Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp5362742ybv; Tue, 11 Feb 2020 14:19:30 -0800 (PST) X-Google-Smtp-Source: APXvYqwgmo5sfAK1lwHgYGLMzS/FJgtU6HxBQT/8vAQE5qJrBz2PJtml3kHh8A3mhQr7hnq/zbi2 X-Received: by 2002:a9d:7d93:: with SMTP id j19mr7217276otn.102.1581459570260; Tue, 11 Feb 2020 14:19:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581459570; cv=none; d=google.com; s=arc-20160816; b=Rm5fEjLKWDt4Q7aw7rAtWteRVDE5asP42OindQqCp1fMzvomjNCAnkKvz089jHhqhm AwMFhSunSP5rsnuO2Cra3OWAnmhEDi6R+7HSwrJo3IeM9haVN8CSEi3W1/sk4DDvUbIm SJ4ol8sn4GN0PgFQs/JrwT2Gb0NuozhH+6H9i31N3k4agHBsVI72bLvsiayRa88KYIaN NqQS/R3kFdMp8KgdMRYp5RMaI7wo7OpuikRg9iPoIWu0PJGJ9eo4c4WNc5CLBWHo2Iff dMZWhhXrXJmXT9MFBsu3+q6tgzNX7K/g70noPGv7TwrncsTQTeUOX+oKXNAUxNRZqkaV HlkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=8/dli8yTrlAayG8qRdHeSxb0oJQfykYP+7EllYlrsjI=; b=s8EG/KebqYEJGxnfsUTHUjqyMhXdGqdwukqvdanrNbPubA6Tcxxuj4hdllBDr8uq0y z5PAGMkgZye8dA3eYuepzADCwMzblH4dz6GNKLZ2knj6NS4LpFuNwXm0DF0HM3JO8NlN YsdDDLtbFX3scIQfg+mvcIOoa2mJI3PWOlsCOMrmKAB2i+/lv88B0kPaZZr9F8uCtFPb TRBQOTbKjyZM6RoFgZhqujXPj/Yu/FT+D3Kge/lu49sg6VoKAxqligEwFMSImDpk5Szi WgxadMTDQ5OTAG4gc65WkxsLuv0Enk1zxwFDMBfqMBwPrz20BjLbaktap7XDQDe6qj8Q GtFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=pNbwbbi6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m67si2307128oib.117.2020.02.11.14.19.16; Tue, 11 Feb 2020 14:19:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=pNbwbbi6; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727434AbgBKWTG (ORCPT + 99 others); Tue, 11 Feb 2020 17:19:06 -0500 Received: from mail.kernel.org ([198.145.29.99]:49962 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727054AbgBKWTF (ORCPT ); Tue, 11 Feb 2020 17:19:05 -0500 Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B40CC20842 for ; Tue, 11 Feb 2020 22:19:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1581459545; bh=BtTTbf66d4ZndImglbcpTn7JSHa69QCkwdohC6uLX1M=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=pNbwbbi6Ci2U0CegsqKkSd0uMThWVqEvNPAYsf2DpZ1yT7m/16h5w6LqKBIT55mpA THrH5gPXzGb2YyfOdKfRYRkZLwBp2YMoxW1WQvz59IVtCxpT0/OjlzQSRJE30Dp6uP Ax4QtsSW0xKQ05QmUFM/gxvOnDNW6Zv1C9MiE140= Received: by mail-wm1-f47.google.com with SMTP id p9so5745167wmc.2 for ; Tue, 11 Feb 2020 14:19:04 -0800 (PST) X-Gm-Message-State: APjAAAXNoUMYqOtNH98mgcjgxAmRBrU5XZvlq8/kuKDYkvmy0gzipFvy MuCCvSHiHrg7ac7XNyTZuQ1SbWdMImT1i1xR+L5FWA== X-Received: by 2002:a1c:3906:: with SMTP id g6mr8465912wma.49.1581459543059; Tue, 11 Feb 2020 14:19:03 -0800 (PST) MIME-Version: 1.0 References: <20200211135256.24617-1-joro@8bytes.org> <20200211135256.24617-9-joro@8bytes.org> In-Reply-To: <20200211135256.24617-9-joro@8bytes.org> From: Andy Lutomirski Date: Tue, 11 Feb 2020 14:18:52 -0800 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 08/62] x86/boot/compressed/64: Add IDT Infrastructure To: Joerg Roedel Cc: X86 ML , "H. Peter Anvin" , Andy Lutomirski , Dave Hansen , Peter Zijlstra , Thomas Hellstrom , Jiri Slaby , Dan Williams , Tom Lendacky , Juergen Gross , Kees Cook , LKML , kvm list , Linux Virtualization , Joerg Roedel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 11, 2020 at 5:53 AM Joerg Roedel wrote: > > From: Joerg Roedel > > Add code needed to setup an IDT in the early pre-decompression > boot-code. The IDT is loaded first in startup_64, which is after > EfiExitBootServices() has been called, and later reloaded when the > kernel image has been relocated to the end of the decompression area. > > This allows to setup different IDT handlers before and after the > relocation. > > diff --git a/arch/x86/boot/compressed/idt_64.c b/arch/x86/boot/compressed/idt_64.c > new file mode 100644 > index 000000000000..46ecea671b90 > --- /dev/null > +++ b/arch/x86/boot/compressed/idt_64.c > @@ -0,0 +1,43 @@ > +// SPDX-License-Identifier: GPL-2.0-only > +#include > +#include > +#include "misc.h" > + > +static void set_idt_entry(int vector, void (*handler)(void)) > +{ > + unsigned long address = (unsigned long)handler; > + gate_desc entry; > + > + memset(&entry, 0, sizeof(entry)); > + > + entry.offset_low = (u16)(address & 0xffff); > + entry.segment = __KERNEL_CS; > + entry.bits.type = GATE_TRAP; ^^^ I realize we're not running a real kernel here, but GATE_TRAP is madness. Please use GATE_INTERRUPT. > + entry.bits.p = 1; > + entry.offset_middle = (u16)((address >> 16) & 0xffff); > + entry.offset_high = (u32)(address >> 32); > + > + memcpy(&boot_idt[vector], &entry, sizeof(entry)); > +} > + > +/* Have this here so we don't need to include */ > +static void load_boot_idt(const struct desc_ptr *dtr) > +{ > + asm volatile("lidt %0"::"m" (*dtr)); > +} > + > +/* Setup IDT before kernel jumping to .Lrelocated */ > +void load_stage1_idt(void) > +{ > + boot_idt_desc.address = (unsigned long)boot_idt; > + > + load_boot_idt(&boot_idt_desc); > +} > + > +/* Setup IDT after kernel jumping to .Lrelocated */ > +void load_stage2_idt(void) > +{ > + boot_idt_desc.address = (unsigned long)boot_idt; > + > + load_boot_idt(&boot_idt_desc); > +} > diff --git a/arch/x86/boot/compressed/idt_handlers_64.S b/arch/x86/boot/compressed/idt_handlers_64.S > new file mode 100644 > index 000000000000..0b2b6cf747d2 > --- /dev/null > +++ b/arch/x86/boot/compressed/idt_handlers_64.S > @@ -0,0 +1,71 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Early IDT handler entry points > + * > + * Copyright (C) 2019 SUSE > + * > + * Author: Joerg Roedel > + */ > + > +#include > + > +.macro EXCEPTION_HANDLER name function error_code=0 > +SYM_FUNC_START(\name) > + > + /* Build pt_regs */ > + .if \error_code == 0 > + pushq $0 > + .endif cld > + > + pushq %rdi > + pushq %rsi > + pushq %rdx > + pushq %rcx > + pushq %rax > + pushq %r8 > + pushq %r9 > + pushq %r10 > + pushq %r11 > + pushq %rbx > + pushq %rbp > + pushq %r12 > + pushq %r13 > + pushq %r14 > + pushq %r15 > + > + /* Call handler with pt_regs */ > + movq %rsp, %rdi > + call \function > + > + /* Restore regs */ > + popq %r15 > + popq %r14 > + popq %r13 > + popq %r12 > + popq %rbp > + popq %rbx > + popq %r11 > + popq %r10 > + popq %r9 > + popq %r8 > + popq %rax > + popq %rcx > + popq %rdx > + popq %rsi > + popq %rdi if error_code? > + > + /* Remove error code and return */ > + addq $8, %rsp > + > + /* > + * Make sure we return to __KERNEL_CS - the CS selector on > + * the IRET frame might still be from an old BIOS GDT > + */ > + movq $__KERNEL_CS, 8(%rsp) > + If this actually happens, you have a major bug. Please sanitize all the segment registers after installing the GDT rather than hacking around it here.