Re: [Qemu-devel] [edk2] SetVirtualAddressMap and NX bit

[Borislav Petkov <bp@alien8.de>]

+ Matt.

On Wed, Jul 31, 2013 at 02:10:04PM +0200, Laszlo Ersek wrote:
> Just random ideas...

First of all, thanks for looking. You made me look too and find the fun
:-)

The fact that you guys didn't say "Oh yeah, we do this because... " but
simply shruggingly suggested ideas should've been enough to give me the
hint to look in our own backyard and maybe to permit the possibility of
the kernel doing something funny. And it does, indeed!

And for that you need to look at SetVirtualAddressMap() itself or
rather, how we call it:

phys_efi_set_virtual_address_map
|-> efi_call_phys_prelog
|-> efi_call_phys4(efi_phys.set_virtual_address_map
|-> efi_call_phys_epilog

Now guess what those pre- and epi- things do. Right:

efi_call_phys_prelog does early_code_mapping_set_exec(1) and
efi_call_phys_epilog does early_code_mapping_set_exec(0) and we end up
with that PTE's NX bit set:

before:
> [   47.379000] __lookup_address_in_pgd:         pte: 0x7fb12063 (0xffff88007c823b68)

after:
> [   47.393000] __lookup_address_in_pgd:         pte: 0x800000007fb12163 (0xffff88007c823b68)

What is still missing from the big picture is why the PTE in my
pagetable (not the kernel's pagetable) gets that bit set??

I mean, the EFI code is using pgd_offset_k() which looks at init_mm and
my PGD is a different one. And I guess the explanation for that would
also clarify why this doesn't happen on baremetal so probably it has
something to do with the nested page table thingy.

Oh well...

-- 
Regards/Gruss,
    Boris.

Sent from a fat crate under my desk. Formatting is fine.
--