Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp917719pxm; Thu, 3 Mar 2022 07:06:41 -0800 (PST) X-Google-Smtp-Source: ABdhPJx5jyyPeQLWDmt58iPL2BcY+GJc9tJUhWvnr0JRoueoNgKnKnxx+pFndu5VwTED7VSx/58+ X-Received: by 2002:a05:6870:32ce:b0:d9:a0ee:44b3 with SMTP id r14-20020a05687032ce00b000d9a0ee44b3mr4223664oac.142.1646320001110; Thu, 03 Mar 2022 07:06:41 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1646320001; cv=none; d=google.com; s=arc-20160816; b=EvnOqs+lhu1dGSaPmYqwNWgEN2PihMIYwMIkvgPrKZmTyHZOyE4YhIB+EIy2JuXvbl /hTkMrQqHb91SrJUmuYl6OgIw/ojE8M0m7VUG1zlrWh9Wo+C5EvIaj4dUUF+93Gw+pRi 1N6uHo1zGAOFM1CMDadB3RV5LfK+a2Oib/D6jHzAYwRAr2cPYz4oY2/AMR/2BvMoIVVQ ay/xyDLTzZufQPEzwXV8SQQhI64dAavq1Lr0+afUG6YpJll8iBatNM7NkkOmga08Bawh kEDrzOzwhZpZtiAW0LXhXtofqj9Z7ho5Nx61g6PqT//wxL5X/wxPhetHu2IN7f+JgWZY zY5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:message-id:user-agent :references:in-reply-to:subject:cc:to:from:date:mime-version; bh=A9nQ16HXlMBRiCHkx9Jg1EQ9qvnAARtvQAx0trVxyd4=; b=kahNiJ4p+sc4cxlm8aYVUnnWL71IydmDnWi+taBnsh9dMQT10pFn8b3VST6uLP6sdA gh8cBgAIFUu9/xvEKH4Me5DqdpdgoVzY4WnKHz64m0trGEg9nyKoJmgYbTrDmznegbfg yGXl8h8PF7R/HWzqnxwuRIAp/IBY3b+bVY2rp1AAQSH8/WN+Z80ckdVG/aOgh2/mbIx1 H65rUqS7qDDrPEnDYwCDI7yuZL3/e2acwa5RvRGXVOaULWYb7+NTV7eEnhdL1ohBcxcM wojHcr2kqWvhV8gXCIPMGH6Dj93rja3T7aHvjqCWA0VnvO7nak5oIyCSO/TXqCrbOJTv kMhw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s18-20020a056870e6d200b000d6f3f8d0efsi1371670oak.209.2022.03.03.07.06.23; Thu, 03 Mar 2022 07:06:41 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ispras.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233797AbiCCNnD (ORCPT + 99 others); Thu, 3 Mar 2022 08:43:03 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49208 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233820AbiCCNm6 (ORCPT ); Thu, 3 Mar 2022 08:42:58 -0500 Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D683D18A79E; Thu, 3 Mar 2022 05:42:12 -0800 (PST) Received: from mail.ispras.ru (unknown [83.149.199.84]) by mail.ispras.ru (Postfix) with ESMTPSA id C45D140D403D; Thu, 3 Mar 2022 13:42:07 +0000 (UTC) MIME-Version: 1.0 Date: Thu, 03 Mar 2022 16:42:07 +0300 From: baskov@ispras.ru To: Matthew Garrett Cc: Ard Biesheuvel , Peter Jones , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , X86 ML , linux-efi , Linux Kernel Mailing List Subject: Re: [PATCH RFC v2 0/2] Handle UEFI NX-restricted page tables In-Reply-To: <20220228183044.GA18400@srcf.ucam.org> References: <20220224154330.26564-1-baskov@ispras.ru> <20220228183044.GA18400@srcf.ucam.org> User-Agent: Roundcube Webmail/1.4.4 Message-ID: <9787f1c1948cc640e70a50e4b929f44f@ispras.ru> X-Sender: baskov@ispras.ru Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2022-02-28 21:30, Matthew Garrett wrote: > On Mon, Feb 28, 2022 at 05:45:53PM +0100, Ard Biesheuvel wrote: > >> Given that this is a workaround for a very specific issue arising on >> PI based implementations of UEFI, I consider this a quirk, and so I >> think this approach is reasonable. I'd still like to gate it on some >> kind of identification, though - perhaps something related to DMI like >> the x86 core kernel does as well. > > When the V1 patches were reviewed, you suggested allocating > EFI_LOADER_CODE rather than EFI_LOADER_DATA. The example given for a > failure case is when NxMemoryProtectionPolicy is set to 0x7fd4, in > which > case EFI_LOADER_CODE, EFI_BOOT_SERVICES_CODE and > EFI_RUNTIEM_SERVICES_CODE should not have the nx policy applied. So it > seems like your initial suggestion (s/LOADER_DATA/LOADER_CODE/) should > have worked, even if there was disagreement about whether the spec > required it to. Is this firmware applying a stricter policy? Yes, this firmware is being modified to enforce stricter policy. Also, the kernel still uses memory, that is not allocated via EFI boot services, for trampoline placement in the first 640K of address space, for which NX bit is also set. The exact address for trampoline code is chosen only after the EfiExitBootServices() call. And, I think, changing the code in such way that trampoline is allocated beforehand will touch more code paths. Thanks, Baskov Evgeniy