From patchwork Thu Jul 27 12:04:18 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Rob Clark X-Patchwork-Id: 794360 X-Patchwork-Delegate: agraf@suse.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.denx.de (client-ip=81.169.180.215; helo=lists.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="rkZcWlOn"; dkim-atps=neutral Received: from lists.denx.de (dione.denx.de [81.169.180.215]) by ozlabs.org (Postfix) with ESMTP id 3xJ9fY0hpBz9s3T for ; Thu, 27 Jul 2017 22:05:41 +1000 (AEST) Received: by lists.denx.de (Postfix, from userid 105) id B5F8AC21E1E; Thu, 27 Jul 2017 12:05:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.denx.de (localhost [IPv6:::1]) by lists.denx.de (Postfix) with ESMTP id 81583C21FC2; Thu, 27 Jul 2017 12:04:40 +0000 (UTC) Received: by lists.denx.de (Postfix, from userid 105) id 78D22C21F56; Thu, 27 Jul 2017 12:04:31 +0000 (UTC) Received: from mail-qk0-f195.google.com (mail-qk0-f195.google.com [209.85.220.195]) by lists.denx.de (Postfix) with ESMTPS id E7F68C21F56 for ; Thu, 27 Jul 2017 12:04:27 +0000 (UTC) Received: by mail-qk0-f195.google.com with SMTP id a77so705814qkb.2 for ; Thu, 27 Jul 2017 05:04:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=JtuMf7ILoE7c2gvxMPhCkdG04Ms93MyMuLqPlr7wBho=; b=rkZcWlOnTvoc+CDkwOck2BE7eCyWCukgvgLksmFyfHAQxqZ01bICJssk53CEgA3UcW PsngqUwxsDJJ2SJ0a4X9yjhGxD5EFEpNl4e8IUBoDQC3yo8yvzYT6Fo2+DjCKgmOf0UD /TcxyF7X7r3Jc55L5S31gELonCopDjUr0m5g+O0di77l5wjxyPlEtbLSTb7qwKpP/5mY xWJZcnq2rvF3LqvF/xrQb7zN3DH/Q/IF8oa+SGSNej+29DC4yuDBag6p1NN9EyOSdzA5 KFHVdfFVEywNLpxhnlijNAVgW7BEeLE8EtaG5heb1k3pozzwm7x1G2AR3krqlMUFvTWE FRrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=JtuMf7ILoE7c2gvxMPhCkdG04Ms93MyMuLqPlr7wBho=; b=CFNEm2Q+k4NE6E/QjOEdisu6yhP0yGos6nI7ufxoU4OMoCvmFu+F3u8q1ftLB9gKZK 9l/wz4aB1fUJmb0v3wx0CesSNrRAYbkqL9ba5BqKATM5dUPN0RRNq3/W6fkx/L//0dHG jaHYbwDyOYKgvqlbRUcWTwTncgEzR/4xdN1IKjxj+LQl7DiDzSs16IODqsrJgq6eoXL8 qnzbDczAUTWx1S911TO+VH5GnByWtjgX2u/ZbBcrL2ExPEKd8ylfS3vX8GkSclOmR3ID XAqvOBxWIi2VO1Lq2ZL7aeMbujWfPGoTxivWjtib5/nj7C+qhainGygeCbKMh5FjbTD6 wwpQ== X-Gm-Message-State: AIVw1119tyA6F37paPOozjwisZ/qsUyiV6uQsSO4JupFcvGln1yJiTv/ vgn3BUcu/h8E+QCLoTk= X-Received: by 10.55.16.161 with SMTP id 33mr5451506qkq.312.1501157066593; Thu, 27 Jul 2017 05:04:26 -0700 (PDT) Received: from localhost ([144.121.20.162]) by smtp.gmail.com with ESMTPSA id q68sm13072143qkf.1.2017.07.27.05.04.25 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 27 Jul 2017 05:04:25 -0700 (PDT) From: Rob Clark To: U-Boot Mailing List Date: Thu, 27 Jul 2017 08:04:18 -0400 Message-Id: <20170727120419.32186-3-robdclark@gmail.com> X-Mailer: git-send-email 2.13.0 In-Reply-To: <20170727120419.32186-1-robdclark@gmail.com> References: <20170727120419.32186-1-robdclark@gmail.com> Subject: [U-Boot] [PATCH 3/4] efi_loader: add checking for incorrect use of EFI_ENTRY/EXIT X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.18 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" Missing an EFI_ENTRY() or doubling up EFI_EXIT() leads to non-obvious crashes. Let's add some error checking. Signed-off-by: Rob Clark --- include/efi_loader.h | 17 +++++++++------- lib/efi_loader/efi_boottime.c | 45 +++++++++++++++++++++++++++++-------------- 2 files changed, 41 insertions(+), 21 deletions(-) diff --git a/include/efi_loader.h b/include/efi_loader.h index eb16c14b69..4262d0ac6b 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -15,11 +15,14 @@ #include +int __efi_entry_check(void); +int __efi_exit_check(void); + /* * Enter the u-boot world from UEFI: */ #define EFI_ENTRY(format, ...) do { \ - efi_restore_gd(); \ + assert(__efi_entry_check()); \ debug("EFI: Entry %s(" format ")\n", __func__, ##__VA_ARGS__); \ } while(0) @@ -29,7 +32,8 @@ #define EFI_EXIT(ret) ({ \ efi_status_t _r = ret; \ debug("EFI: Exit: %s: %u\n", __func__, (u32)(_r & ~EFI_ERROR_MASK)); \ - efi_exit_func(_r); \ + assert(__efi_exit_check()); \ + _r; \ }) /* @@ -37,9 +41,9 @@ */ #define EFI_CALL(exp) do { \ debug("EFI: Call: %s\n", #exp); \ - efi_exit_func(EFI_SUCCESS); \ + assert(__efi_exit_check()); \ exp; \ - efi_restore_gd(); \ + assert(__efi_entry_check()); \ debug("EFI: Return From: %s\n", #exp); \ } while(0) @@ -139,10 +143,9 @@ void efi_timer_check(void); void *efi_load_pe(void *efi, struct efi_loaded_image *loaded_image_info); /* Called once to store the pristine gd pointer */ void efi_save_gd(void); -/* Called from EFI_ENTRY on callback entry to put gd into the gd register */ +/* Special case handler for error/abort that just tries to dtrt to get + * back to u-boot world */ void efi_restore_gd(void); -/* Called from EFI_EXIT on callback exit to restore the gd register */ -efi_status_t efi_exit_func(efi_status_t ret); /* Call this to relocate the runtime section to an address space */ void efi_runtime_relocate(ulong offset, struct efi_mem_desc *map); /* Call this to set the current device name */ diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c index 849d229821..66137d4ff9 100644 --- a/lib/efi_loader/efi_boottime.c +++ b/lib/efi_loader/efi_boottime.c @@ -49,6 +49,30 @@ static struct efi_configuration_table __efi_runtime_data efi_conf_table[2]; static volatile void *efi_gd, *app_gd; #endif +static int entry_count; + +/* Called on every callback entry */ +int __efi_entry_check(void) +{ + int ret = entry_count++ == 0; +#ifdef CONFIG_ARM + assert(efi_gd); + assert(gd != efi_gd); + gd = efi_gd; +#endif + return ret; +} + +/* Called on every callback exit */ +int __efi_exit_check(void) +{ + int ret = --entry_count == 0; +#ifdef CONFIG_ARM + gd = app_gd; +#endif + return ret; +} + /* Called from do_bootefi_exec() */ void efi_save_gd(void) { @@ -57,30 +81,21 @@ void efi_save_gd(void) #endif } -/* Called on every callback entry */ +/* + * Special case handler for error/abort that just forces things back + * to u-boot world so we can dump out an abort msg, without any care + * about returning back to UEFI world. + */ void efi_restore_gd(void) { #ifdef CONFIG_ARM /* Only restore if we're already in EFI context */ if (!efi_gd) return; - - if (gd != efi_gd) - app_gd = gd; gd = efi_gd; #endif } -/* Called on every callback exit */ -efi_status_t efi_exit_func(efi_status_t ret) -{ -#ifdef CONFIG_ARM - gd = app_gd; -#endif - - return ret; -} - /* Low 32 bit */ #define EFI_LOW32(a) (a & 0xFFFFFFFFULL) /* High 32 bit */ @@ -733,7 +748,9 @@ static efi_status_t EFIAPI efi_start_image(efi_handle_t image_handle, return EFI_EXIT(info->exit_status); } + __efi_exit_check(); entry(image_handle, &systab); + __efi_entry_check(); /* Should usually never get here */ return EFI_EXIT(EFI_SUCCESS);