Merge tag 'efi-urgent' into x86/efi

 * Enforce CONFIG_RELOCATABLE for the x86 EFI boot stub, otherwise
   it's possible to overwrite random pieces of unallocated memory during
   kernel decompression, leading to machine resets.

Resolved Conflicts:
	arch/x86/Kconfig

Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>

6 files changed, 73 insertions, 24 deletions

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 7ea8aaaab7fc..842a5abf3aed 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1537,6 +1537,7 @@ config EFI
 config EFI_STUB
        bool "EFI stub support"
        depends on EFI && !X86_USE_3DNOW
+       select RELOCATABLE
        ---help---
           This kernel feature allows a bzImage to be loaded directly
           by EFI firmware without the use of a bootloader.
diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
index 1fdb350c4a58..16ef02596db2 100644
--- a/arch/x86/boot/header.S
+++ b/arch/x86/boot/header.S
@@ -91,10 +91,9 @@ bs_die:
 
         .section ".bsdata", "a"
 bugger_off_msg:
-        .ascii  "Direct floppy boot is not supported. "
-        .ascii  "Use a boot loader program instead.\r\n"
+        .ascii  "Use a boot loader.\r\n"
         .ascii  "\n"
-        .ascii  "Remove disk and press any key to reboot ...\r\n"
+        .ascii  "Remove disk and press any key to reboot...\r\n"
         .byte   0
 
 #ifdef CONFIG_EFI_STUB
@@ -108,7 +107,7 @@ coff_header:
 #else
         .word   0x8664                          # x86-64
 #endif
-        .word   3                               # nr_sections
+        .word   4                               # nr_sections
         .long   0                               # TimeDateStamp
         .long   0                               # PointerToSymbolTable
         .long   1                               # NumberOfSymbols
@@ -250,6 +249,25 @@ section_table:
         .word   0                               # NumberOfLineNumbers
         .long   0x60500020                      # Characteristics (section flags)
 
+        #
+        # The offset & size fields are filled in by build.c.
+        #
+        .ascii  ".bss"
+        .byte   0
+        .byte   0
+        .byte   0
+        .byte   0
+        .long   0
+        .long   0x0
+        .long   0                               # Size of initialized data
+                                                # on disk
+        .long   0x0
+        .long   0                               # PointerToRelocations
+        .long   0                               # PointerToLineNumbers
+        .word   0                               # NumberOfRelocations
+        .word   0                               # NumberOfLineNumbers
+        .long   0xc8000080                      # Characteristics (section flags)
+
 #endif /* CONFIG_EFI_STUB */
 
         # Kernel attributes; used by setup.  This is part 1 of the
diff --git a/arch/x86/boot/tools/build.c b/arch/x86/boot/tools/build.c
index 1a2f2121cada..a7661c430cd9 100644
--- a/arch/x86/boot/tools/build.c
+++ b/arch/x86/boot/tools/build.c
@@ -143,7 +143,7 @@ static void usage(void)
 
 #ifdef CONFIG_EFI_STUB
 
-static void update_pecoff_section_header(char *section_name, u32 offset, u32 size)
+static void update_pecoff_section_header_fields(char *section_name, u32 vma, u32 size, u32 datasz, u32 offset)
 {
         unsigned int pe_header;
         unsigned short num_sections;
@@ -164,10 +164,10 @@ static void update_pecoff_section_header(char *section_name, u32 offset, u32 siz
                         put_unaligned_le32(size, section + 0x8);
 
                         /* section header vma field */
-                        put_unaligned_le32(offset, section + 0xc);
+                        put_unaligned_le32(vma, section + 0xc);
 
                         /* section header 'size of initialised data' field */
-                        put_unaligned_le32(size, section + 0x10);
+                        put_unaligned_le32(datasz, section + 0x10);
 
                         /* section header 'file offset' field */
                         put_unaligned_le32(offset, section + 0x14);
@@ -179,6 +179,11 @@ static void update_pecoff_section_header(char *section_name, u32 offset, u32 siz
         }
 }
 
+static void update_pecoff_section_header(char *section_name, u32 offset, u32 size)
+{
+        update_pecoff_section_header_fields(section_name, offset, size, size, offset);
+}
+
 static void update_pecoff_setup_and_reloc(unsigned int size)
 {
         u32 setup_offset = 0x200;
@@ -203,9 +208,6 @@ static void update_pecoff_text(unsigned int text_start, unsigned int file_sz)
 
         pe_header = get_unaligned_le32(&buf[0x3c]);
 
-        /* Size of image */
-        put_unaligned_le32(file_sz, &buf[pe_header + 0x50]);
-
         /*
          * Size of code: Subtract the size of the first sector (512 bytes)
          * which includes the header.
@@ -220,6 +222,22 @@ static void update_pecoff_text(unsigned int text_start, unsigned int file_sz)
         update_pecoff_section_header(".text", text_start, text_sz);
 }
 
+static void update_pecoff_bss(unsigned int file_sz, unsigned int init_sz)
+{
+        unsigned int pe_header;
+        unsigned int bss_sz = init_sz - file_sz;
+
+        pe_header = get_unaligned_le32(&buf[0x3c]);
+
+        /* Size of uninitialized data */
+        put_unaligned_le32(bss_sz, &buf[pe_header + 0x24]);
+
+        /* Size of image */
+        put_unaligned_le32(init_sz, &buf[pe_header + 0x50]);
+
+        update_pecoff_section_header_fields(".bss", file_sz, bss_sz, 0, 0);
+}
+
 static int reserve_pecoff_reloc_section(int c)
 {
         /* Reserve 0x20 bytes for .reloc section */
@@ -259,6 +277,8 @@ static void efi_stub_entry_update(void)
 static inline void update_pecoff_setup_and_reloc(unsigned int size) {}
 static inline void update_pecoff_text(unsigned int text_start,
                                       unsigned int file_sz) {}
+static inline void update_pecoff_bss(unsigned int file_sz,
+                                     unsigned int init_sz) {}
 static inline void efi_stub_defaults(void) {}
 static inline void efi_stub_entry_update(void) {}
 
@@ -310,7 +330,7 @@ static void parse_zoffset(char *fname)
 
 int main(int argc, char ** argv)
 {
-        unsigned int i, sz, setup_sectors;
+        unsigned int i, sz, setup_sectors, init_sz;
         int c;
         u32 sys_size;
         struct stat sb;
@@ -376,7 +396,9 @@ int main(int argc, char ** argv)
         buf[0x1f1] = setup_sectors-1;
         put_unaligned_le32(sys_size, &buf[0x1f4]);
 
-        update_pecoff_text(setup_sectors * 512, sz + i + ((sys_size * 16) - sz));
+        update_pecoff_text(setup_sectors * 512, i + (sys_size * 16));
+        init_sz = get_unaligned_le32(&buf[0x260]);
+        update_pecoff_bss(i + (sys_size * 16), init_sz);
 
         efi_stub_entry_update();
 
diff --git a/drivers/firmware/efi/efi-pstore.c b/drivers/firmware/efi/efi-pstore.c
index 4b9dc836dcf9..e992abc5ef26 100644
--- a/drivers/firmware/efi/efi-pstore.c
+++ b/drivers/firmware/efi/efi-pstore.c
@@ -40,7 +40,7 @@ struct pstore_read_data {
 static inline u64 generic_id(unsigned long timestamp,
                              unsigned int part, int count)
 {
-        return (timestamp * 100 + part) * 1000 + count;
+        return ((u64) timestamp * 100 + part) * 1000 + count;
 }
 
 static int efi_pstore_read_func(struct efivar_entry *entry, void *data)
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
index 36ffa1747e84..64ecbb501c50 100644
--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
@@ -364,6 +364,7 @@ static __initdata struct {
 
 struct param_info {
         int verbose;
+        int found;
         void *params;
 };
 
@@ -371,25 +372,21 @@ static int __init fdt_find_uefi_params(unsigned long node, const char *uname,
                                        int depth, void *data)
 {
         struct param_info *info = data;
-        void *prop, *dest;
-        unsigned long len;
+        const void *prop;
+        void *dest;
         u64 val;
-        int i;
+        int i, len;
 
         if (depth != 1 ||
             (strcmp(uname, "chosen") != 0 && strcmp(uname, "chosen@0") != 0))
                 return 0;
 
-        pr_info("Getting parameters from FDT:\n");
-
         for (i = 0; i < ARRAY_SIZE(dt_params); i++) {
                 prop = of_get_flat_dt_prop(node, dt_params[i].propname, &len);
-                if (!prop) {
-                        pr_err("Can't find %s in device tree!\n",
-                               dt_params[i].name);
+                if (!prop)
                         return 0;
-                }
                 dest = info->params + dt_params[i].offset;
+                info->found++;
 
                 val = of_read_number(prop, len / sizeof(u32));
 
@@ -408,10 +405,21 @@ static int __init fdt_find_uefi_params(unsigned long node, const char *uname,
 int __init efi_get_fdt_params(struct efi_fdt_params *params, int verbose)
 {
         struct param_info info;
+        int ret;
+
+        pr_info("Getting EFI parameters from FDT:\n");
 
         info.verbose = verbose;
+        info.found = 0;
         info.params = params;
 
-        return of_scan_flat_dt(fdt_find_uefi_params, &info);
+        ret = of_scan_flat_dt(fdt_find_uefi_params, &info);
+        if (!info.found)
+                pr_info("UEFI not found.\n");
+        else if (!ret)
+                pr_err("Can't find '%s' in device tree!\n",
+                       dt_params[info.found].name);
+
+        return ret;
 }
 #endif /* CONFIG_EFI_PARAMS_FROM_FDT */
diff --git a/drivers/firmware/efi/libstub/fdt.c b/drivers/firmware/efi/libstub/fdt.c
index 86d2934840e2..a56bb3528755 100644
--- a/drivers/firmware/efi/libstub/fdt.c
+++ b/drivers/firmware/efi/libstub/fdt.c
@@ -57,7 +57,7 @@ efi_status_t update_fdt(efi_system_table_t *sys_table, void *orig_fdt,
          */
         prev = 0;
         for (;;) {
-                const char *type, *name;
+                const char *type;
                 int len;
 
                 node = fdt_next_node(fdt, prev, NULL);