[PATCH] efi: Add missing __nocfi annotations to runtime wrappers
Nathan Chancellor
nathan at kernel.org
Tue Jun 4 23:06:18 PDT 2024
On Tue, Jun 04, 2024 at 11:26:51PM +0200, Ard Biesheuvel wrote:
> On Tue, 4 Jun 2024 at 23:05, Linus Walleij <linus.walleij at linaro.org> wrote:
> >
> > On Tue, Jun 4, 2024 at 5:56 PM Ard Biesheuvel <ardb+git at google.com> wrote:
> >
> > > From: Ard Biesheuvel <ardb at kernel.org>
> > >
> > > The EFI runtime wrappers are a sandbox for calling into EFI runtime
> > > services, which are invoked using indirect calls. When running with kCFI
> > > enabled, the compiler will require the target of any indirect call to be
> > > type annotated.
> > >
> > > Given that the EFI runtime services prototypes and calling convention
> > > are governed by the EFI spec, not the Linux kernel, adding such type
> > > annotations for firmware routines is infeasible, and so the compiler
> > > must be informed that prototype validation should be omitted.
> > >
> > > Add the __nocfi annotation at the appropriate places in the EFI runtime
> > > wrapper code to achieve this.
> > >
> > > Note that this currently only affects 32-bit ARM, given that other
> > > architectures that support both kCFI and EFI use an asm wrapper to call
> > > EFI runtime services, and this hides the indirect call from the
> > > compiler.
> > >
> > > Cc: Kees Cook <keescook at chromium.org>
> > > Cc: Sami Tolvanen <samitolvanen at google.com>
> > > Cc: Linus Walleij <linus.walleij at linaro.org>
> > > Cc: Nathan Chancellor <nathan at kernel.org>
> > > Signed-off-by: Ard Biesheuvel <ardb at kernel.org>
> >
> > Thanks for looking into this Ard!
> > Reviewed-by: Linus Walleij <linus.walleij at linaro.org>
> >
> > Maybe tag on:
> > Fixes: 1a4fec49efe5 ("ARM: 9392/2: Support CLANG CFI")
> >
> > So it goes into the v6.10-rc:s.
> >
>
> Thanks, I've added these and pushed the result to efi/urgent.
You don't need to rebase to include it but just for the record, I tested
it as well and it resolves the crash I saw when booting under EFI in
QEMU with CONFIG_CFI_CLANG=y.
Tested-by: Nathan Chancellor <nathan at kernel.org>
Cheers,
Nathan
More information about the linux-arm-kernel
mailing list