arm64: efi: Fix KASAN false positive for EFI runtime stack

KASAN reports invalid accesses during arch_stack_walk() for EFI runtime
services due to vmalloc tagging[1]. The EFI runtime stack must be allocated
with KASAN tags reset to avoid false positives.

This patch uses arch_alloc_vmap_stack() instead of __vmalloc_node() for
EFI stack allocation, which internally calls kasan_reset_tag()

The changes ensure EFI runtime stacks are properly sanitized for KASAN
while maintaining functional consistency.

Link: https://lore.kernel.org/all/aFVVEgD0236LdrL6@gmail.com/
Suggested-by: Andrey Konovalov <andreyknvl@gmail.com>
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Reviewed-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Breno Leitao <leitao@debian.org>
Link: https://lore.kernel.org/r/20250704-arm_kasan-v2-1-32ebb4fd7607@debian.org
Signed-off-by: Will Deacon <will@kernel.org>

diff --git a/arch/arm64/kernel/efi.c b/arch/arm64/kernel/efi.c
index 3857fd7ee8d4660c257d2817dc52d1572eaf2eec..62230d6dd919ce243e96a3a1ca39a51b7f83163d 100644 (file)
--- a/arch/arm64/kernel/efi.c
+++ b/arch/arm64/kernel/efi.c
@@ -15,6 +15,7 @@
 
 #include <asm/efi.h>
 #include <asm/stacktrace.h>
+#include <asm/vmap_stack.h>
 
 static bool region_is_misaligned(const efi_memory_desc_t *md)
 {
@@ -214,9 +215,13 @@ static int __init arm64_efi_rt_init(void)
        if (!efi_enabled(EFI_RUNTIME_SERVICES))
                return 0;
 
-       p = __vmalloc_node(THREAD_SIZE, THREAD_ALIGN, GFP_KERNEL,
-                          NUMA_NO_NODE, &&l);
-l:     if (!p) {
+       if (!IS_ENABLED(CONFIG_VMAP_STACK)) {
+               clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
+               return -ENOMEM;
+       }
+
+       p = arch_alloc_vmap_stack(THREAD_SIZE, NUMA_NO_NODE);
+       if (!p) {
                pr_warn("Failed to allocate EFI runtime stack\n");
                clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
                return -ENOMEM;