• Sai Praneeth Prakhya's avatar
    x86/efi: Unmap EFI boot services code/data regions from efi_pgd · 08cfb38f
    Sai Praneeth Prakhya authored
    efi_free_boot_services(), as the name suggests, frees EFI boot services
    code/data regions but forgets to unmap these regions from efi_pgd. This
    means that any code that's running in efi_pgd address space (e.g:
    any EFI runtime service) would still be able to access these regions but
    the contents of these regions would have long been over written by
    someone else. So, it's important to unmap these regions. Hence,
    introduce efi_unmap_pages() to unmap these regions from efi_pgd.
    After unmapping EFI boot services code/data regions, any illegal access
    by buggy firmware to these regions would result in page fault which will
    be handled by EFI specific fault handler.
    Signed-off-by: default avatarSai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
    Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
    Acked-by: default avatarThomas Gleixner <tglx@linutronix.de>
    Cc: Andy Lutomirski <luto@kernel.org>
    Cc: Arend van Spriel <arend.vanspriel@broadcom.com>
    Cc: Bhupesh Sharma <bhsharma@redhat.com>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Dave Hansen <dave.hansen@intel.com>
    Cc: Eric Snowberg <eric.snowberg@oracle.com>
    Cc: Hans de Goede <hdegoede@redhat.com>
    Cc: Joe Perches <joe@perches.com>
    Cc: Jon Hunter <jonathanh@nvidia.com>
    Cc: Julien Thierry <julien.thierry@arm.com>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Marc Zyngier <marc.zyngier@arm.com>
    Cc: Matt Fleming <matt@codeblueprint.co.uk>
    Cc: Nathan Chancellor <natechancellor@gmail.com>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Sedat Dilek <sedat.dilek@gmail.com>
    Cc: YiFei Zhu <zhuyifei1999@gmail.com>
    Cc: linux-efi@vger.kernel.org
    Link: http://lkml.kernel.org/r/20181129171230.18699-6-ard.biesheuvel@linaro.org
    Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>