x86/efistub: Clear decompressor BSS in native EFI entrypoint (b3810c5a) · Commits · Mirrors / git.kernel.org / pub_scm_linux_kernel_git_torvalds_linux · GitLab

Commit b3810c5a authored Mar 15, 2024 by

Ard Biesheuvel

x86/efistub: Clear decompressor BSS in native EFI entrypoint



The EFI stub on x86 no longer invokes the decompressor as a subsequent
boot stage, but calls into the decompression code directly while running
in the context of the EFI boot services.

This means that when using the native EFI entrypoint (as opposed to the
EFI handover protocol, which clears BSS explicitly), the firmware PE
image loader is being relied upon to ensure that BSS is zeroed before
the EFI stub is entered from the firmware.

As Radek's report proves, this is a bad idea. Not all loaders do this
correctly, which means some global variables that should be statically
initialized to 0x0 may have junk in them.

So clear BSS explicitly when entering via efi_pe_entry(). Note that
zeroing BSS from C code is not generally safe, but in this case, the
following assignment and dereference of a global pointer variable
ensures that the memset() cannot be deferred or reordered.

Cc: <stable@kernel.org> # v6.1+
Reported-by: Radek Podgorny <radek@podgorny.cz>
Closes: https://lore.kernel.org/all/a99a831a-8ad5-4cb0-bff9-be637311f771@podgorny.cz


Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

parent 021bc4b9

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit df7ecce8
· Mar 25, 2024

mentioned in commit df7ecce8

mentioned in commit df7ecce842b846a04d087ba85fdb79a90e26a1b0

Toggle commit list

Please register or to comment