arm64: efi: Execute runtime services from a dedicated stack
With the introduction of PRMT in the ACPI subsystem, the EFI rts
workqueue is no longer the only caller of efi_call_virt_pointer() in the
kernel. This means the EFI runtime services lock is no longer sufficient
to manage concurrent calls into firmware, but also that firmware calls
may occur that are not marshalled via the workqueue mechanism, but
originate directly from the caller context.
For added robustness, and to ensure that the runtime services have 8 KiB
of stack space available as per the EFI spec, introduce a spinlock
protected EFI runtime stack of 8 KiB, where the spinlock also ensures
serialization between the EFI rts workqueue (which itself serializes EFI
runtime calls) and other callers of efi_call_virt_pointer().
While at it, use the stack pivot to avoid reloading the shadow call
stack pointer from the ordinary stack, as doing so could produce a
gadget to defeat it.
Signed-off-by: 
Ard Biesheuvel <ardb@kernel.org>
Loading
-
mentioned in commit ebdbc9fb
-
mentioned in commit 2f8551e5
-
mentioned in commit e7368e83
-
mentioned in commit 9777f251
-
mentioned in commit 5ca81a89
-
mentioned in commit e4581b4f
-
mentioned in commit a5de78ed
-
mentioned in commit 492912a7
-
mentioned in commit d65cd5a5
-
mentioned in commit f11bf92b
-
mentioned in commit 043baa26
-
mentioned in commit 1119f78b
-
mentioned in commit 49bda8ff
-
mentioned in commit f0c68ea4
-
mentioned in commit 2da38e0a
-
mentioned in commit 78cfa4b4
-
mentioned in commit 12240567
-
mentioned in commit 97333255
-
mentioned in commit fbca9664
-
mentioned in commit 1b40f777
-
mentioned in commit 3946d0cc
-
mentioned in commit b2a0e11c
-
mentioned in commit a59cb2af
-
mentioned in commit 0563cf40
-
mentioned in commit 78e09ede
-
mentioned in commit ff8f337f
-
mentioned in commit 11b9a252
-
mentioned in commit fbe8b371
-
mentioned in commit ec6fe823
-
mentioned in commit 984241bd
Please sign in to comment