Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp3188759imu; Mon, 17 Dec 2018 15:08:18 -0800 (PST) X-Google-Smtp-Source: AFSGD/XtrE1ZH/usxmdNlN9vkDwDGMdfKlJiFsTbERtn0nFj5Hu7/W4BiuuuKWR3kBckmZ2JLQXP X-Received: by 2002:a17:902:2:: with SMTP id 2mr14764336pla.228.1545088098540; Mon, 17 Dec 2018 15:08:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1545088098; cv=none; d=google.com; s=arc-20160816; b=aMIsWwfRB4Ie2qHwvQ4Q69FOe74OVI64U3z0FyMn4kSSoQPfKvElUFfNQCiGcH1vTB MP6o7GqIjFYXdORXCygy3QwYgl3pzoeoI5SXenwMP0QMuYgP/3bMIsf+YqTSwMabbmK3 44sPlQCkSHsptzSyTWJ8YR4oVGmII3NeYYAQIN/HYAwoSJvIushdWy49H+XQA3RqpH/I /l57fXDkH/y7b0VUR13bZQBAzsu8itMYWJBj8HVg5qIxvnV3acewql8a9eRj3rZy670q r/mjKNQ+4NyRMmfraHQY+DWTqB2KNRpseS8LlHSYc4wXywIDQa8R+eKHSQsfL/HumZ2Y fKow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=RtTtww2J+GCnUCdOOfNCDZywfZrp26+t2LoIbv9W3/w=; b=sgqpMqhLiRXCj4WipAdxkgW/yz8lo9+KOgO+L8dt8uuVrriIhxETkuHsyxMTx7WgnI OhNa/9prGKOMqUMaR+ArXm/VWXRIAbhjwVhSMH/Zln0Bfr9+2Fjva77aSPinaCK2KWYA djOZ8btSN9/lOMLJIALmB7vgnfxpghd9enjmFoCZEY7dnauhBYIl3/iIaftLJbjg5vtC FcjaIrbXlwS6//zwrMhCK8GbSgAoamS1Zu/bfBeKg6L568k0mY0amzKICOw6APY01+8Y cLXBZuEPtXklMN/qoHJJTOlejYrwrBSBNWYKigzuHV+YZQxtitr9rjACwi1so0bIxYWE 4ROA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PBSWepjt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s12si12013852pgh.488.2018.12.17.15.08.02; Mon, 17 Dec 2018 15:08:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PBSWepjt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388603AbeLQSLL (ORCPT + 99 others); Mon, 17 Dec 2018 13:11:11 -0500 Received: from mail-io1-f45.google.com ([209.85.166.45]:43991 "EHLO mail-io1-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732263AbeLQSLL (ORCPT ); Mon, 17 Dec 2018 13:11:11 -0500 Received: by mail-io1-f45.google.com with SMTP id l3so10679016ioc.10 for ; Mon, 17 Dec 2018 10:11:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RtTtww2J+GCnUCdOOfNCDZywfZrp26+t2LoIbv9W3/w=; b=PBSWepjtdhOkOuXXkRyafBYBnFtcmnG4Ry5qumN25JpFGmpOCp66379L9MU1I63HYO ZthhNX/m4KDplzzfZ+3xFmjQccl/Q29uewHEr1Qd5UyfK4HZJy0nWWKhiC81Whg1fO/D SFPIf1+UkIerXxbZ32h58I01tAP8giom9ZFys= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RtTtww2J+GCnUCdOOfNCDZywfZrp26+t2LoIbv9W3/w=; b=ATSu98b2wiOqgRgbwvbDxDzubg/pg+YagZlcHwK03odI6QEirLfGvXOIB1NIDjtrwT YanoaNWH1R6ETHMMAF2YWvpcbAMSkgtIqQF4Jz9APjazRwu2F3itOiqiar0yT0VrAI4c XjiaSRI7UNvmxpITQvts4f7BtXmATuvN5/ci+93haZ0R43FHJs70Dw4kq+Lq+MdtP9xb 5GPGLscu5rauuxtN6IJeVGZykgZjiQvMCVCVAKiGOTZDfSAC02hD6mbROU0y7diDMcxr QhC9oxeU1ttDkBWwi3bTBTj3MPmAecrYeCxAsUngmqzLggjkYe3y4l7bHrSltm43OXb3 Y+wg== X-Gm-Message-State: AA+aEWbOTXL7PmYXkqhrWfLCpAPBd8Q5ajtuCd5lhSE0SN6T7pc7nE6d d4TQwH7rIDx45DtDpDjZMy8/wyf+aQ2yj+XznaLi22FVetI= X-Received: by 2002:a6b:5d01:: with SMTP id r1mr11468580iob.170.1545070269491; Mon, 17 Dec 2018 10:11:09 -0800 (PST) MIME-Version: 1.0 References: <20181129171230.18699-6-ard.biesheuvel@linaro.org> In-Reply-To: From: Ard Biesheuvel Date: Mon, 17 Dec 2018 19:10:58 +0100 Message-ID: Subject: Re: [tip:efi/core] x86/efi: Unmap EFI boot services code/data regions from efi_pgd To: "Prakhya, Sai Praneeth" Cc: Ingo Molnar , "tglx@linutronix.de" , "x86@kernel.org" , "bp@alien8.de" , "marc.zyngier@arm.com" , "eric.snowberg@oracle.com" , "hdegoede@redhat.com" , "Hansen, Dave" , "peterz@infradead.org" , "hpa@zytor.com" , "arend.vanspriel@broadcom.com" , "julien.thierry@arm.com" , "bhsharma@redhat.com" , "jonathanh@nvidia.com" , "joe@perches.com" , "matt@codeblueprint.co.uk" , "torvalds@linux-foundation.org" , "natechancellor@gmail.com" , "luto@kernel.org" , "linux-kernel@vger.kernel.org" , "sedat.dilek@gmail.com" , "zhuyifei1999@gmail.com" , "linux-tip-commits@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 17 Dec 2018 at 19:06, Prakhya, Sai Praneeth wrote: > > > Commit-ID: 08cfb38f3ef49cfd1bba11a00401451606477d80 > > Gitweb: > > https://git.kernel.org/tip/08cfb38f3ef49cfd1bba11a00401451606477d80 > > Author: Sai Praneeth Prakhya > > AuthorDate: Thu, 29 Nov 2018 18:12:24 +0100 > > Committer: Ingo Molnar > > CommitDate: Fri, 30 Nov 2018 09:10:30 +0100 > > > > x86/efi: Unmap EFI boot services code/data regions from efi_pgd > > > > efi_free_boot_services(), as the name suggests, frees EFI boot services > > code/data regions but forgets to unmap these regions from efi_pgd. This means > > that any code that's running in efi_pgd address space (e.g: > > any EFI runtime service) would still be able to access these regions but the > > contents of these regions would have long been over written by someone else. > > So, it's important to unmap these regions. Hence, introduce efi_unmap_pages() > > to unmap these regions from efi_pgd. > > > > After unmapping EFI boot services code/data regions, any illegal access by > > buggy firmware to these regions would result in page fault which will be handled > > by EFI specific fault handler. > > Hi Thomas and Ingo, > > I recently noticed that the below commits [1] and [2] are broken when kernel command line > argument "efi=old_map" is passed. Sorry! I missed to test this condition prior to sending > these patches to mailing list. I am working on a fix and will send it to mailing list as > soon as it's ready. > Could you elaborate on the problem please? > Meanwhile, could you please drop these patches before sending pull request to Linus? > > [1] Commit 08cfb38f3ef4 ("x86/efi: Unmap EFI boot services code/data regions from efi_pgd") > [2] Commit 7e0dabd3010d ("x86/mm/pageattr: Introduce helper function to unmap EFI boot services") > I'd like to understand what the issue is before we drop anything.