Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp8539100rwi;
        Tue, 25 Oct 2022 07:55:00 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM4CjrnJnQ5t85X42vGGIvcUmTRCHFk9+/lbThqnpAFunmbqTjf02mUNlDtGDPECLIR2tpb2
X-Received: by 2002:a17:90a:588a:b0:212:fa50:7dec with SMTP id j10-20020a17090a588a00b00212fa507decmr16054091pji.190.1666709700637;
        Tue, 25 Oct 2022 07:55:00 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1666709700; cv=none;
        d=google.com; s=arc-20160816;
        b=Lxqv2TB9FVG7/LK0/+Rx/QVIh6C6WixMj2TJlj9IFFF6pYFr4kqGThQpYlO3z0YxjE
         VVON8slOC1H8EGRHznTLSXFPcn+aiQ2DX5gpeRh9LeTz+fhuHusXpfe0jbn9Fu3cwGIg
         rBOSOGw5UK91OuWE0LhyvtFruLS+W14HhANSIuQp1elY8H/8xSjgHjTIDEXETbgGlr0F
         jXCMsK7cAmB18hLxjOtlt9RUb8WGiSvDP9k7NPqH1P27SVa4z/AlFd2ggQbbOLsFLCp5
         wIf1I+y4tk/GzIugfkOmAqGAYxfIGEcl4RTRqN0mnxfIipFuS4as7DqI3WL+gw1ZBWuL
         lhcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature:dkim-filter;
        bh=bLo8SKzI6m8S91IVaglgF8mOxCQMqZtqBjyc3705zno=;
        b=c/6au5crObpidh1emrPCwzyGwgm9KwxBwG1wr2JTQwdCgfwdFJPDD8pXD8VML3OPO5
         J3KvsQ4KDTST4p4hbEHkxxN2pGyuaLMJwVf4ONeLapT+R7dnUPMCv68a63K+qnFSh3Rt
         2LP5/QcNMwkHbwShnLKON3paw5Qqu6VYPCWb/V6gWfYRF1B1R62hBrCZdx1Xz1Xpp3KM
         BMnSf+6O6j2n7OYWF/JlzoD9MQDhOoVWjisNWRSKuVnzuujuitaI6ZGaNLB4dCKgcQUX
         w9LU2Ofvtqey692C+cj7y8NUwWfbC+xoNEgEjD7QbeP6gRTrePXw3wuyCyXtAKrFJD4W
         +kbg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@ispras.ru header.s=default header.b=hnuPICTq;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id e23-20020a656897000000b0045b1d6c87cfsi3464316pgt.432.2022.10.25.07.54.48;
        Tue, 25 Oct 2022 07:55:00 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@ispras.ru header.s=default header.b=hnuPICTq;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=ispras.ru
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233092AbiJYONw (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Tue, 25 Oct 2022 10:13:52 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46154 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S233035AbiJYONp (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 25 Oct 2022 10:13:45 -0400
Received: from mail.ispras.ru (mail.ispras.ru [83.149.199.84])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 232B1ABF20;
        Tue, 25 Oct 2022 07:13:34 -0700 (PDT)
Received: from localhost.localdomain (unknown [83.149.199.65])
        by mail.ispras.ru (Postfix) with ESMTPSA id 940B7419E9FC;
        Tue, 25 Oct 2022 14:13:32 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.ispras.ru 940B7419E9FC
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ispras.ru;
        s=default; t=1666707212;
        bh=bLo8SKzI6m8S91IVaglgF8mOxCQMqZtqBjyc3705zno=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=hnuPICTqGcCHyv5JohVZn/Iy9SZjGNEZ4lT4u5gTHIXacVP46flHXSp/TI/APoCPh
         QVNNlkItKMde/F2KIUv617thzrs3mC8aBhh6/PJkKhfuRudq/Lyt9x9f9pqQNQxig0
         8wuv2LrjxyIW63fwqPnglCC96nvvlLw25CLJ3wCc=
From:   Evgeniy Baskov <baskov@ispras.ru>
To:     Ard Biesheuvel <ardb@kernel.org>
Cc:     Evgeniy Baskov <baskov@ispras.ru>, Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@kernel.org>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Ingo Molnar <mingo@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Alexey Khoroshilov <khoroshilov@ispras.ru>,
        Peter Jones <pjones@redhat.com>, lvc-project@linuxtesting.org,
        x86@kernel.org, linux-efi@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: [PATCH v2 09/23] x86/boot: Remove mapping from page fault handler
Date:   Tue, 25 Oct 2022 17:12:47 +0300
Message-Id: <d028f2565984a6bd9a423d669e80fce55b6b83e9.1666705333.git.baskov@ispras.ru>
X-Mailer: git-send-email 2.37.4
In-Reply-To: <cover.1666705333.git.baskov@ispras.ru>
References: <cover.1666705333.git.baskov@ispras.ru>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
        URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

After every implicit mapping is removed, this code is no longer needed.

Remove memory mapping from page fault handler to ensure that there are
no hidden invalid memory accesses.

Signed-off-by: Evgeniy Baskov <baskov@ispras.ru>
---
 arch/x86/boot/compressed/ident_map_64.c | 26 ++++++++++---------------
 1 file changed, 10 insertions(+), 16 deletions(-)

diff --git a/arch/x86/boot/compressed/ident_map_64.c b/arch/x86/boot/compressed/ident_map_64.c
index fec795a4ce23..ba5108c58a4e 100644
--- a/arch/x86/boot/compressed/ident_map_64.c
+++ b/arch/x86/boot/compressed/ident_map_64.c
@@ -386,27 +386,21 @@ void do_boot_page_fault(struct pt_regs *regs, unsigned long error_code)
 {
 	unsigned long address = native_read_cr2();
 	unsigned long end;
-	bool ghcb_fault;
+	char *msg;
 
-	ghcb_fault = sev_es_check_ghcb_fault(address);
+	if (sev_es_check_ghcb_fault(address))
+		msg = "Page-fault on GHCB page:";
+	else
+		msg = "Unexpected page-fault:";
 
 	address   &= PMD_MASK;
 	end        = address + PMD_SIZE;
 
 	/*
-	 * Check for unexpected error codes. Unexpected are:
-	 *	- Faults on present pages
-	 *	- User faults
-	 *	- Reserved bits set
-	 */
-	if (error_code & (X86_PF_PROT | X86_PF_USER | X86_PF_RSVD))
-		do_pf_error("Unexpected page-fault:", error_code, address, regs->ip);
-	else if (ghcb_fault)
-		do_pf_error("Page-fault on GHCB page:", error_code, address, regs->ip);
-
-	/*
-	 * Error code is sane - now identity map the 2M region around
-	 * the faulting address.
+	 * Since all memory allocations are made explicit
+	 * now, every page fault at this stage is an
+	 * error and the error handler is there only
+	 * for debug purposes.
 	 */
-	kernel_add_identity_map(address, end, MAP_WRITE);
+	do_pf_error(msg, error_code, address, regs->ip);
 }
-- 
2.37.4