Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-6.5.y 2023-06-06T13:33:59Z 2023-06-06T13:33:59Z Nicholas Bishop nicholasbishop@google.com 2023-05-12T19:43:02Z urn:sha1:d0a1865cf7e2211d9227592ef4141f4632e33908 Access to the files in /sys/firmware/efi/esrt has been restricted to CAP_SYS_ADMIN since support for ESRT was added, but this seems overly restrictive given that the files are read-only and just provide information about UEFI firmware updates. Remove the CAP_SYS_ADMIN restriction so that a non-root process can read the files, provided a suitably-privileged process changes the file ownership first. The files are still read-only and still owned by root by default. Signed-off-by: Nicholas Bishop <nicholasbishop@google.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2023-05-10T17:00:52Z Thomas Weißschuh linux@weissschuh.net 2023-02-27T03:21:27Z urn:sha1:0153431c85af3d4470ac8c59a3f854a3926dff86 Since commit ee6d3dd4ed48 ("driver core: make kobj_type constant.") the driver core allows the usage of const struct kobj_type. Take advantage of this to constify the structure definition to prevent modification at runtime. Signed-off-by: Thomas Weißschuh <linux@weissschuh.net> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2023-01-23T10:33:24Z Demi Marie Obenour demi@invisiblethingslab.com 2023-01-19T19:03:59Z urn:sha1:01de145dc7fbb5e6aba98655c062908a74fa511c The ESRT can be parsed if EFI_PARAVIRT is enabled, even if EFI_MEMMAP is not. Also allow the ESRT to be in reclaimable memory, as that is where future Xen versions will put it. Reported-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Signed-off-by: Demi Marie Obenour <demi@invisiblethingslab.com> Tested-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2023-01-22T09:14:15Z Demi Marie Obenour demi@invisiblethingslab.com 2023-01-19T19:03:56Z urn:sha1:ab03e91e60ce457a90e6aa2c97ca2fa139b73f55 The ESRT code currently contains two consistency checks on the memory descriptor it obtains, but one of them is both incomplete and can only trigger on invalid descriptors. So let's drop these checks, and instead disregard descriptors entirely if the start address is misaligned, or if the number of pages reaches to or beyond the end of the address space. Note that the memory map as a whole could still be inconsistent: multiple entries might cover the same area, or the address could be outside of the addressable PA space, but validating that goes beyond the scope of these helpers. Also note that since the physical address space is never 64-bits wide, a descriptor that includes the last page of memory is not valid. This is fortunate, since it means that a valid physical address will never be an error pointer and that the length of a memory descriptor in bytes will fit in a 64-bit unsigned integer. Co-developed-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Demi Marie Obenour <demi@invisiblethingslab.com> Tested-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2022-01-06T20:19:05Z Greg Kroah-Hartman gregkh@linuxfoundation.org 2022-01-05T18:37:16Z urn:sha1:42f4046bc4ba56c6e4d2af7a9d7f70eaa563daec There are currently 2 ways to create a set of sysfs files for a kobj_type, through the default_attrs field, and the default_groups field. Move the firmware efi sysfs code to use default_groups field which has been the preferred way since aa30f47cf666 ("kobject: Add support for default attribute groups to kobj_type") so that we can soon get rid of the obsolete default_attrs field. Cc: Ard Biesheuvel <ardb@kernel.org> Cc: linux-efi@vger.kernel.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2020-06-15T12:38:56Z Qiushi Wu wu000273@umn.edu 2020-05-28T18:38:04Z urn:sha1:4ddf4739be6e375116c375f0a68bf3893ffcee21 kobject_init_and_add() takes reference even when it fails. If this function returns an error, kobject_put() must be called to properly clean up the memory associated with the object. Previous commit "b8eb718348b8" fixed a similar problem. Fixes: 0bb549052d33 ("efi: Add esrt support") Signed-off-by: Qiushi Wu <wu000273@umn.edu> Link: https://lore.kernel.org/r/20200528183804.4497-1-wu000273@umn.edu Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2020-02-23T20:57:59Z Heinrich Schuchardt xypron.glpk@gmx.de 2020-02-23T20:45:57Z urn:sha1:6d2576e4805ae26ac7a64ea1d3be28c18d5c99b5 Remove an unused variable in __init efi_esrt_init(). Simplify a logical constraint. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Link: https://lore.kernel.org/r/20200223204557.114634-1-xypron.glpk@gmx.de Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2019-11-07T14:44:04Z Dan Williams dan.j.williams@intel.com 2019-11-07T01:43:05Z urn:sha1:6950e31b35fdf4588cbbdec1813091bb02cf8871 In preparation for adding another EFI_MEMMAP dependent call that needs to occur before e820__memblock_setup() fixup the existing efi calls to check for EFI_MEMMAP internally. This ends up being cleaner than the alternative of checking EFI_MEMMAP multiple times in setup_arch(). Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com> Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Dan Williams <dan.j.williams@intel.com> Acked-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com> 2019-02-04T07:27:25Z Ard Biesheuvel ard.biesheuvel@linaro.org 2019-02-02T09:41:15Z urn:sha1:4febfb8dd08b6f8bafc19f3f9e382a477425b578 Replace all GPL license blurbs with an equivalent SPDX header (most files are GPLv2, some are GPLv2+). While at it, drop some outdated header changelogs as well. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: AKASHI Takahiro <takahiro.akashi@linaro.org> Cc: Alexander Graf <agraf@suse.de> Cc: Bjorn Andersson <bjorn.andersson@linaro.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Heinrich Schuchardt <xypron.glpk@gmx.de> Cc: Jeffrey Hugo <jhugo@codeaurora.org> Cc: Lee Jones <lee.jones@linaro.org> Cc: Leif Lindholm <leif.lindholm@linaro.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Matt Fleming <matt@codeblueprint.co.uk> Cc: Peter Jones <pjones@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Link: http://lkml.kernel.org/r/20190202094119.13230-7-ard.biesheuvel@linaro.org Signed-off-by: Ingo Molnar <mingo@kernel.org> 2018-07-17T07:15:05Z Ard Biesheuvel ard.biesheuvel@linaro.org 2018-07-16T15:25:07Z urn:sha1:61f0d55569463a1af897117ff47d202b0ccb2e24 The following commit: 7e1550b8f208 ("efi: Drop type and attribute checks in efi_mem_desc_lookup()") refactored the implementation of efi_mem_desc_lookup() so that the type check is moved to the callers, one of which is the x86 version of efi_arch_mem_reserve(), where we added a modified check that only takes EFI_BOOT_SERVICES_DATA regions into account. This is reasonable, since it is the only memory type that requires this, but doing so uncovered some unexpected behavior in the ESRT code, which permits the ESRT table to reside in other types of memory than what the UEFI spec mandates (i.e., EFI_BOOT_SERVICES_DATA), and unconditionally calls efi_mem_reserve() on the region in question. This may result in errors such as esrt: Reserving ESRT space from 0x000000009c810318 to 0x000000009c810350. efi: Failed to lookup EFI memory descriptor for 0x000000009c810318 when the ESRT table is not in EFI_BOOT_SERVICES_DATA memory, but we try to reserve it nonetheless. So make the call to efi_mem_reserve() conditional on the memory type. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Jones <pjones@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Ingo Molnar <mingo@kernel.org>