efi/libstub: arm64: Warn when efi_random_alloc() fails

ardbiesheuvel · ardbiesheuvel · commit ff80ef5bf5bd · 2021-08-03T07:43:07.000+02:00
Randomization of the physical load address of the kernel image relies on
efi_random_alloc() returning successfully, and currently, we ignore any
failures and just carry on, using the ordinary, non-randomized page
allocator routine. This means we never find out if a failure occurs,
which could harm security, so let's at least warn about this condition.

Signed-off-by: Ard Biesheuvel &lt;ardb@kernel.org&gt;
Tested-by: Benjamin Herrenschmidt &lt;benh@kernel.crashing.org&gt;
diff --git a/drivers/firmware/efi/libstub/arm64-stub.c b/drivers/firmware/efi/libstub/arm64-stub.c
@@ -130,6 +130,8 @@ efi_status_t handle_kernel_image(unsigned long *image_addr,
 		 */
 		status = efi_random_alloc(*reserve_size, min_kimg_align,
 					  reserve_addr, phys_seed);
+		if (status != EFI_SUCCESS)
+			efi_warn("efi_random_alloc() failed: 0x%lx\n", status);
 	} else {
 		status = EFI_OUT_OF_RESOURCES;
 	}

Original file line number	Diff line number	Diff line change
`@@ -130,6 +130,8 @@ efi_status_t handle_kernel_image(unsigned long *image_addr,`
`130`	`130`	`*/`
`131`	`131`	`status = efi_random_alloc(*reserve_size, min_kimg_align,`
`132`	`132`	`reserve_addr, phys_seed);`
	`133`	`+ if (status != EFI_SUCCESS)`
	`134`	`+ efi_warn("efi_random_alloc() failed: 0x%lx\n", status);`
`133`	`135`	`} else {`
`134`	`136`	`status = EFI_OUT_OF_RESOURCES;`
`135`	`137`	`}`