[PATCH] efi_loader: remove comparisons to string literals from runtime

Heinrich Schuchardt heinrich.schuchardt at canonical.com
Tue Feb 11 11:16:39 CET 2025 

On 11.02.25 10:49, Ilias Apalodimas wrote:
> On EFI runtime services, we manage to preserve string literals
> by placing the .efi_runtime section just before .data and preserving
> it when fixing up the runtime memory by marking surrounding boottime
> code as runtime. This is ok for now but will break if we update any
> linker scripts and decouple .text and .runtime sections.
> 
> So let's define the strings we used to compare in the stack for
> runtime services
> 
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> ---
>   lib/efi_loader/efi_var_mem.c      | 3 ++-
>   lib/efi_loader/efi_variable_tee.c | 3 ++-
>   2 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/efi_loader/efi_var_mem.c b/lib/efi_loader/efi_var_mem.c
> index b265d95dd6ba..985e0baa128d 100644
> --- a/lib/efi_loader/efi_var_mem.c
> +++ b/lib/efi_loader/efi_var_mem.c
> @@ -310,6 +310,7 @@ efi_get_variable_mem(const u16 *variable_name, const efi_guid_t *vendor,
>   {
>   	efi_uintn_t old_size;
>   	struct efi_var_entry *var;
> +	u16 vtf[] = u"VarToFile";

I cannot see why this change would influence the section where the 
string is placed.

Adding a static variable marked as __efi_runtime_data should do the job.

static __efi_runtime_data const u16 vtf[] = u"VarToFile";

Best regards

Heinrich

>   	u16 *pdata;
>   
>   	if (!variable_name || !vendor || !data_size)
> @@ -331,7 +332,7 @@ efi_get_variable_mem(const u16 *variable_name, const efi_guid_t *vendor,
>   	if (timep)
>   		*timep = var->time;
>   
> -	if (!u16_strcmp(variable_name, u"VarToFile"))
> +	if (!u16_strcmp(variable_name, vtf))
>   		return efi_var_collect_mem(data, data_size, EFI_VARIABLE_NON_VOLATILE);
>   
>   	old_size = *data_size;
> diff --git a/lib/efi_loader/efi_variable_tee.c b/lib/efi_loader/efi_variable_tee.c
> index 0d090d051dd4..8d173e58d2f7 100644
> --- a/lib/efi_loader/efi_variable_tee.c
> +++ b/lib/efi_loader/efi_variable_tee.c
> @@ -780,6 +780,7 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
>   	efi_uintn_t payload_size;
>   	efi_uintn_t name_size;
>   	u8 *comm_buf = NULL;
> +	u16 pk[] = u"PK";
>   	bool ro;
>   
>   	if (!variable_name || variable_name[0] == 0 || !vendor) {
> @@ -858,7 +859,7 @@ efi_status_t efi_set_variable_int(const u16 *variable_name,
>   	if (alt_ret != EFI_SUCCESS)
>   		goto out;
>   
> -	if (!u16_strcmp(variable_name, u"PK"))
> +	if (!u16_strcmp(variable_name, pk))
>   		alt_ret = efi_init_secure_state();
>   out:
>   	free(comm_buf);

More information about the U-Boot mailing list