date:20170904

[GIT PULL] EFI changes for v4.14

2017-09-04 Thread Ingo Molnar

Linus,

Please pull the latest efi-core-for-linus git tree from:

   git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git efi-core-for-linus

   # HEAD: 6de47a5e371f75f80544986e6c9636211a2ae8af efi/bgrt: Use efi_mem_type()

The main changes in this cycle were:

 - Transparently fall back to other poweroff method(s) if EFI poweroff fails 
(and 
   returns)

 - Use separate PE/COFF section headers for the RX and RW parts of the ARM
   stub loader so that the firmware can use strict mapping permissions

 - Add support for requesting the firmware to wipe RAM at warm reboot

 - Increase the size of the random seed obtained from UEFI so CRNG
   fast init can complete earlier

 - Update the EFI framebuffer address if it points to a BAR that gets moved
   by the PCI resource allocation code

 - Enable "reset attack mitigation" of TPM environments: this is enabled if 
   the kernel is configured with CONFIG_RESET_ATTACK_MITIGATION=y.

 - Clang related fixes

 - Misc cleanups, constification, refactoring, etc.

 Thanks,

Ingo

-->
Ard Biesheuvel (11):
  efi/arm: Don't mark ACPI reclaim memory as MEMBLOCK_NOMAP
  efi/libstub/arm64: Use hidden attribute for struct screen_info reference
  efi/libstub/arm64: Force 'hidden' visibility for section markers
  efi/libstub/arm64: Set -fpie when building the EFI stub
  efi/arm/arm64: Add missing assignment of efi.config_table
  drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
  arm/efi: Remove forbidden values from the PE/COFF header
  arm/efi: Remove pointless dummy .reloc section
  arm/efi: Replace open coded constants with symbolic ones
  arm/efi: Split zImage code and data into separate PE/COFF sections
  efi/random: Increase size of firmware supplied randomness

Arvind Yadav (3):
  firmware/dcdbas: Constify attribute_group structures
  firmware/efi: Constify attribute_group structures
  firmware/efi/esrt: Constify attribute_group structures

Colin Ian King (1):
  efi/reboot: Make function pointer orig_pm_power_off static

Hans de Goede (1):
  efi/reboot: Fall back to original power-off method if EFI_RESET_SHUTDOWN 
returns

Jan Beulich (2):
  efi: Move efi_mem_type() to common code
  efi/bgrt: Use efi_mem_type()

Matthew Garrett (1):
  efi/libstub: Enable reset attack mitigation


 arch/arm/boot/compressed/efi-header.S | 160 +++---
 arch/arm/boot/compressed/vmlinux.lds.S|  30 --
 arch/arm64/include/asm/efi.h  |   3 +
 arch/x86/boot/compressed/eboot.c  |   3 +
 arch/x86/platform/efi/efi.c   |  19 
 drivers/firmware/dcdbas.c |   2 +-
 drivers/firmware/efi/Kconfig  |  10 ++
 drivers/firmware/efi/arm-init.c   |   8 ++
 drivers/firmware/efi/efi-bgrt.c   |  22 +---
 drivers/firmware/efi/efi.c|  42 ++--
 drivers/firmware/efi/esrt.c   |   2 +-
 drivers/firmware/efi/libstub/Makefile |   3 +-
 drivers/firmware/efi/libstub/arm-stub.c   |   3 +
 drivers/firmware/efi/libstub/arm64-stub.c |  10 +-
 drivers/firmware/efi/libstub/random.c |  10 +-
 drivers/firmware/efi/libstub/tpm.c|  58 +++
 drivers/firmware/efi/reboot.c |  12 ++-
 drivers/video/fbdev/efifb.c   |  31 +++---
 include/linux/efi.h   |   9 ++
 19 files changed, 280 insertions(+), 157 deletions(-)
 create mode 100644 drivers/firmware/efi/libstub/tpm.c

diff --git a/arch/arm/boot/compressed/efi-header.S 
b/arch/arm/boot/compressed/efi-header.S
index a17ca8d78656..c94a88ae834d 100644
--- a/arch/arm/boot/compressed/efi-header.S
+++ b/arch/arm/boot/compressed/efi-header.S
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013-2015 Linaro Ltd
+ * Copyright (C) 2013-2017 Linaro Ltd
  * Authors: Roy Franz 
  *  Ard Biesheuvel 
  *
@@ -8,6 +8,9 @@
  * published by the Free Software Foundation.
  */
 
+#include 
+#include 
+
.macro  __nop
 #ifdef CONFIG_EFI_STUB
@ This is almost but not quite a NOP, since it does clobber the
@@ -15,7 +18,7 @@
@ PE/COFF expects the magic string "MZ" at offset 0, while the
@ ARM/Linux boot protocol expects an executable instruction
@ there.
-   .inst   'M' | ('Z' << 8) | (0x1310 << 16)   @ tstne r0, #0x4d000
+   .inst   MZ_MAGIC | (0x1310 << 16)   @ tstne r0, #0x4d000
 #else
  AR_CLASS( mov r0, r0  )
   M_CLASS( nop.w   )
@@ -34,96 +37,97 @@
@ The only 2 fields of the MSDOS header that are used are this
@ PE/COFF offset, and the "MZ" bytes at offset 0x0.
@
-   .long   pe_header - start   @ Offset to the PE header.
+   .long   pe_header - start   @ Offset to the PE 
header.
 
 pe_header:
-   .ascii  "PE\0\0"
+   .long   PE_MA

Re: [RFC Part1 PATCH v3 16/17] X86/KVM: Provide support to create Guest and HV shared per-CPU variables

2017-09-04 Thread Brijesh Singh


On 9/4/17 12:05 PM, Borislav Petkov wrote:
> On Fri, Sep 01, 2017 at 05:52:13PM -0500, Brijesh Singh wrote:
>>  So far, we have not seen the need for having such functions except
>> this cases. The approach we have right now works just fine and not
>> sure if its worth adding new functions.
> Then put the call to kvm_map_hv_shared_decrypted() into
> kvm_smp_prepare_boot_cpu() to denote that you're executing this whole
> stuff only once during guest init.
>
> Now you're doing additional jumping-through-hoops with that once static
> var just so you can force something which needs to execute only once but
> gets called in a per-CPU path.
>
> See what I mean?

Yes, I see your point. I will address this issue in next rev.


-Brijesh
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [RFC Part1 PATCH v3 16/17] X86/KVM: Provide support to create Guest and HV shared per-CPU variables

2017-09-04 Thread Borislav Petkov

On Fri, Sep 01, 2017 at 05:52:13PM -0500, Brijesh Singh wrote:
>  So far, we have not seen the need for having such functions except
> this cases. The approach we have right now works just fine and not
> sure if its worth adding new functions.

Then put the call to kvm_map_hv_shared_decrypted() into
kvm_smp_prepare_boot_cpu() to denote that you're executing this whole
stuff only once during guest init.

Now you're doing additional jumping-through-hoops with that once static
var just so you can force something which needs to execute only once but
gets called in a per-CPU path.

See what I mean?

> Thoughts ?
> 
> [1] Commit :7f8b7e7 x86/mm: Add support for early encryption/decryption of 
> memory

Add

[core]
abbrev = 12

to the core section of your .gitconfig.

-- 
Regards/Gruss,
Boris.

SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 
(AG Nürnberg)
-- 
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[GIT PULL] EFI changes for v4.14

Re: [RFC Part1 PATCH v3 16/17] X86/KVM: Provide support to create Guest and HV shared per-CPU variables

Re: [RFC Part1 PATCH v3 16/17] X86/KVM: Provide support to create Guest and HV shared per-CPU variables

3 matches

Site Navigation

Mail list logo

Footer information