Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp649154imd;
        Fri, 26 Oct 2018 14:41:36 -0700 (PDT)
X-Google-Smtp-Source: AJdET5fJ5UnEL+MU0nkyuJVz2Gel9gXDpNH2sPuEgwPhj9qka/QjQytd8u4PK5W5xvwczSsNXn7i
X-Received: by 2002:a17:902:20c9:: with SMTP id v9-v6mr5167979plg.156.1540590096614;
        Fri, 26 Oct 2018 14:41:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1540590096; cv=none;
        d=google.com; s=arc-20160816;
        b=XCg0zqma7B+45eS6yH2S+4f1g1cEUcZjCxkepaPu8nZBneWOHoW7iYeM0kANc9MvFJ
         5STLLCy5qmXh0AWQTkaJhHbQnRQz1r6AIDlAEXxWNr2Vm6P5iPVH2TwuP1KQIizLCg3/
         juuaTzKEYKcSBxc+I1f+3RSezZmNiEa3vVEkD3CTMHC5raEgFh4QmsRfqUEmXrF0evIE
         kPS64TMUkZjrIOVVpCKgybfIyjJBWnWecEoqj4dEotljg4hvjPxc1yWjQofIblFjem1o
         f9d6qP6g6c6n6ysljDoKqqAaLHu8XmOslffbIi0dU6wTn17wNeYS+7mLrZDeRyWZQCAq
         A3mQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from;
        bh=aaCBwctjD/20MaQ3Jm1YEgTqV3ElhdKH+p0ZDSktfcg=;
        b=SbriEpzcmEiYmXMz+KxgLgWeUg71CszX4Y8wHVH68An7AKdAzH5DYVxlx69RUtZHfV
         5vqPK6cE4Wm1snamMLP/eEyvg4U1Wt2bIQd9cg4S7XiR6yJ2KtR65Sv2ad3HhcOmYb/a
         AWdBpWrhr/HIac6od0xNo//e7q/sAjFLvmEjDEzI4cixXWtMvkQK3o9/HneJ0blEiT7p
         1zFAQXvpIj6AUDO1dI9BRdu7eIeb+iJccX1O6kzanoVhyHLaKkzEGtM/7P+PDo1gkpDJ
         QlHfOTEAKD6g61zV8IO6NOCGbwE/yIEAr8ML29zE/C1zyLAflOokQ8rWfs2ItnVU7cPh
         XoVg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id k21-v6si12594991pgj.381.2018.10.26.14.41.21;
        Fri, 26 Oct 2018 14:41:36 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728398AbeJ0GS7 (ORCPT <rfc822;utfcpqpk@gmail.com> + 99 others);
        Sat, 27 Oct 2018 02:18:59 -0400
Received: from mga06.intel.com ([134.134.136.31]:25644 "EHLO mga06.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1725782AbeJ0GS7 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 27 Oct 2018 02:18:59 -0400
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Oct 2018 14:40:19 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.54,429,1534834800"; 
   d="scan'208";a="91559240"
Received: from sai-dev-mach.sc.intel.com ([143.183.140.153])
  by FMSMGA003.fm.intel.com with ESMTP; 26 Oct 2018 14:40:19 -0700
From:   Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
To:     linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org,
        x86@kernel.org
Cc:     Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>,
        Borislav Petkov <bp@alien8.de>, Ingo Molnar <mingo@kernel.org>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@intel.com>,
        Bhupesh Sharma <bhsharma@redhat.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Peter Zijlstra <peterz@infradead.org>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>
Subject: [PATCH V2 0/2] Unmap EFI boot services code/data regions after boot.
Date:   Fri, 26 Oct 2018 14:38:43 -0700
Message-Id: <20181026213845.28166-1-sai.praneeth.prakhya@intel.com>
X-Mailer: git-send-email 2.19.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

CC'ing x86 folks because this patch touches x86/mm which I am no expert of.

[Copied from Patch 1]
Ideally, after kernel assumes control of the platform, firmware shouldn't access
EFI boot services code/data regions. But, it's noticed that this is not so true
in many x86 platforms. Hence, during boot, kernel reserves EFI boot services
code/data regions [1] and maps [2] them to efi_pgd so that call to
set_virtual_address_map() doesn't fail. After returning from
set_virtual_address_map(), kernel frees the reserved regions [3] but they still
remain mapped.

This means that any code that's running in efi_pgd address space (e.g: any EFI
runtime service) would still be able to access EFI boot services code/data
regions but the contents of these regions would have long been over written by
someone else as they are freed by efi_free_boot_services(). So, it's important
to unmap these regions. After unmapping EFI boot services code/data regions, any
illegal access by buggy firmware to these regions would result in page fault
which will be handled by efi specific fault handler.

Unmapping EFI boot services code/data regions will result in clearing
PAGE_PRESENT bit and it shouldn't bother L1TF cases because it's already handled
by protnone_mask() at arch/x86/include/asm/pgtable-invert.h.

[1] Please see efi_reserve_boot_services()
[2] Please see efi_map_region() -> __map_region()
[3] Please see efi_free_boot_services()

Testing the patch set:
----------------------
1. Download buggy firmware (which accesses boot regions even after kernel has
booted) from here [1].
2. Without the patch set, you shouldn't see any kernel warning/error messages
(i.e. kernel allows accesses to EFI boot services code/data regions even after
call to set_virtual_address_map()).
3. With the patch set, you should see a kernel warning about buggy firmware,
efi_rts_wq beeing freezed and disabling runtime services forever.

Please note that this patch will change kernel's existing behavior for some EFI
runtime services but I think it's OK because kernel should have never allowed
those accesses in the first place.

Also please note that this patch set needs lot of real time trashing as I just
tested it out with OVMF.

Note:
-----
Patch set based on "next" branch in efi tree.

Changes from V1 -> v2:
----------------------
1. Rewrite the cpa initializer in a more readable fashion.
2. Don't use cpa->pfn while unmapping, as it's not useful.
3. Unmap regions before freeing them up.
4. Fix spelling nits.

Sai Praneeth (2):
  x86/efi: Unmap EFI boot services code/data regions from efi_pgd
  x86/efi: Move efi_<reserve/free>_boot_services() to arch/x86

 arch/x86/include/asm/efi.h           |  2 ++
 arch/x86/include/asm/pgtable_types.h |  2 ++
 arch/x86/mm/pageattr.c               | 26 ++++++++++++++++++++++++++
 arch/x86/platform/efi/efi.c          |  2 ++
 arch/x86/platform/efi/quirks.c       | 25 +++++++++++++++++++++++++
 include/linux/efi.h                  |  3 ---
 init/main.c                          |  4 ----
 7 files changed, 57 insertions(+), 7 deletions(-)

Signed-off-by: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Bhupesh Sharma <bhsharma@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>

-- 
2.19.1