From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
To: Borislav Petkov <bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org>
Cc: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Thomas Gleixner <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
"H . Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
Toshi Kani <toshi.kani-VXdhtT5mjnY@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Sai Praneeth Prakhya
<sai.praneeth.prakhya-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
Linus Torvalds
<torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Dave Jones
<davej-rdkfGonbjUTCLXcRTR1eJlpr/1R2p/CL@public.gmane.org>,
Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
Andy Lutomirski <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Denys Vlasenko <dvlasenk-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Stephen Smalley <sds-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>
Subject: Re: [PATCH 4/6] x86/efi: Hoist page table switching code into efi_call_virt()
Date: Fri, 13 Nov 2015 16:19:13 +0000 [thread overview]
Message-ID: <20151113161913.GF2716@codeblueprint.co.uk> (raw)
In-Reply-To: <20151113075943.GB23605-fF5Pk5pvG8Y@public.gmane.org>
On Fri, 13 Nov, at 08:59:43AM, Borislav Petkov wrote:
> On Thu, Nov 12, 2015 at 08:01:08PM +0000, Matt Fleming wrote:
> > > That PUSHF implicitly pushes on the stack pointed by %rsp. But(!) we
> > > have switched the pagetable (i.e., %cr3 has efi_scratch.efi_pgt) and
> > > we're pushing to the VA where the stack *was* but is not anymore.
> >
> > All the kernel mappings will still exist in the page table we switch
> > to, so pushing to the stack should be fine.
> >
> > The mappings have to exist so that the firmware can dereference
> > pointer arguments, e.g. when writing variable data to a kernel buffer.
> >
> > Or have I misunderstood your point?
> >
> > > Or maybe it is because you're copying all the PUDs. It is still not 100%
> > > clean, IMHO.
> ^^^^^^^^^^^^^^^^^
>
> I think we're on the same page - you're copying the PUDs in
> efi_sync_low_kernel_mappings() so the stack should be there.
Correct.
> > > Can you do the prolog/epilog calls inside the IRQs-off section?
> >
> > Not really because in the efi_enabled(EFI_OLD_MEMMAP) case we perform
> > kmalloc(), see commit 23a0d4e8fa6d ("efi: Disable interrupts around
> > EFI calls, not in the epilog/prolog calls").
>
> n_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT), PGDIR_SIZE);
> save_pgd = kmalloc(n_pgds * sizeof(pgd_t), GFP_KERNEL);
>
> This?
>
> That n_pgds thing is of static size so you can pre-alloc it maybe even
> once during boot and reuse it all the time when EFI_OLD_MEMMAP is
> enabled.
Well, this code is only executed once during boot anyway, for
phys_efi_set_virtual_address_map().
FYI, I'm still planning on ripping out all the EFI_OLD_MEMMAP code, as
it's getting particularly crufty.
WARNING: multiple messages have this Message-ID (diff)
From: Matt Fleming <matt@codeblueprint.co.uk>
To: Borislav Petkov <bp@alien8.de>
Cc: Ingo Molnar <mingo@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
"H . Peter Anvin" <hpa@zytor.com>, Toshi Kani <toshi.kani@hp.com>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Dave Jones <davej@codemonkey.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>,
Denys Vlasenko <dvlasenk@redhat.com>,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [PATCH 4/6] x86/efi: Hoist page table switching code into efi_call_virt()
Date: Fri, 13 Nov 2015 16:19:13 +0000 [thread overview]
Message-ID: <20151113161913.GF2716@codeblueprint.co.uk> (raw)
In-Reply-To: <20151113075943.GB23605@pd.tnic>
On Fri, 13 Nov, at 08:59:43AM, Borislav Petkov wrote:
> On Thu, Nov 12, 2015 at 08:01:08PM +0000, Matt Fleming wrote:
> > > That PUSHF implicitly pushes on the stack pointed by %rsp. But(!) we
> > > have switched the pagetable (i.e., %cr3 has efi_scratch.efi_pgt) and
> > > we're pushing to the VA where the stack *was* but is not anymore.
> >
> > All the kernel mappings will still exist in the page table we switch
> > to, so pushing to the stack should be fine.
> >
> > The mappings have to exist so that the firmware can dereference
> > pointer arguments, e.g. when writing variable data to a kernel buffer.
> >
> > Or have I misunderstood your point?
> >
> > > Or maybe it is because you're copying all the PUDs. It is still not 100%
> > > clean, IMHO.
> ^^^^^^^^^^^^^^^^^
>
> I think we're on the same page - you're copying the PUDs in
> efi_sync_low_kernel_mappings() so the stack should be there.
Correct.
> > > Can you do the prolog/epilog calls inside the IRQs-off section?
> >
> > Not really because in the efi_enabled(EFI_OLD_MEMMAP) case we perform
> > kmalloc(), see commit 23a0d4e8fa6d ("efi: Disable interrupts around
> > EFI calls, not in the epilog/prolog calls").
>
> n_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT), PGDIR_SIZE);
> save_pgd = kmalloc(n_pgds * sizeof(pgd_t), GFP_KERNEL);
>
> This?
>
> That n_pgds thing is of static size so you can pre-alloc it maybe even
> once during boot and reuse it all the time when EFI_OLD_MEMMAP is
> enabled.
Well, this code is only executed once during boot anyway, for
phys_efi_set_virtual_address_map().
FYI, I'm still planning on ripping out all the EFI_OLD_MEMMAP code, as
it's getting particularly crufty.
next prev parent reply other threads:[~2015-11-13 16:19 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-12 15:40 [GIT PULL 0/6] EFI page table isolation Matt Fleming
2015-11-12 15:40 ` [PATCH 1/6] x86/mm/pageattr: Ensure cpa->pfn only contains page frame numbers Matt Fleming
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 15:40 ` [PATCH 2/6] x86/mm/pageattr: Do not strip pte flags from cpa->pfn Matt Fleming
[not found] ` <1447342823-3612-3-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 19:28 ` Matt Fleming
2015-11-12 15:40 ` [PATCH 3/6] x86/efi: Map RAM into the identity page table for mixed mode Matt Fleming
2015-11-12 18:01 ` Borislav Petkov
2015-11-12 19:45 ` Matt Fleming
2015-11-12 15:40 ` [PATCH 4/6] x86/efi: Hoist page table switching code into efi_call_virt() Matt Fleming
[not found] ` <1447342823-3612-5-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 18:44 ` Borislav Petkov
2015-11-12 18:44 ` Borislav Petkov
2015-11-12 20:01 ` Matt Fleming
[not found] ` <20151112200108.GF2681-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-13 7:59 ` Borislav Petkov
2015-11-13 7:59 ` Borislav Petkov
[not found] ` <20151113075943.GB23605-fF5Pk5pvG8Y@public.gmane.org>
2015-11-13 16:19 ` Matt Fleming [this message]
2015-11-13 16:19 ` Matt Fleming
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 20:15 ` Matt Fleming
[not found] ` <1447342823-3612-1-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 15:40 ` [PATCH 5/6] x86/efi: Build our own page table structures Matt Fleming
2015-11-12 15:40 ` Matt Fleming
[not found] ` <1447342823-3612-6-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 18:38 ` Borislav Petkov
2015-11-12 18:38 ` Borislav Petkov
[not found] ` <20151112183813.GF3838-fF5Pk5pvG8Y@public.gmane.org>
2015-11-12 21:38 ` Matt Fleming
2015-11-12 21:38 ` Matt Fleming
2015-11-12 15:40 ` [PATCH 6/6] Documentation/x86: Update EFI memory region description Matt Fleming
2015-11-12 18:37 ` Borislav Petkov
[not found] ` <1447342823-3612-7-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-13 9:22 ` Ingo Molnar
2015-11-13 9:22 ` Ingo Molnar
2015-11-13 9:29 ` Matt Fleming
[not found] ` <20151113092906.GD2716-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-13 16:42 ` Linus Torvalds
2015-11-13 16:42 ` Linus Torvalds
[not found] ` <CA+55aFxeyspaa_VCv9fRqTpuamFD95siSx9oXp57aO3Fi=EwXw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-11-13 22:22 ` Matt Fleming
2015-11-13 22:22 ` Matt Fleming
2015-11-18 8:18 ` Ingo Molnar
2015-11-18 8:18 ` Ingo Molnar
2015-11-19 11:22 ` Matt Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151113161913.GF2716@codeblueprint.co.uk \
--to=matt-mf/unelci9gs6ibeejttw/xrex20p6io@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=bp-Gina5bIWoIWzQB+pC5nmwQ@public.gmane.org \
--cc=davej-rdkfGonbjUTCLXcRTR1eJlpr/1R2p/CL@public.gmane.org \
--cc=dvlasenk-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=sai.praneeth.prakhya-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org \
--cc=sds-+05T5uksL2qpZYMLLGbcSA@public.gmane.org \
--cc=tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org \
--cc=torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=toshi.kani-VXdhtT5mjnY@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.