Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp2094754pxu; Fri, 9 Oct 2020 07:50:59 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzstLCTwoeiCtZ3i5pcROxskURQpbxFu24Dl9dnIY981q/bYF+wS5BgjKEMYDp0LCuK8SVx X-Received: by 2002:a05:6402:187:: with SMTP id r7mr14379382edv.360.1602255059216; Fri, 09 Oct 2020 07:50:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602255059; cv=none; d=google.com; s=arc-20160816; b=t6Me7L4X3NEMT6KDR7nHioq3DI8ont+VgHXYB46l5nYaa6a0DOwZz3z3KcLBQoyAfu wpx7+V+vaNm+L6qgcv0T+rfIJj7qd8pf1iAoZAaTGnlzEa9OHhN492zlzrM7/hoJCPFU yw8ny36VVoy0xK6VT6VayAaZEBumUjH2J5nRaWsS4zdEATt0de2jcAzm0/yH+gbhcYMx 01vhv8L8bNEkCCn8KwqeK0lmM7Bl74Tge2VGfuJ8XNzbf/qRpDL4JtOjIwF5xIUiGfvM ys4Nfcum+QFOAhurdF9r8akC5GOT8DRSP9set6i4NjrbeRbfdp09ahDy/A813Bh/JuRW kosQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=GTxDYECSiM/C6eD69pehYCqYkyd3mQur7Gb+UPkyDck=; b=mz0Hn1HXQbVu39nVcRAFhUHTxrbGtZ+Ls2qXOFAq+mFLjbHy2a+qNtNWkHt01NTO6i uXFeW3fW+QHXiVuZ0HnPY/CYwItGXQ8fHzxaWcx+O5cCoEox4kQjJNtzOCWnNsUpLvmi DB8UidmrKd6fxIpqr/LlqYypBqQvcdFgnmlTLvynuS5EHrCQDGQXOyjSJeCIE+swXUlz 0LXZagznDvki5TX2KGc7BoqhDnXfOKGANgJs8jn4ZBREUmIus1vGkeoG8/aOj1ZFU6+i MlNVEb8pOOwKUbDHFIVMG5BAfJImQ+kQtjbJavM0Q6i5xWtKGhh4p3OTKAfh4RJY8fKR MDHw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bu8si5920937ejb.76.2020.10.09.07.50.34; Fri, 09 Oct 2020 07:50:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388851AbgJIOtL (ORCPT + 99 others); Fri, 9 Oct 2020 10:49:11 -0400 Received: from mx2.suse.de ([195.135.220.15]:52328 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732056AbgJIOtL (ORCPT ); Fri, 9 Oct 2020 10:49:11 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.221.27]) by mx2.suse.de (Postfix) with ESMTP id 1FBAEAD73; Fri, 9 Oct 2020 14:49:09 +0000 (UTC) Date: Fri, 9 Oct 2020 16:49:07 +0200 From: Joerg Roedel To: Arvind Sankar Cc: x86@kernel.org, Borislav Petkov , linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 4/5] x86/boot/64: Explicitly map boot_params and command line Message-ID: <20201009144907.GB3302@suse.de> References: <20201008191623.2881677-1-nivedita@alum.mit.edu> <20201008191623.2881677-5-nivedita@alum.mit.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201008191623.2881677-5-nivedita@alum.mit.edu> User-Agent: Mutt/1.10.1 (2018-07-13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Oct 08, 2020 at 03:16:22PM -0400, Arvind Sankar wrote: > Commits > > ca0e22d4f011 ("x86/boot/compressed/64: Always switch to own page table") > 8570978ea030 ("x86/boot/compressed/64: Don't pre-map memory in KASLR code") > > set up a new page table in the decompressor stub, but without explicit > mappings for boot_params and the kernel command line, relying on the #PF > handler instead. > > This is fragile, as boot_params and the command line mappings are > required for the main kernel. If EARLY_PRINTK and RANDOMIZE_BASE are > disabled, a QEMU/OVMF boot never accesses the command line in the > decompressor stub, and so it never gets mapped. The main kernel accesses > it from the identity mapping if AMD_MEM_ENCRYPT is enabled, and will > crash. > > Fix this by adding back the explicit mapping of boot_params and the > command line. > > Note: the changes also removed the explicit mapping of the main kernel, > with the result that .bss and .brk may not be in the identity mapping, > but those don't get accessed by the main kernel before it switches to > its own page tables. > > Signed-off-by: Arvind Sankar > --- > arch/x86/boot/compressed/ident_map_64.c | 16 ++++++++++++++-- > 1 file changed, 14 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c > index fd957b2625e9..a3613857c532 100644 > --- a/arch/x86/boot/compressed/ident_map_64.c > +++ b/arch/x86/boot/compressed/ident_map_64.c > @@ -21,6 +21,7 @@ > > #include "error.h" > #include "misc.h" > +#include "cmdline.h" > > /* These actually do the work of building the kernel identity maps. */ > #include > @@ -109,6 +110,8 @@ static void add_identity_map(unsigned long start, unsigned long end) > /* Locates and clears a region for a new top level page table. */ > void initialize_identity_maps(void) > { > + unsigned long cmdline; > + > /* Exclude the encryption mask from __PHYSICAL_MASK */ > physical_mask &= ~sme_me_mask; > > @@ -149,10 +152,19 @@ void initialize_identity_maps(void) > } > > /* > - * New page-table is set up - map the kernel image and load it > - * into cr3. > + * New page-table is set up - map the kernel image, boot_params and the > + * command line. > + * The uncompressed kernel requires boot_params and the command line to > + * be mapped in the identity mapping. > + * Map them explicitly here in case the compressed kernel does not > + * touch them, or does not touch all the pages covering them. > */ > add_identity_map((unsigned long)_head, (unsigned long)_end); > + add_identity_map((unsigned long)boot_params, (unsigned long)(boot_params + 1)); > + cmdline = get_cmd_line_ptr(); > + add_identity_map(cmdline, cmdline + COMMAND_LINE_SIZE); > + > + /* Load the new page-table. */ > write_cr3(top_level_pgt); > } Reviewed-by: Joerg Roedel