From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752907AbcD1Kgm (ORCPT ); Thu, 28 Apr 2016 06:36:42 -0400 Received: from terminus.zytor.com ([198.137.202.10]:47656 "EHLO terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752462AbcD1Kgk (ORCPT ); Thu, 28 Apr 2016 06:36:40 -0400 Date: Thu, 28 Apr 2016 03:35:36 -0700 From: tip-bot for Ard Biesheuvel Message-ID: Cc: ard.biesheuvel@linaro.org, tglx@linutronix.de, leif.lindholm@linaro.org, will.deacon@arm.com, pjones@redhat.com, mark.rutland@arm.com, linux-kernel@vger.kernel.org, mingo@kernel.org, hpa@zytor.com, matt@codeblueprint.co.uk, catalin.marinas@arm.com, sai.praneeth.prakhya@intel.com, bp@alien8.de, peterz@infradead.org Reply-To: tglx@linutronix.de, ard.biesheuvel@linaro.org, mark.rutland@arm.com, pjones@redhat.com, will.deacon@arm.com, leif.lindholm@linaro.org, mingo@kernel.org, linux-kernel@vger.kernel.org, hpa@zytor.com, matt@codeblueprint.co.uk, bp@alien8.de, peterz@infradead.org, catalin.marinas@arm.com, sai.praneeth.prakhya@intel.com In-Reply-To: <1461614832-17633-15-git-send-email-matt@codeblueprint.co.uk> References: <1461614832-17633-15-git-send-email-matt@codeblueprint.co.uk> To: linux-tip-commits@vger.kernel.org Subject: [tip:efi/core] efi/arm*: Take the Memory Attributes table into account Git-Commit-ID: 789957ef72f976cb325e9057225fc4e9c4513060 X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Commit-ID: 789957ef72f976cb325e9057225fc4e9c4513060 Gitweb: http://git.kernel.org/tip/789957ef72f976cb325e9057225fc4e9c4513060 Author: Ard Biesheuvel AuthorDate: Mon, 25 Apr 2016 21:06:46 +0100 Committer: Ingo Molnar CommitDate: Thu, 28 Apr 2016 11:33:55 +0200 efi/arm*: Take the Memory Attributes table into account Call into the generic memory attributes table support code at the appropriate times during the init sequence so that the UEFI Runtime Services region are mapped according to the strict permissions it specifies. Signed-off-by: Ard Biesheuvel Signed-off-by: Matt Fleming Cc: Borislav Petkov Cc: Catalin Marinas Cc: Leif Lindholm Cc: Mark Rutland Cc: Peter Jones Cc: Peter Zijlstra Cc: Sai Praneeth Prakhya Cc: Thomas Gleixner Cc: Will Deacon Cc: linux-efi@vger.kernel.org Link: http://lkml.kernel.org/r/1461614832-17633-15-git-send-email-matt@codeblueprint.co.uk Signed-off-by: Ingo Molnar --- arch/arm64/include/asm/efi.h | 2 ++ drivers/firmware/efi/arm-init.c | 1 + drivers/firmware/efi/arm-runtime.c | 10 ++++++++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/arch/arm64/include/asm/efi.h b/arch/arm64/include/asm/efi.h index 8e88a69..4dafc89 100644 --- a/arch/arm64/include/asm/efi.h +++ b/arch/arm64/include/asm/efi.h @@ -14,6 +14,8 @@ extern void efi_init(void); int efi_create_mapping(struct mm_struct *mm, efi_memory_desc_t *md); +#define efi_set_mapping_permissions efi_create_mapping + #define efi_call_virt(f, ...) \ ({ \ efi_##f##_t *__f; \ diff --git a/drivers/firmware/efi/arm-init.c b/drivers/firmware/efi/arm-init.c index a84dddb..909d974 100644 --- a/drivers/firmware/efi/arm-init.c +++ b/drivers/firmware/efi/arm-init.c @@ -206,6 +206,7 @@ void __init efi_init(void) return; reserve_regions(); + efi_memattr_init(); early_memunmap(efi.memmap.map, params.mmap_size); if (IS_ENABLED(CONFIG_ARM)) { diff --git a/drivers/firmware/efi/arm-runtime.c b/drivers/firmware/efi/arm-runtime.c index 19283de..17ccf0a 100644 --- a/drivers/firmware/efi/arm-runtime.c +++ b/drivers/firmware/efi/arm-runtime.c @@ -77,9 +77,15 @@ static bool __init efi_virtmap_init(void) systab_found = true; } } - if (!systab_found) + if (!systab_found) { pr_err("No virtual mapping found for the UEFI System Table\n"); - return systab_found; + return false; + } + + if (efi_memattr_apply_permissions(&efi_mm, efi_set_mapping_permissions)) + return false; + + return true; } /*