[PATCH v3 0/2] Handle UEFI NX-restricted page tables

From: Baskov Evgeniy
Date: Thu Mar 03 2022 - 09:21:39 EST


UEFI specification does not guarantee all memory to executable and/or
writable. There are some firmware implementations that enforce stricter
memory protection attributes and that prevents Linux kernel from booting
normally causing page fault during boot process.

This patch uses DXE services to check and modified memory attributes
while booting via EFISTUB, in such way that memory regions used
by the kernel until extraction and are expected to be executable
have appropriate attributes.

Unlike v2 of the patch this version only modifies memory attributes
if it is really required to reduce the probability of facing firmware
bugs. "Really required" in this case means:

- DXE services table is published by EFI;
- GetMemorySpaceDescriptor() works can return descriptor(s)
of regions, where attributes modification might be required;
- EFI_MEMORY_RO or EFI_MEMORY_XP is set for these regions;
- Region describes system memory, i.e. generic RAM.

Also we cannot simply replace EFI_LOADER_DATA with EFI_LOADER_CODE
to mitigate the issue, since:

- It is not guaranteed by specification that memory allocated
with loader code type is executable. And firmware where
this issue is present is modified in such way that
memory EFI_LOADER_CODE is not executable;
- Linux still uses memory not allocated via EFI boot
services for trampoline code placement, that would
remain non-executable after replacement of EFI_LOADER_DATA with
EFI_LOADER_CODE.

Baskov Evgeniy (2):
efi: declare DXE services table
libstub: ensure allocated memory to be executable

arch/x86/include/asm/efi.h | 5 +
drivers/firmware/efi/Kconfig | 12 ++
drivers/firmware/efi/libstub/efistub.h | 74 ++++++++++++++
drivers/firmware/efi/libstub/x86-stub.c | 10 +-
include/linux/efi.h | 2
drivers/firmware/efi/libstub/x86-stub.c | 110 +++++++++++++++++++++-
6 files changed, 208 insertions(+), 5 deletions(-)