[PATCH v2 3/4] efi_loader: Move device-removal later in exit-boot-services

Simon Glass sjg at chromium.org
Mon Apr 7 03:35:09 CEST 2025 

This removal should be the last thing done, so that U-Boot does no more
memory allocations afterwards, thus avoiding potentially allocating
memory which has been freed by a device that fails to de-activate its
DMA.

Of course, devices should be marked with DM_FLAG_ACTIVE_DMA or
DM_FLAG_OS_PREPARE but this change is good practice, in any case.

It also matches the code in announce_and_cleanup(), which we should at
some point unify with EFI_LOADER

So move the code and add a comment.

Note that the TCG2 log is updated after this call, but I cannot see any
allocations there.

Reported-by: Christian Kohlschütter <christian at kohlschutter.com>
Link: https://lore.kernel.org/u-boot/C101B675-EEE6-44CB-8A44-83F72182FBD6@kohlschutter.com/

Signed-off-by: Simon Glass <sjg at chromium.org>
---

(no changes since v1)

 lib/efi_loader/efi_boottime.c | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/lib/efi_loader/efi_boottime.c b/lib/efi_loader/efi_boottime.c
index ffe43accd1e..e525662f82f 100644
--- a/lib/efi_loader/efi_boottime.c
+++ b/lib/efi_loader/efi_boottime.c
@@ -2250,14 +2250,6 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
 			list_del(&evt->link);
 	}
 
-	if (!efi_st_keep_devices) {
-		bootm_disable_interrupts();
-		if (IS_ENABLED(CONFIG_USB_DEVICE))
-			udc_disconnect();
-		board_quiesce_devices();
-		dm_remove_devices_active();
-	}
-
 	/* Patch out unsupported runtime function */
 	efi_runtime_detach();
 
@@ -2279,6 +2271,19 @@ static efi_status_t EFIAPI efi_exit_boot_services(efi_handle_t image_handle,
 	/* Give the payload some time to boot */
 	efi_set_watchdog(0);
 	schedule();
+
+	/*
+	 * this should be the last thing done, to avoid memory allocations
+	 * between removing devices and the OS taking over
+	 */
+	if (!efi_st_keep_devices) {
+		bootm_disable_interrupts();
+		if (IS_ENABLED(CONFIG_USB_DEVICE))
+			udc_disconnect();
+		board_quiesce_devices();
+		dm_remove_devices_active();
+	}
+
 out:
 	if (IS_ENABLED(CONFIG_EFI_TCG2_PROTOCOL)) {
 		if (ret != EFI_SUCCESS)
-- 
2.43.0

More information about the U-Boot mailing list