mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-14 11:56:47 +07:00
e69176d68d
Update the allocation logic for the virtual mapping of the UEFI runtime services to start from a randomized base address if KASLR is in effect, and if the UEFI firmware exposes an implementation of EFI_RNG_PROTOCOL. This makes it more difficult to predict the location of exploitable data structures in the runtime UEFI firmware, which increases robustness against attacks. Note that these regions are only mapped during the time a runtime service call is in progress, and only on a single CPU at a time, bit given the lack of a downside, let's enable it nonetheless. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Borislav Petkov <bp@alien8.de> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Matt Fleming <matt@codeblueprint.co.uk> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: bhe@redhat.com Cc: bhsharma@redhat.com Cc: eugene@hp.com Cc: evgeny.kalugin@intel.com Cc: jhugo@codeaurora.org Cc: leif.lindholm@linaro.org Cc: linux-efi@vger.kernel.org Cc: mark.rutland@arm.com Cc: roy.franz@cavium.com Cc: rruigrok@codeaurora.org Link: http://lkml.kernel.org/r/20170404160910.28115-3-ard.biesheuvel@linaro.org Signed-off-by: Ingo Molnar <mingo@kernel.org> |
||
|---|---|---|
| .. | ||
| broadcom | ||
| efi | ||
| meson | ||
| tegra | ||
| arm_scpi.c | ||
| dcdbas.c | ||
| dcdbas.h | ||
| dell_rbu.c | ||
| dmi_scan.c | ||
| dmi-id.c | ||
| dmi-sysfs.c | ||
| edd.c | ||
| iscsi_ibft_find.c | ||
| iscsi_ibft.c | ||
| Kconfig | ||
| Makefile | ||
| memmap.c | ||
| pcdp.c | ||
| pcdp.h | ||
| psci_checker.c | ||
| psci.c | ||
| qcom_scm-32.c | ||
| qcom_scm-64.c | ||
| qcom_scm.c | ||
| qcom_scm.h | ||
| qemu_fw_cfg.c | ||
| raspberrypi.c | ||
| scpi_pm_domain.c | ||
| ti_sci.c | ||
| ti_sci.h | ||