Patch "x86/pti/efi: broken conversion from efi to kernel page table" has been added to the 4.9-stable tree

[<gregkh@linuxfoundation.org>]

This is a note to let you know that I've just added the patch titled

    x86/pti/efi: broken conversion from efi to kernel page table

to the 4.9-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     x86-pti-efi-broken-conversion-from-efi-to-kernel-page-table.patch
and it can be found in the queue-4.9 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>From pasha.tatashin@oracle.com  Sat Jan 13 14:16:28 2018
From: Pavel Tatashin <pasha.tatashin@oracle.com>
Date: Thu, 11 Jan 2018 16:58:20 -0500
Subject: x86/pti/efi: broken conversion from efi to kernel page table
To: steven.sistare@oracle.com, linux-kernel@vger.kernel.org, tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com, x86@kernel.org, gregkh@linuxfoundation.org, jkosina@suse.cz, hughd@google.com, dave.hansen@linux.intel.com, luto@kernel.org, torvalds@linux-foundation.org
Message-ID: <20180111215820.29736-1-pasha.tatashin@oracle.com>

From: Pavel Tatashin <pasha.tatashin@oracle.com>

The page table order must be increased for EFI table in order to avoid a
bug where NMI tries to change the page table to kernel page table, while
efi page table is active.

For more disccussion about this bug, see this thread:
http://lkml.iu.edu/hypermail/linux/kernel/1801.1/00951.html

Signed-off-by: Pavel Tatashin <pasha.tatashin@oracle.com>
Reviewed-by: Steven Sistare <steven.sistare@oracle.com>
Acked-by: Jiri Kosina <jkosina@suse.cz>
---
 arch/x86/include/asm/pgalloc.h |   11 +++++++++++
 arch/x86/platform/efi/efi_64.c |    2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

--- a/arch/x86/include/asm/pgalloc.h
+++ b/arch/x86/include/asm/pgalloc.h
@@ -27,6 +27,17 @@ static inline void paravirt_release_pud(
  */
 extern gfp_t __userpte_alloc_gfp;
 
+#ifdef CONFIG_PAGE_TABLE_ISOLATION
+/*
+ * Instead of one PGD, we acquire two PGDs.  Being order-1, it is
+ * both 8k in size and 8k-aligned.  That lets us just flip bit 12
+ * in a pointer to swap between the two 4k halves.
+ */
+#define PGD_ALLOCATION_ORDER 1
+#else
+#define PGD_ALLOCATION_ORDER 0
+#endif
+
 /*
  * Allocate and free page tables.
  */
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -142,7 +142,7 @@ int __init efi_alloc_page_tables(void)
 		return 0;
 
 	gfp_mask = GFP_KERNEL | __GFP_NOTRACK | __GFP_ZERO;
-	efi_pgd = (pgd_t *)__get_free_page(gfp_mask);
+	efi_pgd = (pgd_t *)__get_free_pages(gfp_mask, PGD_ALLOCATION_ORDER);
 	if (!efi_pgd)
 		return -ENOMEM;
 


Patches currently in stable-queue which might be from pasha.tatashin@oracle.com are

queue-4.9/x86-pti-efi-broken-conversion-from-efi-to-kernel-page-table.patch