From: Matt Fleming <matt@codeblueprint.co.uk>
To: Ingo Molnar <mingo@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
"H . Peter Anvin" <hpa@zytor.com>
Cc: Toshi Kani <toshi.kani@hp.com>,
Matt Fleming <matt@codeblueprint.co.uk>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@intel.com>,
Dave Jones <davej@codemonkey.org.uk>,
Denys Vlasenko <dvlasenk@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: [GIT PULL 0/6] EFI page table isolation
Date: Thu, 12 Nov 2015 15:40:17 +0000 [thread overview]
Message-ID: <1447342823-3612-1-git-send-email-matt@codeblueprint.co.uk> (raw)
Folks,
This patch series is a response to the report that the EFI region
mappings trigger warnings when booting with CONFIG_DEBUG_WX enabled.
They allocate a new page table structure and ensure that all the
mappings we require during EFI runtime calls are only setup there.
It turns out that it still makes sense to share some page table
entries with 'swapper_pg_dir', just not the entries where we need to
allow security lax permissions. Sharing entries is useful for memory
hotplug, for example.
When writing this series I discovered a number of bugs in the existing
code that only became apparent when we stopped using 'trampoline_pgd'
which already mapped a bunch of things for us. I've put those bug
fixes at the start of the series.
Further testing would be very much appreciated as this is a
notoriously funky area of the EFI code.
The following changes since commit 2c66e24d75d424919c42288b418d2e593fa818b1:
x86/efi: Fix kernel panic when CONFIG_DEBUG_VIRTUAL is enabled (2015-10-25 10:22:25 +0000)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi.git tags/efi-next
for you to fetch changes up to 278a4c3c13f6b24f4e18aeabe4135fff7fc703d2:
Documentation/x86: Update EFI memory region description (2015-11-12 15:03:08 +0000)
----------------------------------------------------------------
* Use completely separate page tables for EFI runtime service calls
so that the security-lax mapping permissions (RWX) do not leak into
the standard kernel page tables and trigger warnings when
CONFIG_DEBUG_WX is enabled.
----------------------------------------------------------------
Matt Fleming (6):
x86/mm/pageattr: Ensure cpa->pfn only contains page frame numbers
x86/mm/pageattr: Do not strip pte flags from cpa->pfn
x86/efi: Map RAM into the identity page table for mixed mode
x86/efi: Hoist page table switching code into efi_call_virt()
x86/efi: Build our own page table structures
Documentation/x86: Update EFI memory region description
Documentation/x86/x86_64/mm.txt | 12 +--
arch/x86/include/asm/efi.h | 26 ++++++
arch/x86/mm/pageattr.c | 17 ++--
arch/x86/platform/efi/efi.c | 41 ++++-----
arch/x86/platform/efi/efi_32.c | 5 ++
arch/x86/platform/efi/efi_64.c | 174 ++++++++++++++++++++++++++++--------
arch/x86/platform/efi/efi_stub_64.S | 43 ---------
7 files changed, 193 insertions(+), 125 deletions(-)
next reply other threads:[~2015-11-12 15:40 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-12 15:40 Matt Fleming [this message]
2015-11-12 15:40 ` [PATCH 1/6] x86/mm/pageattr: Ensure cpa->pfn only contains page frame numbers Matt Fleming
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 15:40 ` [PATCH 2/6] x86/mm/pageattr: Do not strip pte flags from cpa->pfn Matt Fleming
[not found] ` <1447342823-3612-3-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 19:28 ` Matt Fleming
2015-11-12 15:40 ` [PATCH 3/6] x86/efi: Map RAM into the identity page table for mixed mode Matt Fleming
2015-11-12 18:01 ` Borislav Petkov
2015-11-12 19:45 ` Matt Fleming
2015-11-12 15:40 ` [PATCH 4/6] x86/efi: Hoist page table switching code into efi_call_virt() Matt Fleming
[not found] ` <1447342823-3612-5-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 18:44 ` Borislav Petkov
2015-11-12 20:01 ` Matt Fleming
[not found] ` <20151112200108.GF2681-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-13 7:59 ` Borislav Petkov
[not found] ` <20151113075943.GB23605-fF5Pk5pvG8Y@public.gmane.org>
2015-11-13 16:19 ` Matt Fleming
2015-11-12 18:47 ` Borislav Petkov
2015-11-12 20:15 ` Matt Fleming
[not found] ` <1447342823-3612-1-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 15:40 ` [PATCH 5/6] x86/efi: Build our own page table structures Matt Fleming
[not found] ` <1447342823-3612-6-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-12 18:38 ` Borislav Petkov
[not found] ` <20151112183813.GF3838-fF5Pk5pvG8Y@public.gmane.org>
2015-11-12 21:38 ` Matt Fleming
2015-11-12 15:40 ` [PATCH 6/6] Documentation/x86: Update EFI memory region description Matt Fleming
2015-11-12 18:37 ` Borislav Petkov
[not found] ` <1447342823-3612-7-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-13 9:22 ` Ingo Molnar
2015-11-13 9:29 ` Matt Fleming
[not found] ` <20151113092906.GD2716-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2015-11-13 16:42 ` Linus Torvalds
[not found] ` <CA+55aFxeyspaa_VCv9fRqTpuamFD95siSx9oXp57aO3Fi=EwXw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-11-13 22:22 ` Matt Fleming
2015-11-18 8:18 ` Ingo Molnar
2015-11-19 11:22 ` Matt Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1447342823-3612-1-git-send-email-matt@codeblueprint.co.uk \
--to=matt@codeblueprint.co.uk \
--cc=akpm@linux-foundation.org \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=davej@codemonkey.org.uk \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@kernel.org \
--cc=sai.praneeth.prakhya@intel.com \
--cc=sds@tycho.nsa.gov \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=toshi.kani@hp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).