x86/efi: Re-disable interrupts after calling firmware services

Some firmware appears to enable interrupts during boot service calls,
even if we've explicitly disabled them prior to the call. This is
actually allowed per the UEFI spec because boottime services expect to
be called with interrupts enabled.

So that's fine, we just need to ensure that we disable them again in
efi_enter32() before switching to a 64-bit GDT, otherwise an interrupt
may fire causing a 32-bit IRQ handler to run after we've left
compatibility mode.

Despite efi_enter32() being called both for boottime and runtime
services, this really only affects boottime because the runtime services
callchain is executed with interrupts disabled. See efi_thunk().
Signed-off-by: NMatt Fleming <matt.fleming@intel.com>

arch/x86/platform/efi/efi_stub_64.S

@@ -261,6 +261,12 @@ ENTRY(efi_enter32)
 	/* We must preserve return value */
 	movl	%eax, %edi
 
+	/*
+	 * Some firmware will return with interrupts enabled. Be sure to
+	 * disable them before we switch GDTs.
+	 */
+	cli
+
 	movl	44(%esp), %eax
 	movl	%eax, 2(%eax)
 	lgdtl	(%eax)