[PATCH v4 5/8] efi_loader: set EFI HTTP Boot download buffer as reserved

Fri, 22 Sep 2023 00:13:00 -0700 

The buffer used to download the ISO image file must be
reserved to avoid the unintended access to the image.

For PE-COFF file case, this memory reservation is done
in LoadImage Boot Service.

Signed-off-by: Masahisa Kojima <masahisa.koj...@linaro.org>
---
 include/efi_loader.h          | 2 ++
 lib/efi_loader/efi_bootmgr.c  | 5 +++++
 lib/efi_loader/efi_dt_fixup.c | 2 +-
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/include/efi_loader.h b/include/efi_loader.h
index 4a29ddaef4..c4207edc91 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -554,6 +554,8 @@ void efi_runtime_detach(void);
 /* efi_convert_pointer() - convert pointer to virtual address */
 efi_status_t EFIAPI efi_convert_pointer(efi_uintn_t debug_disposition,
                                        void **address);
+/* add reserved memory to memory map */
+void efi_reserve_memory(u64 addr, u64 size, bool nomap);
 /* Carve out DT reserved memory ranges */
 void efi_carve_out_dt_rsv(void *fdt);
 /* Purge unused kaslr-seed */
diff --git a/lib/efi_loader/efi_bootmgr.c b/lib/efi_loader/efi_bootmgr.c
index 605be5041e..4991056946 100644
--- a/lib/efi_loader/efi_bootmgr.c
+++ b/lib/efi_loader/efi_bootmgr.c
@@ -326,6 +326,11 @@ static efi_status_t try_load_from_uri_path(struct 
efi_device_path_uri *uridp,
                        return EFI_INVALID_PARAMETER;
 
                ret = load_default_file_from_blk_dev(blk, handle);
+               if (ret != EFI_SUCCESS)
+                       return ret;
+
+               /* whole ramdisk must be reserved */
+               efi_reserve_memory(image_addr, image_size, true);
        } else if (efi_check_pe((void *)image_addr, image_size, NULL) == 
EFI_SUCCESS) {
                efi_handle_t mem_handle = NULL;
                struct efi_device_path *file_path = NULL;
diff --git a/lib/efi_loader/efi_dt_fixup.c b/lib/efi_loader/efi_dt_fixup.c
index 838023c78f..edc515b9ff 100644
--- a/lib/efi_loader/efi_dt_fixup.c
+++ b/lib/efi_loader/efi_dt_fixup.c
@@ -22,7 +22,7 @@ const efi_guid_t efi_guid_dt_fixup_protocol = 
EFI_DT_FIXUP_PROTOCOL_GUID;
  * @nomap:     indicates that the memory range shall not be accessed by the
  *             UEFI payload
  */
-static void efi_reserve_memory(u64 addr, u64 size, bool nomap)
+void efi_reserve_memory(u64 addr, u64 size, bool nomap)
 {
        int type;
        efi_uintn_t ret;
-- 
2.34.1

Reply via email to