[GIT PULL 0/2] Final EFI fixes for v4.20

[GIT PULL 0/2] Final EFI fixes for v4.20

[Ard Biesheuvel]

The following changes since commit 7566ec393f4161572ba6f11ad5171fd5d59b0fbd:

  Linux 4.20-rc7 (2018-12-16 15:46:55 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git tags/efi-urgent

for you to fetch changes up to 7b671e6a4917594a4e9ffd64111b8ac2e0323837:

  efi: efi_guid_t must be 64-bit aligned (2018-12-17 10:42:26 +0100)

Note that applying Qian's patch will result in a conflict with the EFI
changes queued for the next window - the solution is to simply drop the
kmemleak_ignore() call since it is not required for page based
allocations.

----------------------------------------------------------------
Final EFI fixes for v4.20:
- prevent false positives from kmemleak for persistent memory reservations
- use the correct alignment for EFI GUIDs, preventing potential crashes in
  firmware calls on 32-bit ARM

----------------------------------------------------------------
Heinrich Schuchardt (1):
      efi: efi_guid_t must be 64-bit aligned

Qian Cai (1):
      efi: let kmemleak ignore false positives

 drivers/firmware/efi/efi.c | 3 +++
 include/linux/efi.h        | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

[PATCH 1/2] efi: let kmemleak ignore false positives

[Ard Biesheuvel]

From: Qian Cai <cai@gmx.us>

unreferenced object 0xffff8096c1acf580 (size 128):
  comm "swapper/63", pid 0, jiffies 4294937418 (age 1201.230s)
  hex dump (first 32 bytes):
    80 87 b5 c1 96 00 00 00 00 00 cc c2 16 00 00 00  ................
    00 00 01 00 00 00 00 00 6b 6b 6b 6b 6b 6b 6b 6b  ........kkkkkkkk
  backtrace:
    [<000000001d2549ba>] kmem_cache_alloc_trace+0x430/0x500
    [<0000000093a6dfab>] efi_mem_reserve_persistent+0x50/0xf8
    [<000000000a730828>] its_cpu_init_lpis+0x394/0x4b8
    [<00000000edf04e07>] its_cpu_init+0x104/0x150
    [<000000004d0342c5>] gic_starting_cpu+0x34/0x40
    [<000000005d9da772>] cpuhp_invoke_callback+0x228/0x1d68
    [<0000000061eace9b>] notify_cpu_starting+0xc0/0x118
    [<0000000048bc2dc5>] secondary_start_kernel+0x23c/0x3b0
    [<0000000015137d6a>] 0xffffffffffffffff

efi_mem_reserve_persistent+0x50/0xf8:
kmalloc at include/linux/slab.h:546
(inlined by) efi_mem_reserve_persistent at drivers/firmware/efi/efi.c:979

This line,

rsv = kmalloc(sizeof(*rsv), GFP_ATOMIC);

Kmemleak has a known limitation that can only track pointers in the kernel
virtual space. Hence, it will report false positives due to "rsv" will only
reference to other physical addresses,

rsv->next = efi_memreserve_root->next;
efi_memreserve_root->next = __pa(rsv);

Signed-off-by: Qian Cai <cai@gmx.us>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 drivers/firmware/efi/efi.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
index 415849bab233..7fcfe8a7ae98 100644
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -31,6 +31,7 @@
 #include <linux/acpi.h>
 #include <linux/ucs2_string.h>
 #include <linux/memblock.h>
+#include <linux/kmemleak.h>
 
 #include <asm/early_ioremap.h>
 
@@ -1000,6 +1001,8 @@ int __ref efi_mem_reserve_persistent(phys_addr_t addr, u64 size)
 	if (!rsv)
 		return -ENOMEM;
 
+	kmemleak_ignore(rsv);
+
 	rsv->base = addr;
 	rsv->size = size;
 
-- 
2.17.1

[PATCH 2/2] efi: efi_guid_t must be 64-bit aligned

[Ard Biesheuvel]

From: Heinrich Schuchardt <xypron.glpk@gmx.de>

The UEFI Specification Version 2.7 Errata A defines:

"EFI_GUID
128-bit buffer containing a unique identifier value.
Unless otherwise specified, aligned on a 64-bit boundary."

Before this patch efi_guid_t was 8-bit aligned.

Note that this could potentially trigger alignment faults during
EFI runtime services calls on 32-bit ARM, given that it does not
permit load/store double or load/store multiple instructions to
operate on memory addresses that are not 32-bit aligned.

Cc: <stable@vger.kernel.org> # v4.9+, or earlier if possible
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 include/linux/efi.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/linux/efi.h b/include/linux/efi.h
index 100ce4a4aff6..e6480c805932 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -48,7 +48,7 @@ typedef u16 efi_char16_t;		/* UNICODE character */
 typedef u64 efi_physical_addr_t;
 typedef void *efi_handle_t;
 
-typedef guid_t efi_guid_t;
+typedef guid_t efi_guid_t __aligned(8);
 
 #define EFI_GUID(a,b,c,d0,d1,d2,d3,d4,d5,d6,d7) \
 	GUID_INIT(a, b, c, d0, d1, d2, d3, d4, d5, d6, d7)
-- 
2.17.1

Re: [PATCH 2/2] efi: efi_guid_t must be 64-bit aligned

[Ard Biesheuvel]

On Tue, 18 Dec 2018 at 21:41, Sasha Levin <sashal@kernel.org> wrote:
>
> Hi,
>
> [This is an automated email]
>
> This commit has been processed because it contains a -stable tag.
> The stable tag indicates that it's relevant for the following trees: all
>
> The bot has tested the following trees: v4.19.10, v4.14.89, v4.9.146, v4.4.168, v3.18.130,
>

Please disregard this patch for -stable until we decide how we are
going to fix the 32-bit array packing issue.


> v4.19.10: Build OK!
> v4.14.89: Build OK!
> v4.9.146: Failed to apply! Possible dependencies:
>     2f74f09bce4f ("efi: parse ARM processor error")
>     5b53696a30d5 ("ACPI / APEI: Switch to use new generic UUID API")
>     bbcc2e7b642e ("ras: acpi/apei: cper: add support for generic data v3 structure")
>     c0020756315e ("efi: switch to use new generic UUID API")
>
> v4.4.168: Failed to apply! Possible dependencies:
>     2c23b73c2d02 ("x86/efi: Prepare GOP handling code for reuse as generic code")
>     2f74f09bce4f ("efi: parse ARM processor error")
>     5b53696a30d5 ("ACPI / APEI: Switch to use new generic UUID API")
>     ba7e34b1bbd2 ("include/linux/efi.h: redefine type, constant, macro from generic code")
>     bbcc2e7b642e ("ras: acpi/apei: cper: add support for generic data v3 structure")
>     c0020756315e ("efi: switch to use new generic UUID API")
>
> v3.18.130: Failed to apply! Possible dependencies:
>     1bd0abb0c924 ("arm64/efi: set EFI_ALLOC_ALIGN to 64 KB")
>     23a0d4e8fa6d ("efi: Disable interrupts around EFI calls, not in the epilog/prolog calls")
>     2c23b73c2d02 ("x86/efi: Prepare GOP handling code for reuse as generic code")
>     2f74f09bce4f ("efi: parse ARM processor error")
>     4c62360d7562 ("efi: Handle memory error structures produced based on old versions of standard")
>     4ee20980812b ("arm64: fix data type for physical address")
>     5b53696a30d5 ("ACPI / APEI: Switch to use new generic UUID API")
>     60305db98845 ("arm64/efi: move virtmap init to early initcall")
>     744937b0b12a ("efi: Clean up the efi_call_phys_[prolog|epilog]() save/restore interaction")
>     790a2ee24278 ("Merge tag 'efi-next' of git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi into core/efi")
>     8a53554e12e9 ("x86/efi: Fix multiple GOP device support")
>     8ce837cee8f5 ("arm64/mm: add create_pgd_mapping() to create private page tables")
>     9679be103108 ("arm64/efi: remove idmap manipulations from UEFI code")
>     a352ea3e197b ("arm64/efi: set PE/COFF file alignment to 512 bytes")
>     b05b9f5f9dcf ("x86, mirror: x86 enabling - find mirrored memory ranges")
>     ba7e34b1bbd2 ("include/linux/efi.h: redefine type, constant, macro from generic code")
>     bbcc2e7b642e ("ras: acpi/apei: cper: add support for generic data v3 structure")
>     c0020756315e ("efi: switch to use new generic UUID API")
>     d1ae8c005792 ("arm64: dmi: Add SMBIOS/DMI support")
>     da141706aea5 ("arm64: add better page protections to arm64")
>     e1e1fddae74b ("arm64/mm: add explicit struct_mm argument to __create_mapping()")
>     ea6bc80d1819 ("arm64/efi: set PE/COFF section alignment to 4 KB")
>     f3cdfd239da5 ("arm64/efi: move SetVirtualAddressMap() to UEFI stub")
>
>
> How should we proceed with this patch?
>
> --
> Thanks,
> Sasha

Re: [PATCH 2/2] efi: efi_guid_t must be 64-bit aligned

[Sasha Levin]

On Wed, Dec 19, 2018 at 11:07:53AM +0100, Ard Biesheuvel wrote:
>On Tue, 18 Dec 2018 at 21:41, Sasha Levin <sashal@kernel.org> wrote:
>>
>> Hi,
>>
>> [This is an automated email]
>>
>> This commit has been processed because it contains a -stable tag.
>> The stable tag indicates that it's relevant for the following trees: all
>>
>> The bot has tested the following trees: v4.19.10, v4.14.89, v4.9.146, v4.4.168, v3.18.130,
>>
>
>Please disregard this patch for -stable until we decide how we are
>going to fix the 32-bit array packing issue.

No worries, we won't take any patches until they are actually upstream.
These mails just help us get more responses with regards to how
backports should be done.