linux-efi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Ard Biesheuvel <ardb@kernel.org>
To: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: linux-efi <linux-efi@vger.kernel.org>,
	"James E.J. Bottomley" <James.Bottomley@hansenpartnership.com>,
	Peter Jones <pjones@redhat.com>,
	Arvind Sankar <nivedita@alum.mit.edu>,
	Matthew Garrett <mjg59@google.com>,
	Daniel Kiper <daniel.kiper@oracle.com>,
	Leif Lindholm <leif@nuviainc.com>
Subject: Re: [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count
Date: Thu, 2 Sep 2021 10:27:19 +0200	[thread overview]
Message-ID: <CAMj1kXEuFOKeiSPFzAtd1tmog-sBuUUg3cqAGtHn9KgiinwL1g@mail.gmail.com> (raw)
In-Reply-To: <20210902080416.5461-3-ilias.apalodimas@linaro.org>

On Thu, 2 Sept 2021 at 10:04, Ilias Apalodimas
<ilias.apalodimas@linaro.org> wrote:
>
> From: Ard Biesheuvel <ardb@kernel.org>
>
> Increase the number of arguments supported by mixed mode calls, so that
> we will be able to call into the TCG2 protocol to measure the initrd
> and extend the associated PCR. This involves the TCG2 protocol's
> hash_log_extend_event() method, which takes five arguments, three of
> which are u64 and need to be split, producing a total of 8 outgoing
> arguments.
>
> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>

Does this still apply cleanly? There was a last minute fix that went
into v5.14 that looked like it would conflict with this.

> ---
>  arch/x86/boot/compressed/efi_thunk_64.S | 17 ++++++++++++-----
>  arch/x86/include/asm/efi.h              | 10 ++++++----
>  arch/x86/platform/efi/efi_thunk_64.S    | 14 ++++++++++++--
>  3 files changed, 30 insertions(+), 11 deletions(-)
>
> diff --git a/arch/x86/boot/compressed/efi_thunk_64.S b/arch/x86/boot/compressed/efi_thunk_64.S
> index 95a223b3e56a..fec6c48d6b30 100644
> --- a/arch/x86/boot/compressed/efi_thunk_64.S
> +++ b/arch/x86/boot/compressed/efi_thunk_64.S
> @@ -27,8 +27,6 @@ SYM_FUNC_START(__efi64_thunk)
>         push    %rbp
>         push    %rbx
>
> -       leaq    1f(%rip), %rbp
> -
>         movl    %ds, %eax
>         push    %rax
>         movl    %es, %eax
> @@ -36,19 +34,28 @@ SYM_FUNC_START(__efi64_thunk)
>         movl    %ss, %eax
>         push    %rax
>
> +       movq    0x30(%rsp), %rbp
> +       movq    0x38(%rsp), %rbx
> +       movq    0x40(%rsp), %rax
> +
>         /*
>          * Convert x86-64 ABI params to i386 ABI
>          */
> -       subq    $32, %rsp
> +       subq    $48, %rsp
>         movl    %esi, 0x0(%rsp)
>         movl    %edx, 0x4(%rsp)
>         movl    %ecx, 0x8(%rsp)
>         movl    %r8d, 0xc(%rsp)
>         movl    %r9d, 0x10(%rsp)
> +       movl    %ebp, 0x14(%rsp)
> +       movl    %ebx, 0x18(%rsp)
> +       movl    %eax, 0x1c(%rsp)
>
> -       leaq    0x14(%rsp), %rbx
> +       leaq    0x20(%rsp), %rbx
>         sgdt    (%rbx)
>
> +       leaq    1f(%rip), %rbp
> +
>         /*
>          * Switch to gdt with 32-bit segments. This is the firmware GDT
>          * that was installed when the kernel started executing. This
> @@ -67,7 +74,7 @@ SYM_FUNC_START(__efi64_thunk)
>         pushq   %rax
>         lretq
>
> -1:     addq    $32, %rsp
> +1:     addq    $48, %rsp
>         movq    %rdi, %rax
>
>         pop     %rbx
> diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
> index 85f156f8ef81..a323dbac9182 100644
> --- a/arch/x86/include/asm/efi.h
> +++ b/arch/x86/include/asm/efi.h
> @@ -46,13 +46,14 @@ extern unsigned long efi_mixed_mode_stack_pa;
>
>  #define __efi_nargs(...) __efi_nargs_(__VA_ARGS__)
>  #define __efi_nargs_(...) __efi_nargs__(0, ##__VA_ARGS__,      \
> +       __efi_arg_sentinel(9), __efi_arg_sentinel(8),           \
>         __efi_arg_sentinel(7), __efi_arg_sentinel(6),           \
>         __efi_arg_sentinel(5), __efi_arg_sentinel(4),           \
>         __efi_arg_sentinel(3), __efi_arg_sentinel(2),           \
>         __efi_arg_sentinel(1), __efi_arg_sentinel(0))
> -#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, n, ...)  \
> +#define __efi_nargs__(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, n, ...)  \
>         __take_second_arg(n,                                    \
> -               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 8; }))
> +               ({ BUILD_BUG_ON_MSG(1, "__efi_nargs limit exceeded"); 10; }))
>  #define __efi_arg_sentinel(n) , n
>
>  /*
> @@ -176,8 +177,9 @@ extern u64 efi_setup;
>  extern efi_status_t __efi64_thunk(u32, ...);
>
>  #define efi64_thunk(...) ({                                            \
> -       __efi_nargs_check(efi64_thunk, 6, __VA_ARGS__);                 \
> -       __efi64_thunk(__VA_ARGS__);                                     \
> +       u64 __pad[3]; /* must have space for 3 args on the stack */     \
> +       __efi_nargs_check(efi64_thunk, 9, __VA_ARGS__);                 \
> +       __efi64_thunk(__VA_ARGS__, __pad);                              \
>  })
>
>  static inline bool efi_is_mixed(void)
> diff --git a/arch/x86/platform/efi/efi_thunk_64.S b/arch/x86/platform/efi/efi_thunk_64.S
> index fd3dd1708eba..5b7c6e09954e 100644
> --- a/arch/x86/platform/efi/efi_thunk_64.S
> +++ b/arch/x86/platform/efi/efi_thunk_64.S
> @@ -36,6 +36,17 @@ SYM_CODE_START(__efi64_thunk)
>         movq    efi_mixed_mode_stack_pa(%rip), %rsp
>         push    %rax
>
> +       /*
> +        * Copy args passed via the stack
> +        */
> +       subq    $0x24, %rsp
> +       movq    0x18(%rax), %rbp
> +       movq    0x20(%rax), %rbx
> +       movq    0x28(%rax), %rax
> +       movl    %ebp, 0x18(%rsp)
> +       movl    %ebx, 0x1c(%rsp)
> +       movl    %eax, 0x20(%rsp)
> +
>         /*
>          * Calculate the physical address of the kernel text.
>          */
> @@ -47,7 +58,6 @@ SYM_CODE_START(__efi64_thunk)
>         subq    %rax, %rbp
>         subq    %rax, %rbx
>
> -       subq    $28, %rsp
>         movl    %ebx, 0x0(%rsp)         /* return address */
>         movl    %esi, 0x4(%rsp)
>         movl    %edx, 0x8(%rsp)
> @@ -60,7 +70,7 @@ SYM_CODE_START(__efi64_thunk)
>         pushq   %rdi                    /* EFI runtime service address */
>         lretq
>
> -1:     movq    24(%rsp), %rsp
> +1:     movq    0x20(%rsp), %rsp
>         pop     %rbx
>         pop     %rbp
>         retq
> --
> 2.32.0.rc0
>

  reply	other threads:[~2021-09-02  8:27 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-02  8:04 [PATCH 0/4 v2] efi/libstub: measure initrd data loaded by the EFI stub Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 1/4 v2] efi/libstub: add prototype of efi_tcg2_protocol::hash_log_extend_event() Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 2/4 v2] efi/libstub: x86/mixed: increase supported argument count Ilias Apalodimas
2021-09-02  8:27   ` Ard Biesheuvel [this message]
2021-09-02  8:37     ` Ilias Apalodimas
2021-09-02  8:39       ` Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 3/4 v2] efi/libstub: consolidate initrd handling across architectures Ilias Apalodimas
2021-09-02  8:04 ` [PATCH 4/4 v2] efi/libstub: measure loaded initrd info into the TPM Ilias Apalodimas

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAMj1kXEuFOKeiSPFzAtd1tmog-sBuUUg3cqAGtHn9KgiinwL1g@mail.gmail.com \
    --to=ardb@kernel.org \
    --cc=James.Bottomley@hansenpartnership.com \
    --cc=daniel.kiper@oracle.com \
    --cc=ilias.apalodimas@linaro.org \
    --cc=leif@nuviainc.com \
    --cc=linux-efi@vger.kernel.org \
    --cc=mjg59@google.com \
    --cc=nivedita@alum.mit.edu \
    --cc=pjones@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).