tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

efi/libstub: Add limit argument to efi_random_alloc()

x86 will need to limit the kernel memory allocation to the lowest 512
MiB of memory, to match the behavior of the existing bare metal KASLR
physical randomization logic. So in preparation for that, add a limit
parameter to efi_random_alloc() and wire it up.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20230807162720.545787-22-ardb@kernel.org

authored by

Ard Biesheuvel and committed by
Borislav Petkov (AMD) bc5ddcef 83381519

+9 -7
+1 -1
drivers/firmware/efi/libstub/arm64-stub.c
··· 106 106 */ 107 107 status = efi_random_alloc(*reserve_size, min_kimg_align, 108 108 reserve_addr, phys_seed, 109 - EFI_LOADER_CODE); 109 + EFI_LOADER_CODE, EFI_ALLOC_LIMIT); 110 110 if (status != EFI_SUCCESS) 111 111 efi_warn("efi_random_alloc() failed: 0x%lx\n", status); 112 112 } else {
+1 -1
drivers/firmware/efi/libstub/efistub.h
··· 956 956 957 957 efi_status_t efi_random_alloc(unsigned long size, unsigned long align, 958 958 unsigned long *addr, unsigned long random_seed, 959 - int memory_type); 959 + int memory_type, unsigned long alloc_limit); 960 960 961 961 efi_status_t efi_random_get_seed(void); 962 962
+6 -4
drivers/firmware/efi/libstub/randomalloc.c
··· 16 16 */ 17 17 static unsigned long get_entry_num_slots(efi_memory_desc_t *md, 18 18 unsigned long size, 19 - unsigned long align_shift) 19 + unsigned long align_shift, 20 + u64 alloc_limit) 20 21 { 21 22 unsigned long align = 1UL << align_shift; 22 23 u64 first_slot, last_slot, region_end; ··· 30 29 return 0; 31 30 32 31 region_end = min(md->phys_addr + md->num_pages * EFI_PAGE_SIZE - 1, 33 - (u64)EFI_ALLOC_LIMIT); 32 + alloc_limit); 34 33 if (region_end < size) 35 34 return 0; 36 35 ··· 55 54 unsigned long align, 56 55 unsigned long *addr, 57 56 unsigned long random_seed, 58 - int memory_type) 57 + int memory_type, 58 + unsigned long alloc_limit) 59 59 { 60 60 unsigned long total_slots = 0, target_slot; 61 61 unsigned long total_mirrored_slots = 0; ··· 78 76 efi_memory_desc_t *md = (void *)map->map + map_offset; 79 77 unsigned long slots; 80 78 81 - slots = get_entry_num_slots(md, size, ilog2(align)); 79 + slots = get_entry_num_slots(md, size, ilog2(align), alloc_limit); 82 80 MD_NUM_SLOTS(md) = slots; 83 81 total_slots += slots; 84 82 if (md->attribute & EFI_MEMORY_MORE_RELIABLE)
+1 -1
drivers/firmware/efi/libstub/zboot.c
··· 119 119 } 120 120 121 121 status = efi_random_alloc(alloc_size, min_kimg_align, &image_base, 122 - seed, EFI_LOADER_CODE); 122 + seed, EFI_LOADER_CODE, EFI_ALLOC_LIMIT); 123 123 if (status != EFI_SUCCESS) { 124 124 efi_err("Failed to allocate memory\n"); 125 125 goto free_cmdline;