUIRK_QUARK_CSH
>> +     boolean "Add support for Quark capsules with non-standard headers"
>> +     depends on X86 && !64BIT
>> +     select EFI_CAPSULE_LOADER
>> +     default y
>> +     help
>> +       Add support for processing Quark X1000 EFI capsules, whose header
>> +       layout deviates from the layout mandated by the UEFI specification.
>
> BTW., there's no need to further put this behind a Kconfig option: the quirk seems
> targeted enough, and the whole point of runtime quirks is so that can be applied
> safely within generic kernels. Turning them off via Kconfig seems wrong.
>

Not entirely: enabling this quirk will remove the ability to select
EFI_CAPSULE_LOADER as a module. So making it unconditional makes
EFI_CAPSULE_LOADER builtin-only for 32-bit x86. This is necessary for
the override of __weak symbols in the generic capsule code to work as
expected.

This was a compromise between allowing no capsule loader quirks at
all, and having an elaborate framework with hooks in various places
(which invariably ends up parameterizing the wrong things if you have
only one real world quirk to design your framework around).

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
@ 2017-06-05 16:03       ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05 16:03 UTC (permalink / raw)
  To: Ingo Molnar, Andy Lutomirski
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, linux-kernel,
	Borislav Petkov, Andy Lutomirski, Matt Fleming

On 5 June 2017 at 15:40, Ingo Molnar <mingo@kernel.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>
>> From: Andy Lutomirski <luto@kernel.org>
>>
>> efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
>> three different things depending on kernel and system configuration.
>> Clean it up so it uses a union and is more explicit about what's
>> going on.
>>
>> Signed-off-by: Andy Lutomirski <luto@kernel.org>
>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> Cc: Borislav Petkov <bp@alien8.de>
>> Cc: Andy Lutomirski <luto@amacapital.net>
>> Cc: Ingo Molnar <mingo@kernel.org>
>> Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>>  arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
>>  arch/x86/platform/efi/efi.c    |  6 +++---
>>  arch/x86/platform/efi/efi_32.c | 12 ++++++------
>>  arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
>>  4 files changed, 36 insertions(+), 21 deletions(-)
>
> Hm, this patch does not apply cleanly to v4.12-rc4:
>
>  Applying patch patches/x86efi_Clean_up_efi_CR3_saverestore-1.patch
>  patching file arch/x86/include/asm/efi.h
>  patching file arch/x86/platform/efi/efi.c
>  patching file arch/x86/platform/efi/efi_32.c
>  patching file arch/x86/platform/efi/efi_64.c
>  Hunk #1 FAILED at 69.
>  Hunk #2 FAILED at 86.
>  Hunk #3 succeeded at 152 with fuzz 1 (offset 44 lines).
>  Hunk #4 FAILED at 116.
>  3 out of 4 hunks FAILED -- rejects in file arch/x86/platform/efi/efi_64.c
>
> what tree is this against?
>

This is against v4.12-rc3, which lacked the EFI fix Matt sent out in
the mean time.

Feel free to drop it for now, and we can requeue it later if Andy is
willing to rebase it.

Thanks,
Ard.

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
@ 2017-06-05 16:03       ` Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: Ard Biesheuvel @ 2017-06-05 16:03 UTC (permalink / raw)
  To: Ingo Molnar, Andy Lutomirski
  Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA, Thomas Gleixner,
	H . Peter Anvin, linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	Borislav Petkov, Andy Lutomirski, Matt Fleming

On 5 June 2017 at 15:40, Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org> wrote:
>
> * Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org> wrote:
>
>> From: Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
>>
>> efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
>> three different things depending on kernel and system configuration.
>> Clean it up so it uses a union and is more explicit about what's
>> going on.
>>
>> Signed-off-by: Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
>> Cc: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
>> Cc: Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>
>> Cc: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
>> Cc: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
>> Signed-off-by: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
>> ---
>>  arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
>>  arch/x86/platform/efi/efi.c    |  6 +++---
>>  arch/x86/platform/efi/efi_32.c | 12 ++++++------
>>  arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
>>  4 files changed, 36 insertions(+), 21 deletions(-)
>
> Hm, this patch does not apply cleanly to v4.12-rc4:
>
>  Applying patch patches/x86efi_Clean_up_efi_CR3_saverestore-1.patch
>  patching file arch/x86/include/asm/efi.h
>  patching file arch/x86/platform/efi/efi.c
>  patching file arch/x86/platform/efi/efi_32.c
>  patching file arch/x86/platform/efi/efi_64.c
>  Hunk #1 FAILED at 69.
>  Hunk #2 FAILED at 86.
>  Hunk #3 succeeded at 152 with fuzz 1 (offset 44 lines).
>  Hunk #4 FAILED at 116.
>  3 out of 4 hunks FAILED -- rejects in file arch/x86/platform/efi/efi_64.c
>
> what tree is this against?
>

This is against v4.12-rc3, which lacked the EFI fix Matt sent out in
the mean time.

Feel free to drop it for now, and we can requeue it later if Andy is
willing to rebase it.

Thanks,
Ard.

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 10/13] efi/capsule: Add support for Quark security header
  2017-06-05 16:00       ` Ard Biesheuvel
  (?)
@ 2017-06-05 16:11       ` Ingo Molnar
  -1 siblings, 0 replies; 46+ messages in thread
From: Ingo Molnar @ 2017-06-05 16:11 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: linux-efi, Thomas Gleixner, H . Peter Anvin, Jan Kiszka,
	linux-kernel, Matt Fleming


* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:

> >> +config EFI_CAPSULE_QUIRK_QUARK_CSH
> >> +     boolean "Add support for Quark capsules with non-standard headers"
> >> +     depends on X86 && !64BIT
> >> +     select EFI_CAPSULE_LOADER
> >> +     default y
> >> +     help
> >> +       Add support for processing Quark X1000 EFI capsules, whose header
> >> +       layout deviates from the layout mandated by the UEFI specification.
> >
> > BTW., there's no need to further put this behind a Kconfig option: the quirk seems
> > targeted enough, and the whole point of runtime quirks is so that can be applied
> > safely within generic kernels. Turning them off via Kconfig seems wrong.
> >
> 
> Not entirely: enabling this quirk will remove the ability to select
> EFI_CAPSULE_LOADER as a module. So making it unconditional makes
> EFI_CAPSULE_LOADER builtin-only for 32-bit x86. This is necessary for
> the override of __weak symbols in the generic capsule code to work as
> expected.
> 
> This was a compromise between allowing no capsule loader quirks at
> all, and having an elaborate framework with hooks in various places
> (which invariably ends up parameterizing the wrong things if you have
> only one real world quirk to design your framework around).

Ok, I see - fair enough!

Thanks,

	Ingo

^ permalink raw reply	[flat|nested] 46+ messages in thread

* Re: [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore
  2017-06-05 16:03       ` Ard Biesheuvel
  (?)
@ 2017-06-05 16:14       ` Andy Lutomirski
  -1 siblings, 0 replies; 46+ messages in thread
From: Andy Lutomirski @ 2017-06-05 16:14 UTC (permalink / raw)
  To: Ard Biesheuvel
  Cc: Ingo Molnar, Andy Lutomirski, linux-efi, Thomas Gleixner,
	H . Peter Anvin, linux-kernel, Borislav Petkov, Matt Fleming

On Mon, Jun 5, 2017 at 9:03 AM, Ard Biesheuvel
<ard.biesheuvel@linaro.org> wrote:
> On 5 June 2017 at 15:40, Ingo Molnar <mingo@kernel.org> wrote:
>>
>> * Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>>
>>> From: Andy Lutomirski <luto@kernel.org>
>>>
>>> efi_call_phys_prolog() used to return a "pgd_t *" that meant one of
>>> three different things depending on kernel and system configuration.
>>> Clean it up so it uses a union and is more explicit about what's
>>> going on.
>>>
>>> Signed-off-by: Andy Lutomirski <luto@kernel.org>
>>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>> Cc: Borislav Petkov <bp@alien8.de>
>>> Cc: Andy Lutomirski <luto@amacapital.net>
>>> Cc: Ingo Molnar <mingo@kernel.org>
>>> Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>> ---
>>>  arch/x86/include/asm/efi.h     | 17 +++++++++++++++--
>>>  arch/x86/platform/efi/efi.c    |  6 +++---
>>>  arch/x86/platform/efi/efi_32.c | 12 ++++++------
>>>  arch/x86/platform/efi/efi_64.c | 22 ++++++++++++----------
>>>  4 files changed, 36 insertions(+), 21 deletions(-)
>>
>> Hm, this patch does not apply cleanly to v4.12-rc4:
>>
>>  Applying patch patches/x86efi_Clean_up_efi_CR3_saverestore-1.patch
>>  patching file arch/x86/include/asm/efi.h
>>  patching file arch/x86/platform/efi/efi.c
>>  patching file arch/x86/platform/efi/efi_32.c
>>  patching file arch/x86/platform/efi/efi_64.c
>>  Hunk #1 FAILED at 69.
>>  Hunk #2 FAILED at 86.
>>  Hunk #3 succeeded at 152 with fuzz 1 (offset 44 lines).
>>  Hunk #4 FAILED at 116.
>>  3 out of 4 hunks FAILED -- rejects in file arch/x86/platform/efi/efi_64.c
>>
>> what tree is this against?
>>
>
> This is against v4.12-rc3, which lacked the EFI fix Matt sent out in
> the mean time.
>
> Feel free to drop it for now, and we can requeue it later if Andy is
> willing to rebase it.

I had hoped this would make it into 4.12-rc1 so I could base PCID on
top of it.  I'll probably resend it once PCID lands and base it on
PCID instead.  (It's a trivial one-line conflict, but still...)

--Andy

^ permalink raw reply	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule: Fix return code on failing kmap/vmap
  2017-06-02 13:51 ` [PATCH 02/13] efi/capsule: Fix return code on failing kmap/vmap Ard Biesheuvel
@ 2017-06-05 17:10   ` tip-bot for Jan Kiszka
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Jan Kiszka @ 2017-06-05 17:10 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: hpa, mingo, ard.biesheuvel, linux-kernel, tglx, matt, jan.kiszka,
	torvalds, peterz

Commit-ID:  fb153dc53f0eb8e8ad6a69f773e44c2d12daa5d0
Gitweb:     http://git.kernel.org/tip/fb153dc53f0eb8e8ad6a69f773e44c2d12daa5d0
Author:     Jan Kiszka <jan.kiszka@siemens.com>
AuthorDate: Fri, 2 Jun 2017 13:51:56 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:37 +0200

efi/capsule: Fix return code on failing kmap/vmap

If kmap or vmap fail, it means we ran out of memory. There are no
user-provided addressed involved that would justify EFAULT.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-3-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 9ae6c11..91e91f7 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -113,7 +113,7 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 			VM_MAP, PAGE_KERNEL);
 	if (!cap_hdr_temp) {
 		pr_debug("%s: vmap() failed\n", __func__);
-		return -EFAULT;
+		return -ENOMEM;
 	}
 
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
@@ -185,7 +185,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	kbuff = kmap(page);
 	if (!kbuff) {
 		pr_debug("%s: kmap() failed\n", __func__);
-		ret = -EFAULT;
+		ret = -ENOMEM;
 		goto failed;
 	}
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule: Remove pr_debug() on ENOMEM or EFAULT
  2017-06-02 13:51   ` Ard Biesheuvel
  (?)
@ 2017-06-05 17:10   ` tip-bot for Jan Kiszka
  -1 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Jan Kiszka @ 2017-06-05 17:10 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: matt, torvalds, mingo, linux-kernel, jan.kiszka, peterz, hpa,
	ard.biesheuvel, tglx

Commit-ID:  7367633f0bfd783ae5838141f3af88bba6c45eb9
Gitweb:     http://git.kernel.org/tip/7367633f0bfd783ae5838141f3af88bba6c45eb9
Author:     Jan Kiszka <jan.kiszka@siemens.com>
AuthorDate: Fri, 2 Jun 2017 13:51:57 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:38 +0200

efi/capsule: Remove pr_debug() on ENOMEM or EFAULT

Both cases are not worth a debug log message - the error code is telling
enough.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-4-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 91e91f7..7b57dda 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -88,10 +88,8 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
-	if (!temp_page) {
-		pr_debug("%s: krealloc() failed\n", __func__);
+	if (!temp_page)
 		return -ENOMEM;
-	}
 
 	cap_info->pages = temp_page;
 	cap_info->header_obtained = true;
@@ -111,10 +109,8 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 
 	cap_hdr_temp = vmap(cap_info->pages, cap_info->index,
 			VM_MAP, PAGE_KERNEL);
-	if (!cap_hdr_temp) {
-		pr_debug("%s: vmap() failed\n", __func__);
+	if (!cap_hdr_temp)
 		return -ENOMEM;
-	}
 
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
 	vunmap(cap_hdr_temp);
@@ -171,7 +167,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	if (!cap_info->page_bytes_remain) {
 		page = alloc_page(GFP_KERNEL);
 		if (!page) {
-			pr_debug("%s: alloc_page() failed\n", __func__);
 			ret = -ENOMEM;
 			goto failed;
 		}
@@ -184,7 +179,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 
 	kbuff = kmap(page);
 	if (!kbuff) {
-		pr_debug("%s: kmap() failed\n", __func__);
 		ret = -ENOMEM;
 		goto failed;
 	}
@@ -193,7 +187,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	/* Copy capsule binary data from user space to kernel space buffer */
 	write_byte = min_t(size_t, count, cap_info->page_bytes_remain);
 	if (copy_from_user(kbuff, buff, write_byte)) {
-		pr_debug("%s: copy_from_user() failed\n", __func__);
 		ret = -EFAULT;
 		goto fail_unmap;
 	}

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule: Clean up pr_err/_info() messages
  2017-06-02 13:51 ` [PATCH 04/13] efi/capsule: Clean up pr_err/info messages Ard Biesheuvel
@ 2017-06-05 17:11   ` tip-bot for Jan Kiszka
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Jan Kiszka @ 2017-06-05 17:11 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: peterz, ard.biesheuvel, mingo, jan.kiszka, linux-kernel, matt,
	tglx, torvalds, hpa

Commit-ID:  5dce14b9d1a29cf76331f0fe8eb7efd63e0fcb9a
Gitweb:     http://git.kernel.org/tip/5dce14b9d1a29cf76331f0fe8eb7efd63e0fcb9a
Author:     Jan Kiszka <jan.kiszka@siemens.com>
AuthorDate: Fri, 2 Jun 2017 13:51:58 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:39 +0200

efi/capsule: Clean up pr_err/_info() messages

Avoid __func__, improve the information provided by some of the
messages.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-5-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 7b57dda..3fb91e1 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -70,7 +70,7 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 	pages_needed = ALIGN(cap_hdr->imagesize, PAGE_SIZE) >> PAGE_SHIFT;
 
 	if (pages_needed == 0) {
-		pr_err("%s: pages count invalid\n", __func__);
+		pr_err("invalid capsule size");
 		return -EINVAL;
 	}
 
@@ -79,8 +79,7 @@ static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
 				    cap_hdr->imagesize,
 				    &cap_info->reset_type);
 	if (ret) {
-		pr_err("%s: efi_capsule_supported() failed\n",
-		       __func__);
+		pr_err("capsule not supported\n");
 		return ret;
 	}
 
@@ -115,14 +114,14 @@ static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
 	vunmap(cap_hdr_temp);
 	if (ret) {
-		pr_err("%s: efi_capsule_update() failed\n", __func__);
+		pr_err("capsule update failed\n");
 		return ret;
 	}
 
 	/* Indicate capsule binary uploading is done */
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
-	pr_info("%s: Successfully upload capsule file with reboot type '%s'\n",
-		__func__, !cap_info->reset_type ? "RESET_COLD" :
+	pr_info("Successfully upload capsule file with reboot type '%s'\n",
+		!cap_info->reset_type ? "RESET_COLD" :
 		cap_info->reset_type == 1 ? "RESET_WARM" :
 		"RESET_SHUTDOWN");
 	return 0;
@@ -207,8 +206,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	if (cap_info->header_obtained &&
 	    cap_info->count >= cap_info->total_size) {
 		if (cap_info->count > cap_info->total_size) {
-			pr_err("%s: upload size exceeded header defined size\n",
-			       __func__);
+			pr_err("capsule upload size exceeded header defined size\n");
 			ret = -EINVAL;
 			goto failed;
 		}
@@ -242,7 +240,7 @@ static int efi_capsule_flush(struct file *file, fl_owner_t id)
 	struct capsule_info *cap_info = file->private_data;
 
 	if (cap_info->index > 0) {
-		pr_err("%s: capsule upload not complete\n", __func__);
+		pr_err("capsule upload not complete\n");
 		efi_free_all_buff_pages(cap_info);
 		ret = -ECANCELED;
 	}
@@ -321,8 +319,7 @@ static int __init efi_capsule_loader_init(void)
 
 	ret = misc_register(&efi_capsule_misc);
 	if (ret)
-		pr_err("%s: Failed to register misc char file note\n",
-		       __func__);
+		pr_err("Unable to register capsule loader device\n");
 
 	return ret;
 }

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule: Adjust return type of efi_capsule_setup_info()
  2017-06-02 13:51 ` [PATCH 05/13] efi/capsule: Adjust return type of efi_capsule_setup_info Ard Biesheuvel
@ 2017-06-05 17:12   ` tip-bot for Jan Kiszka
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Jan Kiszka @ 2017-06-05 17:12 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: tglx, jan.kiszka, torvalds, hpa, matt, linux-kernel, mingo,
	ard.biesheuvel, peterz

Commit-ID:  41b0c376951417d1b37448957b30f766b10d3090
Gitweb:     http://git.kernel.org/tip/41b0c376951417d1b37448957b30f766b10d3090
Author:     Jan Kiszka <jan.kiszka@siemens.com>
AuthorDate: Fri, 2 Jun 2017 13:51:59 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:39 +0200

efi/capsule: Adjust return type of efi_capsule_setup_info()

We actually expect int at the caller and never return any size
information.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-6-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 3fb91e1..37d3f6e 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -53,8 +53,8 @@ static void efi_free_all_buff_pages(struct capsule_info *cap_info)
  * @kbuff: a mapped first page buffer pointer
  * @hdr_bytes: the total received number of bytes for efi header
  **/
-static ssize_t efi_capsule_setup_info(struct capsule_info *cap_info,
-				      void *kbuff, size_t hdr_bytes)
+static int efi_capsule_setup_info(struct capsule_info *cap_info,
+				  void *kbuff, size_t hdr_bytes)
 {
 	efi_capsule_header_t *cap_hdr;
 	size_t pages_needed;

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule-loader: Use a cached copy of the capsule header
  2017-06-02 13:52 ` [PATCH 06/13] efi/capsule-loader: Use a cached copy of the capsule header Ard Biesheuvel
@ 2017-06-05 17:12   ` tip-bot for Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Ard Biesheuvel @ 2017-06-05 17:12 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: ard.biesheuvel, matt, hpa, mingo, torvalds, tglx, linux-kernel, peterz

Commit-ID:  82c3768b8d68c40ecde92338899c838b7c674ffb
Gitweb:     http://git.kernel.org/tip/82c3768b8d68c40ecde92338899c838b7c674ffb
Author:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
AuthorDate: Fri, 2 Jun 2017 13:52:00 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:40 +0200

efi/capsule-loader: Use a cached copy of the capsule header

Instead of kmapping the capsule data twice, copy the capsule header
into the capsule info struct we keep locally. This is an improvement
by itself, but will also enable handling of non-standard header formats
more easily.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-7-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 41 +++++++++++++++--------------------
 1 file changed, 17 insertions(+), 24 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 37d3f6e..5b012a4 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -21,13 +21,13 @@
 #define NO_FURTHER_WRITE_ACTION -1
 
 struct capsule_info {
-	bool		header_obtained;
-	int		reset_type;
-	long		index;
-	size_t		count;
-	size_t		total_size;
-	struct page	**pages;
-	size_t		page_bytes_remain;
+	efi_capsule_header_t	header;
+	int			reset_type;
+	long			index;
+	size_t			count;
+	size_t			total_size;
+	struct page		**pages;
+	size_t			page_bytes_remain;
 };
 
 /**
@@ -56,7 +56,6 @@ static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 static int efi_capsule_setup_info(struct capsule_info *cap_info,
 				  void *kbuff, size_t hdr_bytes)
 {
-	efi_capsule_header_t *cap_hdr;
 	size_t pages_needed;
 	int ret;
 	void *temp_page;
@@ -66,8 +65,9 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 		return 0;
 
 	/* Reset back to the correct offset of header */
-	cap_hdr = kbuff - cap_info->count;
-	pages_needed = ALIGN(cap_hdr->imagesize, PAGE_SIZE) >> PAGE_SHIFT;
+	kbuff -= cap_info->count;
+	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
+	pages_needed = ALIGN(cap_info->header.imagesize, PAGE_SIZE) / PAGE_SIZE;
 
 	if (pages_needed == 0) {
 		pr_err("invalid capsule size");
@@ -75,15 +75,16 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 	}
 
 	/* Check if the capsule binary supported */
-	ret = efi_capsule_supported(cap_hdr->guid, cap_hdr->flags,
-				    cap_hdr->imagesize,
+	ret = efi_capsule_supported(cap_info->header.guid,
+				    cap_info->header.flags,
+				    cap_info->header.imagesize,
 				    &cap_info->reset_type);
 	if (ret) {
 		pr_err("capsule not supported\n");
 		return ret;
 	}
 
-	cap_info->total_size = cap_hdr->imagesize;
+	cap_info->total_size = cap_info->header.imagesize;
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
@@ -91,7 +92,6 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 		return -ENOMEM;
 
 	cap_info->pages = temp_page;
-	cap_info->header_obtained = true;
 
 	return 0;
 }
@@ -104,15 +104,8 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 static ssize_t efi_capsule_submit_update(struct capsule_info *cap_info)
 {
 	int ret;
-	void *cap_hdr_temp;
 
-	cap_hdr_temp = vmap(cap_info->pages, cap_info->index,
-			VM_MAP, PAGE_KERNEL);
-	if (!cap_hdr_temp)
-		return -ENOMEM;
-
-	ret = efi_capsule_update(cap_hdr_temp, cap_info->pages);
-	vunmap(cap_hdr_temp);
+	ret = efi_capsule_update(&cap_info->header, cap_info->pages);
 	if (ret) {
 		pr_err("capsule update failed\n");
 		return ret;
@@ -192,7 +185,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	cap_info->page_bytes_remain -= write_byte;
 
 	/* Setup capsule binary info structure */
-	if (!cap_info->header_obtained) {
+	if (cap_info->header.headersize == 0) {
 		ret = efi_capsule_setup_info(cap_info, kbuff,
 					     cap_info->count + write_byte);
 		if (ret)
@@ -203,7 +196,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	kunmap(page);
 
 	/* Submit the full binary to efi_capsule_update() API */
-	if (cap_info->header_obtained &&
+	if (cap_info->header.headersize > 0 &&
 	    cap_info->count >= cap_info->total_size) {
 		if (cap_info->count > cap_info->total_size) {
 			pr_err("capsule upload size exceeded header defined size\n");

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule: Remove NULL test on kmap()
  2017-06-02 13:52 ` [PATCH 07/13] efi/capsule: Remove NULL test on kmap() Ard Biesheuvel
@ 2017-06-05 17:13   ` tip-bot for Fabian Frederick
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Fabian Frederick @ 2017-06-05 17:13 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: peterz, matt, ard.biesheuvel, hock.leong.kweh, linux-kernel,
	torvalds, fabf, hpa, tglx, mingo

Commit-ID:  171fd0222957abe28e6d78de667f457376f45cf1
Gitweb:     http://git.kernel.org/tip/171fd0222957abe28e6d78de667f457376f45cf1
Author:     Fabian Frederick <fabf@skynet.be>
AuthorDate: Fri, 2 Jun 2017 13:52:01 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:40 +0200

efi/capsule: Remove NULL test on kmap()

kmap() can't fail.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Kweh Hock Leong <hock.leong.kweh@intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-8-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 4 ----
 drivers/firmware/efi/capsule.c        | 4 ----
 2 files changed, 8 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 5b012a4..2357bcd 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -170,10 +170,6 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 	page = cap_info->pages[cap_info->index - 1];
 
 	kbuff = kmap(page);
-	if (!kbuff) {
-		ret = -ENOMEM;
-		goto failed;
-	}
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;
 
 	/* Copy capsule binary data from user space to kernel space buffer */
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index 6eedff4..e603ccf 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -247,10 +247,6 @@ int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
 		efi_capsule_block_desc_t *sglist;
 
 		sglist = kmap(sg_pages[i]);
-		if (!sglist) {
-			rv = -ENOMEM;
-			goto out;
-		}
 
 		for (j = 0; j < SGLIST_PER_PAGE && count > 0; j++) {
 			u64 sz = min_t(u64, imagesize, PAGE_SIZE);

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule-loader: Redirect calls to efi_capsule_setup_info() via weak alias
  2017-06-02 13:52 ` [PATCH 08/13] efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias Ard Biesheuvel
@ 2017-06-05 17:13   ` tip-bot for Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Ard Biesheuvel @ 2017-06-05 17:13 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: torvalds, linux-kernel, hpa, mingo, pure.logic, tglx,
	ard.biesheuvel, matt, peterz

Commit-ID:  3fabd628d5ea24b02ddb1230ffca1df0f779f84e
Gitweb:     http://git.kernel.org/tip/3fabd628d5ea24b02ddb1230ffca1df0f779f84e
Author:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
AuthorDate: Fri, 2 Jun 2017 13:52:02 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:41 +0200

efi/capsule-loader: Redirect calls to efi_capsule_setup_info() via weak alias

To allow platform specific code to hook into the capsule loading
routines, indirect calls to efi_capsule_setup_info() via a weak alias
of __efi_capsule_setup_info(), allowing platforms to redefine the former
but still use the latter.

Tested-by: Bryan O'Donoghue <pure.logic@nexus-software.ie>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-9-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 56 +++++++++++++++++------------------
 include/linux/efi.h                   | 12 ++++++++
 2 files changed, 39 insertions(+), 29 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index 2357bcd..cbc35269 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -20,16 +20,6 @@
 
 #define NO_FURTHER_WRITE_ACTION -1
 
-struct capsule_info {
-	efi_capsule_header_t	header;
-	int			reset_type;
-	long			index;
-	size_t			count;
-	size_t			total_size;
-	struct page		**pages;
-	size_t			page_bytes_remain;
-};
-
 /**
  * efi_free_all_buff_pages - free all previous allocated buffer pages
  * @cap_info: pointer to current instance of capsule_info structure
@@ -46,28 +36,13 @@ static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
 }
 
-/**
- * efi_capsule_setup_info - obtain the efi capsule header in the binary and
- *			    setup capsule_info structure
- * @cap_info: pointer to current instance of capsule_info structure
- * @kbuff: a mapped first page buffer pointer
- * @hdr_bytes: the total received number of bytes for efi header
- **/
-static int efi_capsule_setup_info(struct capsule_info *cap_info,
-				  void *kbuff, size_t hdr_bytes)
+int __efi_capsule_setup_info(struct capsule_info *cap_info)
 {
 	size_t pages_needed;
 	int ret;
 	void *temp_page;
 
-	/* Only process data block that is larger than efi header size */
-	if (hdr_bytes < sizeof(efi_capsule_header_t))
-		return 0;
-
-	/* Reset back to the correct offset of header */
-	kbuff -= cap_info->count;
-	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
-	pages_needed = ALIGN(cap_info->header.imagesize, PAGE_SIZE) / PAGE_SIZE;
+	pages_needed = ALIGN(cap_info->total_size, PAGE_SIZE) / PAGE_SIZE;
 
 	if (pages_needed == 0) {
 		pr_err("invalid capsule size");
@@ -84,7 +59,6 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 		return ret;
 	}
 
-	cap_info->total_size = cap_info->header.imagesize;
 	temp_page = krealloc(cap_info->pages,
 			     pages_needed * sizeof(void *),
 			     GFP_KERNEL | __GFP_ZERO);
@@ -97,6 +71,30 @@ static int efi_capsule_setup_info(struct capsule_info *cap_info,
 }
 
 /**
+ * efi_capsule_setup_info - obtain the efi capsule header in the binary and
+ *			    setup capsule_info structure
+ * @cap_info: pointer to current instance of capsule_info structure
+ * @kbuff: a mapped first page buffer pointer
+ * @hdr_bytes: the total received number of bytes for efi header
+ *
+ * Platforms with non-standard capsule update mechanisms can override
+ * this __weak function so they can perform any required capsule
+ * image munging. See quark_quirk_function() for an example.
+ **/
+int __weak efi_capsule_setup_info(struct capsule_info *cap_info, void *kbuff,
+				  size_t hdr_bytes)
+{
+	/* Only process data block that is larger than efi header size */
+	if (hdr_bytes < sizeof(efi_capsule_header_t))
+		return 0;
+
+	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
+	cap_info->total_size = cap_info->header.imagesize;
+
+	return __efi_capsule_setup_info(cap_info);
+}
+
+/**
  * efi_capsule_submit_update - invoke the efi_capsule_update API once binary
  *			       upload done
  * @cap_info: pointer to current instance of capsule_info structure
@@ -182,7 +180,7 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 
 	/* Setup capsule binary info structure */
 	if (cap_info->header.headersize == 0) {
-		ret = efi_capsule_setup_info(cap_info, kbuff,
+		ret = efi_capsule_setup_info(cap_info, kbuff - cap_info->count,
 					     cap_info->count + write_byte);
 		if (ret)
 			goto fail_unmap;
diff --git a/include/linux/efi.h b/include/linux/efi.h
index ec36f42..a7379a2 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -137,6 +137,18 @@ struct efi_boot_memmap {
 #define EFI_CAPSULE_POPULATE_SYSTEM_TABLE	0x00020000
 #define EFI_CAPSULE_INITIATE_RESET		0x00040000
 
+struct capsule_info {
+	efi_capsule_header_t	header;
+	int			reset_type;
+	long			index;
+	size_t			count;
+	size_t			total_size;
+	struct page		**pages;
+	size_t			page_bytes_remain;
+};
+
+int __efi_capsule_setup_info(struct capsule_info *cap_info);
+
 /*
  * Allocation types for calls to boottime->allocate_pages.
  */

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule-loader: Use page addresses rather than struct page pointers
  2017-06-02 13:52   ` Ard Biesheuvel
  (?)
@ 2017-06-05 17:14   ` tip-bot for Ard Biesheuvel
  -1 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Ard Biesheuvel @ 2017-06-05 17:14 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: peterz, matt, linux-kernel, mingo, ard.biesheuvel, hpa,
	pure.logic, torvalds, tglx

Commit-ID:  2a457fb31df62c6b482f78e4f74aaed99271f44d
Gitweb:     http://git.kernel.org/tip/2a457fb31df62c6b482f78e4f74aaed99271f44d
Author:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
AuthorDate: Fri, 2 Jun 2017 13:52:03 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:41 +0200

efi/capsule-loader: Use page addresses rather than struct page pointers

To give some leeway to code that handles non-standard capsule headers,
let's keep an array of page addresses rather than struct page pointers.

This gives special implementations of efi_capsule_setup_info() the
opportunity to mangle the payload a bit before it is presented to the
firmware, without putting any knowledge of the nature of such quirks
into the generic code.

Tested-by: Bryan O'Donoghue <pure.logic@nexus-software.ie>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-10-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/capsule-loader.c | 12 ++++++++----
 drivers/firmware/efi/capsule.c        |  7 ++++---
 include/linux/efi.h                   |  4 ++--
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/drivers/firmware/efi/capsule-loader.c b/drivers/firmware/efi/capsule-loader.c
index cbc35269..ec8ac5c 100644
--- a/drivers/firmware/efi/capsule-loader.c
+++ b/drivers/firmware/efi/capsule-loader.c
@@ -20,6 +20,10 @@
 
 #define NO_FURTHER_WRITE_ACTION -1
 
+#ifndef phys_to_page
+#define phys_to_page(x)		pfn_to_page((x) >> PAGE_SHIFT)
+#endif
+
 /**
  * efi_free_all_buff_pages - free all previous allocated buffer pages
  * @cap_info: pointer to current instance of capsule_info structure
@@ -31,7 +35,7 @@
 static void efi_free_all_buff_pages(struct capsule_info *cap_info)
 {
 	while (cap_info->index > 0)
-		__free_page(cap_info->pages[--cap_info->index]);
+		__free_page(phys_to_page(cap_info->pages[--cap_info->index]));
 
 	cap_info->index = NO_FURTHER_WRITE_ACTION;
 }
@@ -161,12 +165,12 @@ static ssize_t efi_capsule_write(struct file *file, const char __user *buff,
 			goto failed;
 		}
 
-		cap_info->pages[cap_info->index++] = page;
+		cap_info->pages[cap_info->index++] = page_to_phys(page);
 		cap_info->page_bytes_remain = PAGE_SIZE;
+	} else {
+		page = phys_to_page(cap_info->pages[cap_info->index - 1]);
 	}
 
-	page = cap_info->pages[cap_info->index - 1];
-
 	kbuff = kmap(page);
 	kbuff += PAGE_SIZE - cap_info->page_bytes_remain;
 
diff --git a/drivers/firmware/efi/capsule.c b/drivers/firmware/efi/capsule.c
index e603ccf..901b930 100644
--- a/drivers/firmware/efi/capsule.c
+++ b/drivers/firmware/efi/capsule.c
@@ -214,7 +214,7 @@ efi_capsule_update_locked(efi_capsule_header_t *capsule,
  *
  * Return 0 on success, a converted EFI status code on failure.
  */
-int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
+int efi_capsule_update(efi_capsule_header_t *capsule, phys_addr_t *pages)
 {
 	u32 imagesize = capsule->imagesize;
 	efi_guid_t guid = capsule->guid;
@@ -249,10 +249,11 @@ int efi_capsule_update(efi_capsule_header_t *capsule, struct page **pages)
 		sglist = kmap(sg_pages[i]);
 
 		for (j = 0; j < SGLIST_PER_PAGE && count > 0; j++) {
-			u64 sz = min_t(u64, imagesize, PAGE_SIZE);
+			u64 sz = min_t(u64, imagesize,
+				       PAGE_SIZE - (u64)*pages % PAGE_SIZE);
 
 			sglist[j].length = sz;
-			sglist[j].data = page_to_phys(*pages++);
+			sglist[j].data = *pages++;
 
 			imagesize -= sz;
 			count--;
diff --git a/include/linux/efi.h b/include/linux/efi.h
index a7379a2..8269bcb 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -143,7 +143,7 @@ struct capsule_info {
 	long			index;
 	size_t			count;
 	size_t			total_size;
-	struct page		**pages;
+	phys_addr_t		*pages;
 	size_t			page_bytes_remain;
 };
 
@@ -1415,7 +1415,7 @@ extern int efi_capsule_supported(efi_guid_t guid, u32 flags,
 				 size_t size, int *reset);
 
 extern int efi_capsule_update(efi_capsule_header_t *capsule,
-			      struct page **pages);
+			      phys_addr_t *pages);
 
 #ifdef CONFIG_EFI_RUNTIME_MAP
 int efi_runtime_map_init(struct kobject *);

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/capsule: Add support for Quark security header
  2017-06-02 13:52 ` [PATCH 10/13] efi/capsule: Add support for Quark security header Ard Biesheuvel
  2017-06-05 15:50   ` Ingo Molnar
@ 2017-06-05 17:14   ` tip-bot for Jan Kiszka
  1 sibling, 0 replies; 46+ messages in thread
From: tip-bot for Jan Kiszka @ 2017-06-05 17:14 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: tglx, torvalds, ard.biesheuvel, jan.kiszka, pure.logic, mingo,
	linux-kernel, matt, peterz, andy.shevchenko, hpa

Commit-ID:  2959c95d510cc45b246ba727eb8fdf8b601c6eec
Gitweb:     http://git.kernel.org/tip/2959c95d510cc45b246ba727eb8fdf8b601c6eec
Author:     Jan Kiszka <jan.kiszka@siemens.com>
AuthorDate: Fri, 2 Jun 2017 13:52:04 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:42 +0200

efi/capsule: Add support for Quark security header

The firmware for Quark X102x prepends a security header to the capsule
which is needed to support the mandatory secure boot on this processor.
The header can be detected by checking for the "_CSH" signature and -
to avoid any GUID conflict - validating its size field to contain the
expected value. Then we need to look for the EFI header right after the
security header and pass the real header to __efi_capsule_setup_info.

To be minimal invasive and maximal safe, the quirk version of
efi_capsule_setup_info() is only effective on Quark processors.

Tested-by: Bryan O'Donoghue <pure.logic@nexus-software.ie>
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-11-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/x86/platform/efi/quirks.c | 137 +++++++++++++++++++++++++++++++++++++++++
 drivers/firmware/efi/Kconfig   |   9 +++
 2 files changed, 146 insertions(+)

diff --git a/arch/x86/platform/efi/quirks.c b/arch/x86/platform/efi/quirks.c
index e0cf95a..8a99a2e 100644
--- a/arch/x86/platform/efi/quirks.c
+++ b/arch/x86/platform/efi/quirks.c
@@ -15,12 +15,66 @@
 #include <asm/e820/api.h>
 #include <asm/efi.h>
 #include <asm/uv/uv.h>
+#include <asm/cpu_device_id.h>
 
 #define EFI_MIN_RESERVE 5120
 
 #define EFI_DUMMY_GUID \
 	EFI_GUID(0x4424ac57, 0xbe4b, 0x47dd, 0x9e, 0x97, 0xed, 0x50, 0xf0, 0x9f, 0x92, 0xa9)
 
+#define QUARK_CSH_SIGNATURE		0x5f435348	/* _CSH */
+#define QUARK_SECURITY_HEADER_SIZE	0x400
+
+/*
+ * Header prepended to the standard EFI capsule on Quark systems the are based
+ * on Intel firmware BSP.
+ * @csh_signature:	Unique identifier to sanity check signed module
+ * 			presence ("_CSH").
+ * @version:		Current version of CSH used. Should be one for Quark A0.
+ * @modulesize:		Size of the entire module including the module header
+ * 			and payload.
+ * @security_version_number_index: Index of SVN to use for validation of signed
+ * 			module.
+ * @security_version_number: Used to prevent against roll back of modules.
+ * @rsvd_module_id:	Currently unused for Clanton (Quark).
+ * @rsvd_module_vendor:	Vendor Identifier. For Intel products value is
+ * 			0x00008086.
+ * @rsvd_date:		BCD representation of build date as yyyymmdd, where
+ * 			yyyy=4 digit year, mm=1-12, dd=1-31.
+ * @headersize:		Total length of the header including including any
+ * 			padding optionally added by the signing tool.
+ * @hash_algo:		What Hash is used in the module signing.
+ * @cryp_algo:		What Crypto is used in the module signing.
+ * @keysize:		Total length of the key data including including any
+ * 			padding optionally added by the signing tool.
+ * @signaturesize:	Total length of the signature including including any
+ * 			padding optionally added by the signing tool.
+ * @rsvd_next_header:	32-bit pointer to the next Secure Boot Module in the
+ * 			chain, if there is a next header.
+ * @rsvd:		Reserved, padding structure to required size.
+ *
+ * See also QuartSecurityHeader_t in
+ * Quark_EDKII_v1.2.1.1/QuarkPlatformPkg/Include/QuarkBootRom.h
+ * from https://downloadcenter.intel.com/download/23197/Intel-Quark-SoC-X1000-Board-Support-Package-BSP
+ */
+struct quark_security_header {
+	u32 csh_signature;
+	u32 version;
+	u32 modulesize;
+	u32 security_version_number_index;
+	u32 security_version_number;
+	u32 rsvd_module_id;
+	u32 rsvd_module_vendor;
+	u32 rsvd_date;
+	u32 headersize;
+	u32 hash_algo;
+	u32 cryp_algo;
+	u32 keysize;
+	u32 signaturesize;
+	u32 rsvd_next_header;
+	u32 rsvd[2];
+};
+
 static efi_char16_t efi_dummy_name[6] = { 'D', 'U', 'M', 'M', 'Y', 0 };
 
 static bool efi_no_storage_paranoia;
@@ -504,3 +558,86 @@ bool efi_poweroff_required(void)
 {
 	return acpi_gbl_reduced_hardware || acpi_no_s5;
 }
+
+#ifdef CONFIG_EFI_CAPSULE_QUIRK_QUARK_CSH
+
+static int qrk_capsule_setup_info(struct capsule_info *cap_info, void **pkbuff,
+				  size_t hdr_bytes)
+{
+	struct quark_security_header *csh = *pkbuff;
+
+	/* Only process data block that is larger than the security header */
+	if (hdr_bytes < sizeof(struct quark_security_header))
+		return 0;
+
+	if (csh->csh_signature != QUARK_CSH_SIGNATURE ||
+	    csh->headersize != QUARK_SECURITY_HEADER_SIZE)
+		return 1;
+
+	/* Only process data block if EFI header is included */
+	if (hdr_bytes < QUARK_SECURITY_HEADER_SIZE +
+			sizeof(efi_capsule_header_t))
+		return 0;
+
+	pr_debug("Quark security header detected\n");
+
+	if (csh->rsvd_next_header != 0) {
+		pr_err("multiple Quark security headers not supported\n");
+		return -EINVAL;
+	}
+
+	*pkbuff += csh->headersize;
+	cap_info->total_size = csh->headersize;
+
+	/*
+	 * Update the first page pointer to skip over the CSH header.
+	 */
+	cap_info->pages[0] += csh->headersize;
+
+	return 1;
+}
+
+#define ICPU(family, model, quirk_handler) \
+	{ X86_VENDOR_INTEL, family, model, X86_FEATURE_ANY, \
+	  (unsigned long)&quirk_handler }
+
+static const struct x86_cpu_id efi_capsule_quirk_ids[] = {
+	ICPU(5, 9, qrk_capsule_setup_info),	/* Intel Quark X1000 */
+	{ }
+};
+
+int efi_capsule_setup_info(struct capsule_info *cap_info, void *kbuff,
+			   size_t hdr_bytes)
+{
+	int (*quirk_handler)(struct capsule_info *, void **, size_t);
+	const struct x86_cpu_id *id;
+	int ret;
+
+	if (hdr_bytes < sizeof(efi_capsule_header_t))
+		return 0;
+
+	cap_info->total_size = 0;
+
+	id = x86_match_cpu(efi_capsule_quirk_ids);
+	if (id) {
+		/*
+		 * The quirk handler is supposed to return
+		 *  - a value > 0 if the setup should continue, after advancing
+		 *    kbuff as needed
+		 *  - 0 if not enough hdr_bytes are available yet
+		 *  - a negative error code otherwise
+		 */
+		quirk_handler = (typeof(quirk_handler))id->driver_data;
+		ret = quirk_handler(cap_info, &kbuff, hdr_bytes);
+		if (ret <= 0)
+			return ret;
+	}
+
+	memcpy(&cap_info->header, kbuff, sizeof(cap_info->header));
+
+	cap_info->total_size += cap_info->header.imagesize;
+
+	return __efi_capsule_setup_info(cap_info);
+}
+
+#endif
diff --git a/drivers/firmware/efi/Kconfig b/drivers/firmware/efi/Kconfig
index 2e78b0b..394db40 100644
--- a/drivers/firmware/efi/Kconfig
+++ b/drivers/firmware/efi/Kconfig
@@ -112,6 +112,15 @@ config EFI_CAPSULE_LOADER
 
 	  Most users should say N.
 
+config EFI_CAPSULE_QUIRK_QUARK_CSH
+	boolean "Add support for Quark capsules with non-standard headers"
+	depends on X86 && !64BIT
+	select EFI_CAPSULE_LOADER
+	default y
+	help
+	  Add support for processing Quark X1000 EFI capsules, whose header
+	  layout deviates from the layout mandated by the UEFI specification.
+
 config EFI_TEST
 	tristate "EFI Runtime Service Tests Support"
 	depends on EFI

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/efi_test: Use memdup_user() helper
  2017-06-02 13:52   ` Ard Biesheuvel
  (?)
@ 2017-06-05 17:15   ` tip-bot for Geliang Tang
  -1 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Geliang Tang @ 2017-06-05 17:15 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: geliangtang, tglx, ard.biesheuvel, linux-kernel, mingo, ivan.hu,
	peterz, matt, hpa, torvalds

Commit-ID:  5f72cad65cfaac5e40d0de8b7f48ee647af69cd5
Gitweb:     http://git.kernel.org/tip/5f72cad65cfaac5e40d0de8b7f48ee647af69cd5
Author:     Geliang Tang <geliangtang@gmail.com>
AuthorDate: Fri, 2 Jun 2017 13:52:05 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:42 +0200

efi/efi_test: Use memdup_user() helper

Use memdup_user() helper instead of open-coding to simplify the code.

Signed-off-by: Geliang Tang <geliangtang@gmail.com>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Ivan Hu <ivan.hu@canonical.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-12-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 drivers/firmware/efi/test/efi_test.c | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/drivers/firmware/efi/test/efi_test.c b/drivers/firmware/efi/test/efi_test.c
index 8cd578f..08129b7 100644
--- a/drivers/firmware/efi/test/efi_test.c
+++ b/drivers/firmware/efi/test/efi_test.c
@@ -71,18 +71,13 @@ copy_ucs2_from_user_len(efi_char16_t **dst, efi_char16_t __user *src,
 	if (!access_ok(VERIFY_READ, src, 1))
 		return -EFAULT;
 
-	buf = kmalloc(len, GFP_KERNEL);
-	if (!buf) {
+	buf = memdup_user(src, len);
+	if (IS_ERR(buf)) {
 		*dst = NULL;
-		return -ENOMEM;
+		return PTR_ERR(buf);
 	}
 	*dst = buf;
 
-	if (copy_from_user(*dst, src, len)) {
-		kfree(buf);
-		return -EFAULT;
-	}
-
 	return 0;
 }
 

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] x86/efi: Extend CONFIG_EFI_PGT_DUMP support to x86_32 and kexec as well
  2017-06-02 13:52 ` [PATCH 12/13] x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec Ard Biesheuvel
@ 2017-06-05 17:16   ` tip-bot for Sai Praneeth
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Sai Praneeth @ 2017-06-05 17:16 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: ricardo.neri, ard.biesheuvel, mingo, tglx, sai.praneeth.prakhya,
	hpa, linux-kernel, torvalds, matt, bp, ravi.v.shankar, peterz

Commit-ID:  ac81d3de03f7d8593a94240d057c8e2e8e869897
Gitweb:     http://git.kernel.org/tip/ac81d3de03f7d8593a94240d057c8e2e8e869897
Author:     Sai Praneeth <sai.praneeth.prakhya@intel.com>
AuthorDate: Fri, 2 Jun 2017 13:52:06 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:43 +0200

x86/efi: Extend CONFIG_EFI_PGT_DUMP support to x86_32 and kexec as well

CONFIG_EFI_PGT_DUMP=y, as the name suggests, dumps EFI page tables to the
kernel log during kernel boot.

This feature is very useful while debugging page faults/null pointer
dereferences to EFI related addresses.

Presently, this feature is limited only to x86_64, so let's extend it to
other EFI configurations like kexec kernel, efi=old_map and to x86_32 as well.

This doesn't effect normal boot path because this config option should
be used only for debug purposes.

Signed-off-by: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ravi Shankar <ravi.v.shankar@intel.com>
Cc: Ricardo Neri <ricardo.neri@intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-13-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/x86/platform/efi/efi.c    | 3 ++-
 arch/x86/platform/efi/efi_32.c | 9 ++++++++-
 arch/x86/platform/efi/efi_64.c | 5 ++++-
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index 43b96f5..f084d87 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -1014,7 +1014,6 @@ static void __init __efi_enter_virtual_mode(void)
 	 * necessary relocation fixups for the new virtual addresses.
 	 */
 	efi_runtime_update_mappings();
-	efi_dump_pagetable();
 
 	/* clean DUMMY object */
 	efi_delete_dummy_variable();
@@ -1029,6 +1028,8 @@ void __init efi_enter_virtual_mode(void)
 		kexec_enter_virtual_mode();
 	else
 		__efi_enter_virtual_mode();
+
+	efi_dump_pagetable();
 }
 
 /*
diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c
index 3481268..52f7faa 100644
--- a/arch/x86/platform/efi/efi_32.c
+++ b/arch/x86/platform/efi/efi_32.c
@@ -44,7 +44,14 @@ int __init efi_alloc_page_tables(void)
 }
 
 void efi_sync_low_kernel_mappings(void) {}
-void __init efi_dump_pagetable(void) {}
+
+void __init efi_dump_pagetable(void)
+{
+#ifdef CONFIG_EFI_PGT_DUMP
+	ptdump_walk_pgd_level(NULL, swapper_pg_dir);
+#endif
+}
+
 int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
 {
 	return 0;
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index eb8dff1..8ff1f95 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -589,7 +589,10 @@ void __init efi_runtime_update_mappings(void)
 void __init efi_dump_pagetable(void)
 {
 #ifdef CONFIG_EFI_PGT_DUMP
-	ptdump_walk_pgd_level(NULL, efi_pgd);
+	if (efi_enabled(EFI_OLD_MEMMAP))
+		ptdump_walk_pgd_level(NULL, swapper_pg_dir);
+	else
+		ptdump_walk_pgd_level(NULL, efi_pgd);
 #endif
 }
 

^ permalink raw reply related	[flat|nested] 46+ messages in thread

* [tip:efi/core] efi/arm: Enable DMI/SMBIOS
  2017-06-02 13:52 ` [PATCH 13/13] efi: arm: enable DMI/SMBIOS Ard Biesheuvel
@ 2017-06-05 17:16   ` tip-bot for Ard Biesheuvel
  0 siblings, 0 replies; 46+ messages in thread
From: tip-bot for Ard Biesheuvel @ 2017-06-05 17:16 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: peterz, linux-kernel, torvalds, ard.biesheuvel, matt, rmk+kernel,
	hpa, mingo, tglx

Commit-ID:  bb817bef3b1989a9cdb40362cfb8d2aa224ac1bc
Gitweb:     http://git.kernel.org/tip/bb817bef3b1989a9cdb40362cfb8d2aa224ac1bc
Author:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
AuthorDate: Fri, 2 Jun 2017 13:52:07 +0000
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 5 Jun 2017 17:50:44 +0200

efi/arm: Enable DMI/SMBIOS

Wire up the existing arm64 support for SMBIOS tables (aka DMI) for ARM as
well, by moving the arm64 init code to drivers/firmware/efi/arm-runtime.c
(which is shared between ARM and arm64), and adding a asm/dmi.h header to
ARM that defines the mapping routines for the firmware tables.

This allows userspace to access these tables to discover system information
exposed by the firmware. It also sets the hardware name used in crash
dumps, e.g.:

  Unable to handle kernel NULL pointer dereference at virtual address 00000000
  pgd = ed3c0000
  [00000000] *pgd=bf1f3835
  Internal error: Oops: 817 [#1] SMP THUMB2
  Modules linked in:
  CPU: 0 PID: 759 Comm: bash Not tainted 4.10.0-09601-g0e8f38792120-dirty #112
  Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015
  ^^^

NOTE: This does *NOT* enable or encourage the use of DMI quirks, i.e., the
      the practice of identifying the platform via DMI to decide whether
      certain workarounds for buggy hardware and/or firmware need to be
      enabled. This would require the DMI subsystem to be enabled much
      earlier than we do on ARM, which is non-trivial.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Russell King <rmk+kernel@armlinux.org.uk>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20170602135207.21708-14-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/arm/Kconfig                   | 17 +++++++++++++++++
 arch/arm/include/asm/dmi.h         | 19 +++++++++++++++++++
 arch/arm64/kernel/efi.c            | 15 ---------------
 drivers/firmware/efi/arm-runtime.c | 16 ++++++++++++++++
 4 files changed, 52 insertions(+), 15 deletions(-)

diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 4c1a35f..dabcaeb 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -2061,6 +2061,23 @@ config EFI
 	  is only useful for kernels that may run on systems that have
 	  UEFI firmware.
 
+config DMI
+	bool "Enable support for SMBIOS (DMI) tables"
+	depends on EFI
+	default y
+	help
+	  This enables SMBIOS/DMI feature for systems.
+
+	  This option is only useful on systems that have UEFI firmware.
+	  However, even with this option, the resultant kernel should
+	  continue to boot on existing non-UEFI platforms.
+
+	  NOTE: This does *NOT* enable or encourage the use of DMI quirks,
+	  i.e., the the practice of identifying the platform via DMI to
+	  decide whether certain workarounds for buggy hardware and/or
+	  firmware need to be enabled. This would require the DMI subsystem
+	  to be enabled much earlier than we do on ARM, which is non-trivial.
+
 endmenu
 
 menu "CPU Power Management"
diff --git a/arch/arm/include/asm/dmi.h b/arch/arm/include/asm/dmi.h
new file mode 100644
index 0000000..df2d2ff
--- /dev/null
+++ b/arch/arm/include/asm/dmi.h
@@ -0,0 +1,19 @@
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __ASM_DMI_H
+#define __ASM_DMI_H
+
+#include <linux/io.h>
+#include <linux/slab.h>
+
+#define dmi_early_remap(x, l)		memremap(x, l, MEMREMAP_WB)
+#define dmi_early_unmap(x, l)		memunmap(x)
+#define dmi_remap(x, l)			memremap(x, l, MEMREMAP_WB)
+#define dmi_unmap(x)			memunmap(x)
+#define dmi_alloc(l)			kzalloc(l, GFP_KERNEL)
+
+#endif
diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 5d17f37..82cd075 100644
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -11,7 +11,6 @@
  *
  */
 
-#include <linux/dmi.h>
 #include <linux/efi.h>
 #include <linux/init.h>
 
@@ -117,20 +116,6 @@ int __init efi_set_mapping_permissions(struct mm_struct *mm,
 				   set_permissions, md);
 }
 
-static int __init arm64_dmi_init(void)
-{
-	/*
-	 * On arm64, DMI depends on UEFI, and dmi_scan_machine() needs to
-	 * be called early because dmi_id_init(), which is an arch_initcall
-	 * itself, depends on dmi_scan_machine() having been called already.
-	 */
-	dmi_scan_machine();
-	if (dmi_available)
-		dmi_set_dump_stack_arch_desc();
-	return 0;
-}
-core_initcall(arm64_dmi_init);
-
 /*
  * UpdateCapsule() depends on the system being shutdown via
  * ResetSystem().
diff --git a/drivers/firmware/efi/arm-runtime.c b/drivers/firmware/efi/arm-runtime.c
index 974c5a3..1cc41c3 100644
--- a/drivers/firmware/efi/arm-runtime.c
+++ b/drivers/firmware/efi/arm-runtime.c
@@ -11,6 +11,7 @@
  *
  */
 
+#include <linux/dmi.h>
 #include <linux/efi.h>
 #include <linux/io.h>
 #include <linux/memblock.h>
@@ -166,3 +167,18 @@ void efi_virtmap_unload(void)
 	efi_set_pgd(current->active_mm);
 	preempt_enable();
 }
+
+
+static int __init arm_dmi_init(void)
+{
+	/*
+	 * On arm64/ARM, DMI depends on UEFI, and dmi_scan_machine() needs to
+	 * be called early because dmi_id_init(), which is an arch_initcall
+	 * itself, depends on dmi_scan_machine() having been called already.
+	 */
+	dmi_scan_machine();
+	if (dmi_available)
+		dmi_set_dump_stack_arch_desc();
+	return 0;
+}
+core_initcall(arm_dmi_init);

^ permalink raw reply related	[flat|nested] 46+ messages in thread

end of thread, other threads:[~2017-06-05 17:23 UTC | newest]

Thread overview: 46+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-02 13:51 [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
2017-06-02 13:51 ` [PATCH 01/13] x86/efi: Clean up efi CR3 save/restore Ard Biesheuvel
2017-06-02 13:51   ` Ard Biesheuvel
2017-06-05 15:40   ` Ingo Molnar
2017-06-05 15:40     ` Ingo Molnar
2017-06-05 16:03     ` Ard Biesheuvel
2017-06-05 16:03       ` Ard Biesheuvel
2017-06-05 16:14       ` Andy Lutomirski
2017-06-02 13:51 ` [PATCH 02/13] efi/capsule: Fix return code on failing kmap/vmap Ard Biesheuvel
2017-06-05 17:10   ` [tip:efi/core] " tip-bot for Jan Kiszka
2017-06-02 13:51 ` [PATCH 03/13] efi/capsule: Remove pr_debug on ENOMEM or EFAULT Ard Biesheuvel
2017-06-02 13:51   ` Ard Biesheuvel
2017-06-05 17:10   ` [tip:efi/core] efi/capsule: Remove pr_debug() " tip-bot for Jan Kiszka
2017-06-02 13:51 ` [PATCH 04/13] efi/capsule: Clean up pr_err/info messages Ard Biesheuvel
2017-06-05 17:11   ` [tip:efi/core] efi/capsule: Clean up pr_err/_info() messages tip-bot for Jan Kiszka
2017-06-02 13:51 ` [PATCH 05/13] efi/capsule: Adjust return type of efi_capsule_setup_info Ard Biesheuvel
2017-06-05 17:12   ` [tip:efi/core] efi/capsule: Adjust return type of efi_capsule_setup_info() tip-bot for Jan Kiszka
2017-06-02 13:52 ` [PATCH 06/13] efi/capsule-loader: Use a cached copy of the capsule header Ard Biesheuvel
2017-06-05 17:12   ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2017-06-02 13:52 ` [PATCH 07/13] efi/capsule: Remove NULL test on kmap() Ard Biesheuvel
2017-06-05 17:13   ` [tip:efi/core] " tip-bot for Fabian Frederick
2017-06-02 13:52 ` [PATCH 08/13] efi/capsule-loader: Redirect calls to efi_capsule_setup_info via weak alias Ard Biesheuvel
2017-06-05 17:13   ` [tip:efi/core] efi/capsule-loader: Redirect calls to efi_capsule_setup_info() " tip-bot for Ard Biesheuvel
2017-06-02 13:52 ` [PATCH 09/13] efi/capsule-loader: Use page addresses rather than struct page pointers Ard Biesheuvel
2017-06-02 13:52   ` Ard Biesheuvel
2017-06-05 17:14   ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2017-06-02 13:52 ` [PATCH 10/13] efi/capsule: Add support for Quark security header Ard Biesheuvel
2017-06-05 15:50   ` Ingo Molnar
2017-06-05 16:00     ` Ard Biesheuvel
2017-06-05 16:00       ` Ard Biesheuvel
2017-06-05 16:11       ` Ingo Molnar
2017-06-05 17:14   ` [tip:efi/core] " tip-bot for Jan Kiszka
2017-06-02 13:52 ` [PATCH 11/13] efi/efi_test: Use memdup_user() helper Ard Biesheuvel
2017-06-02 13:52   ` Ard Biesheuvel
2017-06-05 17:15   ` [tip:efi/core] " tip-bot for Geliang Tang
2017-06-02 13:52 ` [PATCH 12/13] x86/efi: Add EFI_PGT_DUMP support for x86_32 and kexec Ard Biesheuvel
2017-06-05 17:16   ` [tip:efi/core] x86/efi: Extend CONFIG_EFI_PGT_DUMP support to x86_32 and kexec as well tip-bot for Sai Praneeth
2017-06-02 13:52 ` [PATCH 13/13] efi: arm: enable DMI/SMBIOS Ard Biesheuvel
2017-06-05 17:16   ` [tip:efi/core] efi/arm: Enable DMI/SMBIOS tip-bot for Ard Biesheuvel
2017-06-05  8:15 ` [GIT PULL 00/13] First batch of EFI updates for v4.13 Ard Biesheuvel
2017-06-05  9:07   ` Ingo Molnar
2017-06-05  9:07     ` Ingo Molnar
2017-06-05  9:35     ` Ard Biesheuvel
2017-06-05  9:35       ` Ard Biesheuvel
2017-06-05 15:53       ` Ingo Molnar
2017-06-05 15:53         ` Ingo Molnar

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.