Merge tag 'efi-fixes-for-v6.19-1' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi

torvalds · torvalds · commit b63f4a4e95d6 · 2025-12-26T13:37:11.000-08:00
Pull EFI fixes from Ard Biesheuvel:
 "A couple of fixes for EFI regressions introduced this cycle:

   - Make EDID handling in the EFI stub mixed mode safe

   - Ensure that efi_mm.user_ns has a sane value - this is needed now
     that EFI runtime calls are preemptible on arm64"

* tag 'efi-fixes-for-v6.19-1' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi:
  kthread: Warn if mm_struct lacks user_ns in kthread_use_mm()
  arm64: efi: Fix NULL pointer dereference by initializing user_ns
  efi/libstub: gop: Fix EDID support in mixed-mode
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
@@ -73,6 +73,7 @@ struct mm_struct efi_mm = {
 	MMAP_LOCK_INITIALIZER(efi_mm)
 	.page_table_lock	= __SPIN_LOCK_UNLOCKED(efi_mm.page_table_lock),
 	.mmlist			= LIST_HEAD_INIT(efi_mm.mmlist),
+	.user_ns		= &init_user_ns,
 	.cpu_bitmap		= { [BITS_TO_LONGS(NR_CPUS)] = 0},
 #ifdef CONFIG_SCHED_MM_CID
 	.mm_cid.lock		= __RAW_SPIN_LOCK_UNLOCKED(efi_mm.mm_cid.lock),
diff --git a/drivers/firmware/efi/libstub/gop.c b/drivers/firmware/efi/libstub/gop.c
@@ -513,15 +513,15 @@ efi_status_t efi_setup_graphics(struct screen_info *si, struct edid_info *edid)
 		status = efi_bs_call(handle_protocol, handle, &EFI_EDID_ACTIVE_PROTOCOL_GUID,
 				     (void **)&active_edid);
 		if (status == EFI_SUCCESS) {
-			gop_size_of_edid = active_edid->size_of_edid;
-			gop_edid = active_edid->edid;
+			gop_size_of_edid = efi_table_attr(active_edid, size_of_edid);
+			gop_edid = efi_table_attr(active_edid, edid);
 		} else {
 			status = efi_bs_call(handle_protocol, handle,
 					     &EFI_EDID_DISCOVERED_PROTOCOL_GUID,
 					     (void **)&discovered_edid);
 			if (status == EFI_SUCCESS) {
-				gop_size_of_edid = discovered_edid->size_of_edid;
-				gop_edid = discovered_edid->edid;
+				gop_size_of_edid = efi_table_attr(discovered_edid, size_of_edid);
+				gop_edid = efi_table_attr(discovered_edid, edid);
 			}
 		}
 
diff --git a/kernel/kthread.c b/kernel/kthread.c
@@ -1599,6 +1599,7 @@ void kthread_use_mm(struct mm_struct *mm)
 
 	WARN_ON_ONCE(!(tsk->flags & PF_KTHREAD));
 	WARN_ON_ONCE(tsk->mm);
+	WARN_ON_ONCE(!mm->user_ns);
 
 	/*
 	 * It is possible for mm to be the same as tsk->active_mm, but
