diff options
author | Baskov Evgeniy <baskov@ispras.ru> | 2022-03-03 17:21:20 +0300 |
---|---|---|
committer | Ard Biesheuvel <ardb@kernel.org> | 2022-05-03 16:31:28 +0300 |
commit | 82e0d6d76a2a74bd6a31141d555d53b4cc22c2a3 (patch) | |
tree | 719ed919905a1c8a7a6a0b4942ddb803df9f60e3 /drivers/firmware/efi/Kconfig | |
parent | 3ba75c1316390b2bc39c19cb8f0f85922ab3f9ed (diff) | |
download | linux-82e0d6d76a2a74bd6a31141d555d53b4cc22c2a3.tar.xz |
efi: libstub: ensure allocated memory to be executable
There are UEFI versions that restrict execution of memory regions,
preventing the kernel from booting. Parts that needs to be executable
are:
* Area used for trampoline placement.
* All memory regions that the kernel may be relocated before
and during extraction.
Use DXE services to ensure aforementioned address ranges
to be executable. Only modify attributes that does not
have appropriate attributes.
Signed-off-by: Baskov Evgeniy <baskov@ispras.ru>
Link: https://lore.kernel.org/r/20220303142120.1975-3-baskov@ispras.ru
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Diffstat (limited to 'drivers/firmware/efi/Kconfig')
-rw-r--r-- | drivers/firmware/efi/Kconfig | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/drivers/firmware/efi/Kconfig b/drivers/firmware/efi/Kconfig index f8ddd2259ba0..4720ba98cec3 100644 --- a/drivers/firmware/efi/Kconfig +++ b/drivers/firmware/efi/Kconfig @@ -91,6 +91,18 @@ config EFI_SOFT_RESERVE If unsure, say Y. +config EFI_DXE_MEM_ATTRIBUTES + bool "Adjust memory attributes in EFISTUB" + depends on EFI && EFI_STUB && X86 + default y + help + UEFI specification does not guarantee all memory to be + accessible for both write and execute as the kernel expects + it to be. + Use DXE services to check and alter memory protection + attributes during boot via EFISTUB to ensure that memory + ranges used by the kernel are writable and executable. + config EFI_PARAMS_FROM_FDT bool help |