Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3542712imu; Fri, 30 Nov 2018 02:00:16 -0800 (PST) X-Google-Smtp-Source: AFSGD/VBFZgbcYZVQKlTnnFkbInqbJ+3VXI8sC0cbmTeiM+4rVihopnua9OTpYLAPwWw+fBXkET/ X-Received: by 2002:a63:e20a:: with SMTP id q10mr3032504pgh.206.1543572016400; Fri, 30 Nov 2018 02:00:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543572016; cv=none; d=google.com; s=arc-20160816; b=EsFSNcvSndHbsk434OMVA+YVjpQm1ovVlYCaX9ex8jSxDoWQPl0LeY80vIaY8U860y nf8470F8uWOiWOn1Tn1iWJZW8PhtIRVA8cAmyV1rHQsVRZ4pIrekRkuImNn3Y2Y6kyIA sZnSAnd5MQ42K7jSvGDvuI+BGxdiUAVdhIVTB3QoInxBIxly3YzqUBxNLuQmwkkyIROC tM9HFjwehSNm11xFl9jdw7P/jawYPme3FvWPc4gnLqiJJy4MDN+uFiVWZn9b1qPoqUgr Itezno5fME1p2IPQcOGWcRgPX+uem+7lErYLSbDpgbP6ELkh4l+4SOfyEf4CJKSIYyNQ MtLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:mime-version:robot-unsubscribe:robot-id :git-commit-id:subject:to:references:in-reply-to:reply-to:cc :message-id:from:date; bh=EjWDv+4bxpycbGBGIutFqVou30kzRjK7ApGZMd+1Km4=; b=cU9sh5oQeJlLJI4bjvziqabQc3nMwfGI1H4B19CAzQLjHdoGa+cUmpFZxf1IOS7xiS kGYHdPtL7ueOJHz3NvOWFSKoASY1vrGPKsfa4Q2dnq8A8R/LXKz6o/NTGQs76m3lspsf X5ASSv1yihnlhn4FZ8gupyOQWunD1VdOiNZndZ6EWFLknPFU23OONfM/3LTBi/nsut/f RFTiobrBMnnj1zqMXZmvh+noMd2M+160eolbKRQA88GE/WyXPyDbzZZFauNxP3s+NPin 4qi7tApz0TWWQOLzh5QzN3VaciqoLcnPwfye6lHQpRMwxnRlEEOpj1kxe7qD8V5v7OIN Anlw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id bc7si4816293plb.120.2018.11.30.02.00.01; Fri, 30 Nov 2018 02:00:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727035AbeK3VIK (ORCPT + 99 others); Fri, 30 Nov 2018 16:08:10 -0500 Received: from terminus.zytor.com ([198.137.202.136]:49603 "EHLO terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726557AbeK3VIK (ORCPT ); Fri, 30 Nov 2018 16:08:10 -0500 Received: from terminus.zytor.com (localhost [127.0.0.1]) by terminus.zytor.com (8.15.2/8.15.2) with ESMTPS id wAU9wdp53261961 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 30 Nov 2018 01:58:39 -0800 Received: (from tipbot@localhost) by terminus.zytor.com (8.15.2/8.15.2/Submit) id wAU9wd9F3261958; Fri, 30 Nov 2018 01:58:39 -0800 Date: Fri, 30 Nov 2018 01:58:39 -0800 X-Authentication-Warning: terminus.zytor.com: tipbot set sender to tipbot@zytor.com using -f From: tip-bot for Sai Praneeth Prakhya Message-ID: Cc: hdegoede@redhat.com, mingo@kernel.org, bp@alien8.de, marc.zyngier@arm.com, eric.snowberg@oracle.com, sai.praneeth.prakhya@intel.com, hpa@zytor.com, julien.thierry@arm.com, arend.vanspriel@broadcom.com, bhsharma@redhat.com, dave.hansen@intel.com, peterz@infradead.org, ard.biesheuvel@linaro.org, torvalds@linux-foundation.org, jonathanh@nvidia.com, joe@perches.com, matt@codeblueprint.co.uk, linux-kernel@vger.kernel.org, luto@kernel.org, zhuyifei1999@gmail.com, sedat.dilek@gmail.com, tglx@linutronix.de, natechancellor@gmail.com Reply-To: bp@alien8.de, marc.zyngier@arm.com, eric.snowberg@oracle.com, hdegoede@redhat.com, mingo@kernel.org, dave.hansen@intel.com, peterz@infradead.org, hpa@zytor.com, sai.praneeth.prakhya@intel.com, arend.vanspriel@broadcom.com, julien.thierry@arm.com, bhsharma@redhat.com, jonathanh@nvidia.com, joe@perches.com, matt@codeblueprint.co.uk, ard.biesheuvel@linaro.org, torvalds@linux-foundation.org, natechancellor@gmail.com, luto@kernel.org, linux-kernel@vger.kernel.org, sedat.dilek@gmail.com, zhuyifei1999@gmail.com, tglx@linutronix.de In-Reply-To: <20181129171230.18699-6-ard.biesheuvel@linaro.org> References: <20181129171230.18699-6-ard.biesheuvel@linaro.org> To: linux-tip-commits@vger.kernel.org Subject: [tip:efi/core] x86/efi: Unmap EFI boot services code/data regions from efi_pgd Git-Commit-ID: 08cfb38f3ef49cfd1bba11a00401451606477d80 X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline X-Spam-Status: No, score=1.6 required=5.0 tests=ALL_TRUSTED,BAYES_00, DATE_IN_FUTURE_48_96,FREEMAIL_FORGED_REPLYTO, FREEMAIL_REPLYTO_END_DIGIT autolearn=no autolearn_force=no version=3.4.2 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on terminus.zytor.com Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Commit-ID: 08cfb38f3ef49cfd1bba11a00401451606477d80 Gitweb: https://git.kernel.org/tip/08cfb38f3ef49cfd1bba11a00401451606477d80 Author: Sai Praneeth Prakhya AuthorDate: Thu, 29 Nov 2018 18:12:24 +0100 Committer: Ingo Molnar CommitDate: Fri, 30 Nov 2018 09:10:30 +0100 x86/efi: Unmap EFI boot services code/data regions from efi_pgd efi_free_boot_services(), as the name suggests, frees EFI boot services code/data regions but forgets to unmap these regions from efi_pgd. This means that any code that's running in efi_pgd address space (e.g: any EFI runtime service) would still be able to access these regions but the contents of these regions would have long been over written by someone else. So, it's important to unmap these regions. Hence, introduce efi_unmap_pages() to unmap these regions from efi_pgd. After unmapping EFI boot services code/data regions, any illegal access by buggy firmware to these regions would result in page fault which will be handled by EFI specific fault handler. Signed-off-by: Sai Praneeth Prakhya Signed-off-by: Ard Biesheuvel Acked-by: Thomas Gleixner Cc: Andy Lutomirski Cc: Arend van Spriel Cc: Bhupesh Sharma Cc: Borislav Petkov Cc: Dave Hansen Cc: Eric Snowberg Cc: Hans de Goede Cc: Joe Perches Cc: Jon Hunter Cc: Julien Thierry Cc: Linus Torvalds Cc: Marc Zyngier Cc: Matt Fleming Cc: Nathan Chancellor Cc: Peter Zijlstra Cc: Sedat Dilek Cc: YiFei Zhu Cc: linux-efi@vger.kernel.org Link: http://lkml.kernel.org/r/20181129171230.18699-6-ard.biesheuvel@linaro.org Signed-off-by: Ingo Molnar --- arch/x86/platform/efi/quirks.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/arch/x86/platform/efi/quirks.c b/arch/x86/platform/efi/quirks.c index 95e77a667ba5..09e811b9da26 100644 --- a/arch/x86/platform/efi/quirks.c +++ b/arch/x86/platform/efi/quirks.c @@ -369,6 +369,24 @@ void __init efi_reserve_boot_services(void) } } +/* + * Apart from having VA mappings for EFI boot services code/data regions, + * (duplicate) 1:1 mappings were also created as a quirk for buggy firmware. So, + * unmap both 1:1 and VA mappings. + */ +static void __init efi_unmap_pages(efi_memory_desc_t *md) +{ + pgd_t *pgd = efi_mm.pgd; + u64 pa = md->phys_addr; + u64 va = md->virt_addr; + + if (kernel_unmap_pages_in_pgd(pgd, pa, md->num_pages)) + pr_err("Failed to unmap 1:1 mapping for 0x%llx\n", pa); + + if (kernel_unmap_pages_in_pgd(pgd, va, md->num_pages)) + pr_err("Failed to unmap VA mapping for 0x%llx\n", va); +} + void __init efi_free_boot_services(void) { phys_addr_t new_phys, new_size; @@ -393,6 +411,13 @@ void __init efi_free_boot_services(void) continue; } + /* + * Before calling set_virtual_address_map(), EFI boot services + * code/data regions were mapped as a quirk for buggy firmware. + * Unmap them from efi_pgd before freeing them up. + */ + efi_unmap_pages(md); + /* * Nasty quirk: if all sub-1MB memory is used for boot * services, we can get here without having allocated the