rpms/ipxe
5
0
Fork 0
Code Issues Pull Requests Releases Activity
60ee4da580
ipxe/0003-efi-Raise-TPL-during-driver-entry-point.patch
Cole Robinson 60ee4da580 Re-enable HTTPS support, with edk2 fix included (bz 1820836) 
Signed-off-by: Cole Robinson <crobinso@redhat.com>
2020-09-15 19:28:56 -04:00

64 lines
2.2 KiB
Diff
Raw Blame History

From 82a962066fb5a41b6dc50476f8676b559ac1edcc Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@ipxe.org>
Date: Tue, 30 Jun 2020 16:32:59 +0100
Subject: [PATCH] [efi] Raise TPL during driver entry point
As per commit c89a446 ("[efi] Run at TPL_CALLBACK to protect against
UEFI timers") we expect to run at TPL_CALLBACK almost all of the time.
Various code paths rely on this assumption. Code paths that need to
temporarily lower the TPL (e.g. for entropy gathering) will restore it
to TPL_CALLBACK.
The entropy gathering code will be run during DRBG initialisation,
which happens during the call to startup(). In the case of iPXE
compiled as an EFI application this code will run within the scope of
efi_snp_claim() and so will execute at TPL_CALLBACK as expected.
In the case of iPXE compiled as an EFI driver the code will
incorrectly run at TPL_APPLICATION since there is nothing within the
EFI driver entry point that raises (and restores) the TPL. The net
effect is that a build that includes the entropy-gathering code
(e.g. a build with HTTPS enabled) will return from the driver entry
point at TPL_CALLBACK, which causes a system lockup.
Fix by raising and restoring the TPL within the EFI driver entry
point.
Debugged-by: Ignat Korchagin <ignat@cloudflare.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
(cherry picked from commit 2ae5d4338661b65c63eb5cb1a96e5b803fe7d620)
---
src/interface/efi/efidrvprefix.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/src/interface/efi/efidrvprefix.c b/src/interface/efi/efidrvprefix.c
index 4fbb19ff..a8ef6673 100644
--- a/src/interface/efi/efidrvprefix.c
+++ b/src/interface/efi/efidrvprefix.c
@@ -34,16 +34,25 @@ FILE_LICENCE ( GPL2_OR_LATER );
*/
EFI_STATUS EFIAPI _efidrv_start ( EFI_HANDLE image_handle,
EFI_SYSTEM_TABLE *systab ) {
+ EFI_BOOT_SERVICES *bs;
+ EFI_TPL saved_tpl;
EFI_STATUS efirc;
/* Initialise EFI environment */
if ( ( efirc = efi_init ( image_handle, systab ) ) != 0 )
return efirc;
+ /* Raise TPL */
+ bs = efi_systab->BootServices;
+ saved_tpl = bs->RaiseTPL ( TPL_CALLBACK );
+
/* Initialise iPXE environment */
initialise();
startup();
+ /* Restore TPL */
+ bs->RestoreTPL ( saved_tpl );
+
return 0;
}
Reference in New Issue View Git Blame Copy Permalink